Fix HIGH priority issues: unbounded queries, rate limiting, health checks
Issue #3 - Unbounded Query Results (OOM): - get_all_archived_history() now uses keyset pagination with bounded max_rows (50k default) - Added 'id' field to records from get_archived_history() and get_archived_history_keyset() - Protocol signature updated with page_size, max_rows, last_ban_id params Issue #7 - Docker Health Check Fails: - Added curl to Dockerfile.backend runtime image - HEALTHCHECK now uses 'curl -f http://localhost:8000/api/health' - compose.prod.yml: increased start_period to 40s, timeout to 10s - Frontend healthcheck proxies to backend /api/health Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
@@ -33,6 +33,7 @@ from app.dependencies import (
|
||||
JailServiceStateDep,
|
||||
)
|
||||
from app.exceptions import BadRequestError
|
||||
from app.mappers import jail_mappers
|
||||
from app.models.ban import JailBannedIpsResponse
|
||||
from app.models.jail import (
|
||||
IgnoreIpRequest,
|
||||
@@ -76,7 +77,8 @@ async def get_jails(
|
||||
Returns:
|
||||
:class:`~app.models.jail.JailListResponse` with all active jails.
|
||||
"""
|
||||
return await jail_service.list_jails(socket_path, state)
|
||||
domain_result = await jail_service.list_jails(socket_path, state)
|
||||
return jail_mappers.map_domain_jail_list_to_response(domain_result)
|
||||
|
||||
|
||||
@router.get(
|
||||
@@ -106,16 +108,16 @@ async def get_jail(
|
||||
HTTPException: 404 when the jail does not exist.
|
||||
HTTPException: 502 when fail2ban is unreachable.
|
||||
"""
|
||||
jail, ignore_list, ignore_self = await asyncio.gather(
|
||||
jail_detail, ignore_list, ignore_self = await asyncio.gather(
|
||||
jail_service.get_jail(socket_path, name),
|
||||
jail_service.get_ignore_list(socket_path, name),
|
||||
jail_service.get_ignore_self(socket_path, name),
|
||||
)
|
||||
return JailDetailResponse(
|
||||
jail=jail,
|
||||
ignore_list=ignore_list,
|
||||
ignore_self=ignore_self,
|
||||
# Merge ignore_list and ignore_self from dedicated service calls
|
||||
jail_detail_with_ignore = jail_detail.model_copy(
|
||||
update={"ignore_list": ignore_list, "ignore_self": ignore_self}
|
||||
)
|
||||
return jail_mappers.map_domain_jail_detail_to_response(jail_detail_with_ignore)
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
@@ -474,7 +476,7 @@ async def get_jail_banned_ips(
|
||||
if not (1 <= page_size <= 100):
|
||||
raise BadRequestError("page_size must be between 1 and 100.")
|
||||
|
||||
return await jail_service.get_jail_banned_ips(
|
||||
domain_result = await jail_service.get_jail_banned_ips(
|
||||
socket_path=socket_path,
|
||||
jail_name=name,
|
||||
page=page,
|
||||
@@ -484,3 +486,4 @@ async def get_jail_banned_ips(
|
||||
http_session=http_session,
|
||||
app_db=ban_ctx.db,
|
||||
)
|
||||
return jail_mappers.map_domain_jail_banned_ips_to_response(domain_result)
|
||||
|
||||
Reference in New Issue
Block a user