chore(api): Implement rate limiting on all authentication endpoints to mitigate brute force attacks.

[manoelhc]

Summary by CodeRabbit

• New Features

  • Introduced a Helm chart for Kubernetes deployment of a local API, including templates for deployment, service, ingress, HPA, and service account.
  • Added Kubernetes setup and teardown commands using Minikube and Helm.

• Bug Fixes

  • Excluded .lcov files from Docker builds and version control.

• Improvements

  • Enhanced CI/CD workflows with improved version bumping logic and Docker image handling.
  • Improved pre-commit configuration to exclude specific directories from checks.

• Documentation

  • Added instructions for obtaining application URLs and testing connections in Kubernetes deployment.

https://kubernetes.io/docs/concepts/services-networking/gateway/ https://gateway-api.sigs.k8s.io/implementations/#cilium

[coderabbitai[bot]]

Walkthrough

The changes introduce several enhancements and new features across different parts of the project. Key updates include the addition of Helm charts for Kubernetes deployment, improvements to Docker and GitHub workflows, and the inclusion of new configurations for handling Kubernetes environments. These updates aim to streamline deployment, enhance security, and improve automation for version control and Docker image management.

Changes

File/Directory	Change Summary
.dockerignore, .gitignore	Added *.lcov to exclude .lcov files from Docker builds and version control.
.github/workflows/auto-tagging.yaml	Updated environment variables, version bumping logic, Docker image handling, and PR tag management.
.pre-commit-config.yaml	Added exclusions for charts/local-api/templates to pre-commit checks.
charts/local-api/.helmignore	Introduced patterns to ignore common VCS directories, backup files, and IDE-related files.
charts/local-api/Chart.yaml	Added Helm chart metadata for Kubernetes deployment.
charts/local-api/templates/NOTES.txt	Provided instructions for obtaining the application URL based on different configurations.
charts/local-api/templates/_helpers.tpl	Added template definitions for generating names, labels, and service account names.
charts/local-api/templates/deployment.yaml	Defined a Kubernetes Deployment for a local API service.
charts/local-api/templates/hpa.yaml	Introduced Horizontal Pod Autoscaling (HPA) configuration based on CPU and memory utilization.
charts/local-api/templates/ingress.yaml	Defined Kubernetes Ingress resources for routing rules.
charts/local-api/templates/service.yaml	Defined a Kubernetes Service for a local API.
charts/local-api/templates/serviceaccount.yaml	Introduced a Kubernetes ServiceAccount definition template.
charts/local-api/templates/tests/test-connection.yaml	Defined a Kubernetes Pod configuration for testing connections.
charts/local-api/values.yaml	Defined default configuration values for Kubernetes deployment.
confs/docker-compose/nginx/nginx.conf	Added a new location block for /auth with proxy settings and security headers.
justfile	Added targets install-k8s and destroy-k8s for Kubernetes environment setup and teardown.

---

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to full the review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

[deepsource-io[bot]]

Here's the code health analysis summary for commits ee6ca2e..33c987f. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
Python	✅ Success		View Check ↗
Test coverage	✅ Success		View Check ↗

Code Coverage Report

Metric	Aggregate	Python
Branch Coverage	87.9% (down 9.1% from main)	87.9% (down 9.1% from main)
Condition Coverage	87.9%	87.9%
Composite Coverage	96.2% (down 1.3% from main)	96.2% (down 1.3% from main)
Line Coverage	97.5%	97.5%

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 97.81%. Comparing base (ee6ca2e) to head (33c987f). Report is 14 commits behind head on main.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #80 +/- ## ======================================= Coverage 97.81% 97.81% ======================================= Files 10 10 Lines 411 411 Branches 76 76 ======================================= Hits 402 402 Misses 9 9 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[github-actions[bot]]

Tag v0.11.0-pr80 (branch: HEAD, SHA: 0e0ed24) Added.

[github-advanced-security[bot]]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[sonarcloud[bot]]

Quality Gate failed

Failed conditions
C Security Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

[codacy-production[bot]]

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
:white_check_mark: +0.00% (target: -1.00%)	:white_check_mark: ∅

Coverage variation details

| | Coverable lines | Covered lines | Coverage | | ------------- | ------------- | ------------- | ------------- | | Common ancestor commit (ee6ca2e80e1ac719579df888e5fa973e54cb1eb0) | 407 | 397 | 97.54% | | | Head commit (33c987f4771601509ca0b4e574851c58ed207f50) | 407 (+0) | 397 (+0) | 97.54% (**+0.00%**) | **Coverage variation** is the difference between the coverage for the head and common ancestor commits of the pull request branch: ` - `

Diff coverage details

| | Coverable lines | Covered lines | Diff coverage | | ------------- | ------------- | ------------- | ------------- | | Pull request (#80) | 0 | 0 | **∅ (not applicable)** | **Diff coverage** is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: `/ * 100%`

See your quality gate settings    Change summary preferences

---

_{:rocket: Don’t miss a bit, follow what’s new on Codacy.}

_{Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more}