RubyGems - gitlab-labkit - Versions diffs - 1.19.0 → 1.20.0 - Mend

gitlab-labkit 1.19.0 → 1.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/labkit/rate_limit/evaluator.rb +6 -1
data/lib/labkit/rate_limit/metrics.rb +3 -0
data/lib/labkit/rate_limit/result.rb +2 -2
data/lib/labkit/rate_limit/rule.rb +4 -2
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cb897d7171414d685d81aa2d55930e9633a46ac6aee0bdca4f36ed34b38e307e
-  data.tar.gz: bd171795616da76cf4262da0f70d6a4e3746bea4e5eab74b3fe554d3597a0c87
+  metadata.gz: f5f66c856712fe4736592757a1dab3a95aa920359ed0bbca72a638d0983df164
+  data.tar.gz: 89f0452f48f07968f29b3890fb7f71b1aac42b5f4b6e7cdcad556a0c3f548d6f
 SHA512:
-  metadata.gz: 4d4174c89606b5949876451b31bdb40a76db573284ed5976afe9806eb33ac592e90d425cb8c3c48412756be9a7db777cfdb00f14649601ff8d0bcc05807bc8c9
-  data.tar.gz: b46236e5b3f59f97cd371f250c397553c32656a51994b556ae43fa4751b2eeb95c5b5bdbc3276d5ad156c861df7f7ff4f39ec93bd3826c854dbfff975fc77602
+  metadata.gz: 1a9bf8af827028ae5e68857650cdf2af5e6c49c16360e123a1f653c0e38530ba89a4f1a5179ee50d540dc4f71a1fd766f93517d622d1a25d72d39be5e545b0b1
+  data.tar.gz: 58da58ed8eae9c02437fd0a3f41a529e36feeade438d9dcee63d4448165a95b4d1b3d100c1e27384aa5763a002fbcf9eccc33cb283258e8baafbfbc9366bc56b

data/lib/labkit/rate_limit/evaluator.rb CHANGED Viewed

@@ -42,21 +42,26 @@ module Labkit
       private
+      # :log rules are non-terminating: they emit metrics and continue,
+      # so a shadow :log rule cannot disable a following :block rule.
       def check_rules(identifier)
         @rules.each do |rule|
           next unless rule_matches?(rule, identifier)
           result = evaluate_rule(rule, identifier)
           report_matched_metrics(result)
-          return result
+          return result unless rule.action == :log
         end
         report_unmatched_metrics
         Result.new(matched: false, action: :allow)
       end
+      # Mirror of check_rules without metrics: peek skips :log rules (their state
+      # is unobservable through peek).
       def peek_rules(identifier)
         @rules.each do |rule|
+          next if rule.action == :log
           next unless rule_matches?(rule, identifier)
           return peek_rule(rule, identifier)

data/lib/labkit/rate_limit/metrics.rb CHANGED Viewed

@@ -5,6 +5,9 @@ module Labkit
     module Metrics
       module_function
+      # :log rules are non-terminating: a check that matched only :log rules
+      # increments calls_total once per matched :log rule AND once with
+      # rule="unmatched", action="allow", since no terminating decision was made.
       def calls_total
         Labkit::Metrics::Client.counter(
           :gitlab_labkit_rate_limiter_calls_total,

data/lib/labkit/rate_limit/result.rb CHANGED Viewed

@@ -8,9 +8,9 @@ module Labkit
     # action    - the outcome: what the caller should do
     #             :block = rule matched, exceeded, rule configured to block
     #             :log   = rule matched, exceeded, rule configured to log only
-    #             :allow = rule matched but count within limit, or
+    #             :allow = rule matched but count within limit, rule configured to allow,
     #                      no rule matched, or error (fail-open)
-    #             The rule's configured action is available via rule.action
+    #             The rule's configured action is available via rule.action.
     # rule      - the matched Rule object (nil when matched? is false)
     # error?    - true if Redis was unavailable; result fails open (exceeded? is false)
     # info      - Result::Info with per-window counters; nil when matched? is false or error?

data/lib/labkit/rate_limit/rule.rb CHANGED Viewed

@@ -2,7 +2,7 @@
 module Labkit
   module RateLimit
-    KNOWN_ACTIONS = [:block, :log].freeze
+    KNOWN_ACTIONS = %i[block log allow].freeze
     RULE_NAME_PATTERN = /\A[a-z0-9_]+\z/
     RULE_NAME_MAX_LENGTH = 64
@@ -12,7 +12,9 @@ module Labkit
     #                   the rule to apply; empty hash matches any identifier
     # limit           - request threshold; may be a callable (resolved per check)
     # period          - window in seconds; may be a callable (resolved per check)
-    # action          - :block (enforce) or :log (count and log, but do not block)
+    # action          - :block (enforce), :log (count and log only, do not block,
+    #                   evaluation continues to subsequent rules), or :allow
+    #                   (bypass: short-circuit evaluation with no Redis writes)
     # characteristics - identifier keys used to build the compound Redis counter key
     #
     # +name+ must be a lowercase alphanumeric-and-underscore string of at most 64

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-labkit
 version: !ruby/object:Gem::Version
-  version: 1.19.0
+  version: 1.20.0
 platform: ruby
 authors:
 - Andrew Newdigate