create new env var for gql rl value

ajay-sentry · ajay-sentry · commit 34835c6a5fda · 2024-10-12T16:44:08.000-07:00
diff --git a/codecov/settings_base.py b/codecov/settings_base.py
@@ -92,13 +92,20 @@
 
 WSGI_APPLICATION = "codecov.wsgi.application"
 
-# Database
-# https://docs.djangoproject.com/en/2.1/ref/settings/#databases
+
+# GraphQL
 
 GRAPHQL_QUERY_COST_THRESHOLD = get_config(
     "setup", "graphql", "query_cost_threshold", default=10000
 )
 
+GRAPHQL_RATE_LIMIT_VALUE = get_config(
+    "setup", "graphql", "rate_limit_value", default=300
+)
+
+# Database
+# https://docs.djangoproject.com/en/2.1/ref/settings/#databases
+
 DATABASE_ROUTERS = ["codecov.db.DatabaseRouter"]
 
 # Password validation
diff --git a/codecov/settings_staging.py b/codecov/settings_staging.py
@@ -65,6 +65,10 @@
 # 25MB in bytes
 DATA_UPLOAD_MAX_MEMORY_SIZE = 26214400
 
+GRAPHQL_RATE_LIMIT_VALUE = get_config(
+    "setup", "graphql", "rate_limit_value", default=1000
+)
+
 # Same site is set to none on Staging as we want to be able to call the API
 # From Netlify preview deploy
 COOKIE_SAME_SITE = "None"
diff --git a/graphql_api/tests/test_views.py b/graphql_api/tests/test_views.py
@@ -203,6 +203,7 @@ async def test_query_metrics_extension_set_type_and_name_timeout(
 
     @patch("sentry_sdk.metrics.incr")
     @patch("graphql_api.views.AsyncGraphqlView._check_ratelimit")
+    @override_settings(DEBUG=False, GRAPHQL_RATE_LIMIT_VALUE=1000)
     async def test_when_rate_limit_reached(
         self, mocked_check_ratelimit, mocked_sentry_incr
     ):
@@ -213,7 +214,7 @@ async def test_when_rate_limit_reached(
         assert response["status"] == 429
         assert (
             response["detail"]
-            == "It looks like you've hit the rate limit of 300 req/min. Try again later."
+            == "It looks like you've hit the rate limit of 1000 req/min. Try again later."
         )
 
         expected_calls = [
diff --git a/graphql_api/views.py b/graphql_api/views.py
@@ -233,7 +233,7 @@ async def post(self, request, *args, **kwargs):
             return JsonResponse(
                 data={
                     "status": 429,
-                    "detail": "It looks like you've hit the rate limit of 300 req/min. Try again later.",
+                    "detail": f"It looks like you've hit the rate limit of {settings.GRAPHQL_RATE_LIMIT_VALUE} req/min. Try again later.",
                 },
                 status=429,
             )
@@ -320,7 +320,7 @@ def _check_ratelimit(self, request):
             user_ip = self.get_client_ip(request)
             key = f"rl-ip:{user_ip}"
 
-        limit = 300
+        limit = settings.GRAPHQL_RATE_LIMIT_VALUE
         window = 60  # in seconds
 
         current_count = redis.get(key)
