From 52010f625fab1952427c52f11aa7311c760c3e87 Mon Sep 17 00:00:00 2001
From: Vladyslav Moisieienkov <vladyslav.moisieienkov@cern.ch>
Date: Wed, 9 Mar 2022 08:09:03 +0100
Subject: [PATCH] helm: add API rate limit env variable for slow endpoints

closes reanahub/reana-server#443
---
 CHANGES.rst            | 1 +
 helm/reana/README.md   | 1 +
 helm/reana/values.yaml | 1 +
 3 files changed, 3 insertions(+)

diff --git a/CHANGES.rst b/CHANGES.rst
index 050830ad..f09e5098 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -7,6 +7,7 @@ Version 0.9.0 (UNRELEASED)
 - Administrators:
     - Adds support for Kubernetes version 1.22 and 1.23 clusters.
     - Removes support for Kubernetes version prior to 1.19.
+    - Adds configuration environment variable ``reana_server.environment.REANA_RATELIMIT_SLOW`` to limit API requests to some protected endpoints e.g launch workflow.
 
 Version 0.8.2 (UNRELEASED)
 --------------------------
diff --git a/helm/reana/README.md b/helm/reana/README.md
index 4b56bdc5..0d97e9ea 100644
--- a/helm/reana/README.md
+++ b/helm/reana/README.md
@@ -20,6 +20,7 @@ This Helm automatically prefixes all names using the release name to avoid colli
 | `components.reana_server.environment.REANA_WORKFLOW_SCHEDULING_POLICY` | Define workflow scheduling strategy. Options are "fifo" for first-in-first-out strategy regardless of users and "balanced" for multi-user-aware scheduling strategy. | "fifo" |
 | `components.reana_server.environment.REANA_RATELIMIT_GUEST_USER` | Set API limiter config for guest users. Users using reana-client will be treated as guests. | "20 per second" |
 | `components.reana_server.environment.REANA_RATELIMIT_AUTHENTICATED_USER` | Set API limiter config for authenticated web UI users. | "20 per second" |
+| `components.reana_server.environment.REANA_RATELIMIT_SLOW` | Set API limiter config for slow endpoints that need to be protected e.g. launch endpoint. | "1/5 second" |
 | `components.reana_server.image`                          | [REANA-Server image](https://hub.docker.com/r/reanahub/reana-server) to use          | `reanahub/reana-server:<chart-release-version>` |
 | `components.reana_server.imagePullPolicy`                | REANA-Server image pull policy                                                       | IfNotPresent                                    |
 | `components.reana_server.uwsgi.processes`                | Number of uWSGI processes                                                            | 6                                               |
diff --git a/helm/reana/values.yaml b/helm/reana/values.yaml
index f22d7862..c906097c 100644
--- a/helm/reana/values.yaml
+++ b/helm/reana/values.yaml
@@ -73,6 +73,7 @@ components:
       REANA_WORKFLOW_SCHEDULING_POLICY: "fifo"
       REANA_RATELIMIT_GUEST_USER: "20 per second"
       REANA_RATELIMIT_AUTHENTICATED_USER: "20 per second"
+      REANA_RATELIMIT_SLOW: "1/5 second"
     uwsgi:
       processes: 6
       threads: 4