Merged
Conversation
Introduce IP-based auth rate limiting and tighten health/cluster access, plus add a topic cleanup job and migrate offset storage. Key changes: - Add RateLimiter auth_ip_buckets, max_auth_requests_per_ip_per_sec, and check_auth_rate; include unit test. Update login/refresh/setup handlers to enforce auth rate limits. - Restrict health and cluster health endpoints (including root /health) to localhost-only using extract_client_ip_secure. - Add default config and type for max_auth_requests_per_ip_per_sec. - Migrate consumer offset tracking out of kalamdb-tables into kalamdb-system TopicOffsetsTableProvider; remove topic offset models/store from kalamdb-tables. TopicPublisherService now uses TopicOffsetsTableProvider and ack_offset signature updated. - Add delete_topic_offsets to TopicOffsetsTableProvider to support cleanup flows. - Add TopicCleanupExecutor job to perform idempotent cleanup of topic messages and offsets (with tests and TODO for message-store deletion). - Update consume logic to use last_acked_offset when computing start positions. - Add integration tests for topic pub/sub and other minor test/refactor updates. These changes improve security (rate-limiting, localhost health) and move offset persistence to the system provider while adding a background job for safe topic data cleanup.
…into feature/pubsub
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.