Skip to content

Requests by runners count as unauthenticated

Summary

Requests by runners count as unauthenticated by rack::attack and are rate limited accordingly.

Steps to reproduce

  • Enable low unauthenticated rate limit.
  • Do some builds on runners.

What is the current bug behavior?

The requests are counted as unauthenticated and in Redis the key cache:gitlab:rack::attack:424340:throttle_unauthenticated:$IP is set accordingly. After several builds, it starts to hang, as the runner reaches the request limit and is blocked from makes new requests.

What is the expected correct behavior?

The requests are counted as authenticated, as the runner authenticates itself with a token.