[Backport 18.6] Exclude Git HTTP requests from authenticated web throttle

Vasilii Iakliushinrequested to merge
backport-581142-exclude-git-path-from-throttling-2-18-6 into 18-6-stable-ee

What does this MR do and why?

Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/581142

Problem

Authenticated Git HTTP requests can be throttled by both Authenticated Web rate limit and Authenticated Git HTTP rate limit.

Without this fix, authenticated users performing Git operations could hit rate limits faster than intended because their requests were being counted twice.

Solution

Exclude Authenticated Git HTTP requests from Authenticated Web rate limit to match documentation.

General user and IP rate limits aren’t applied to Git HTTP requests.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

  • This MR is backporting a bug fix, documentation update, or spec fix, previously merged in the default branch.
  • The MR that fixed the bug on the default branch has been deployed to GitLab.com (not applicable for documentation or spec changes).
  • The MR title is descriptive (e.g. "Backport of 'title of default branch MR'"). This is important, since the title will be copied to the patch blog post.
  • Required labels have been applied to this merge request
  • This MR has been approved by a maintainer (only one approval is required).
  • Ensure the e2e:test-on-omnibus-ee job has succeeded, or if it has failed, investigate the failures. If you determine the failures are unrelated, you may proceed. If you need assistance investigating, reach out to a Software Engineer in Test in #s_developer_experience.

Note to the merge request author and maintainer

If you have questions about the patch release process, please:

Edited by Vasilii Iakliushin

Merge request reports