RateLimit fails closed if Redis isn't available

[Sam-tesouro]

Component(s)

router

Is your feature request related to a problem? Please describe.

On testing a Cosmo Rate Limit implementation I discovered every request would get a 500 response if Redis is scaled to zero, or if authentication is malformed. The following is the utilized config.

    rate_limit:
      enabled: true
      strategy: "simple"
      simple_strategy:
          rate: 10
          burst: 10
          period: 1s
          reject_exceeding_requests: true
          reject_status_code: 429
          hide_stats_from_response_extension: false
      storage:
          url: "redis://USER:PASSWORD@redis-master.redis.svc.cluster.local:6379"
          key_prefix: "cosmo_rate_limit"
      debug: true
      key_suffix_expression: "request.auth.claims.sub ?? request.header.Get('X-Forwarded-For')"
      error_extension_code:
          enabled: true
          code: "RATE_LIMIT_EXCEEDED"

Describe the solution you'd like

If it's intentional y'all are failing closed on Redis availability, a configuration flag to fail open instead would be ideal.

Describe alternatives you've considered

No response

Additional context

As a side note, while implementing this I discovered your Cosmo Router documentation example YAML malformed the top config key as rate_limiting instead of rate_limit.
https://cosmo-docs.wundergraph.com/router/configuration#rate-limiting-example-yaml-configuration

[github-actions]

WunderGraph commits fully to Open Source and we want to make sure that we can help you as fast as possible.
The roadmap is driven by our customers and we have to prioritize issues that are important to them.
You can influence the priority by becoming a customer. Please contact us here.

[Aenimus]

Hi @Sam-tesouro

Thanks for the report.

We'll fix the documentation.

We'll discuss how to handle this; at the very least we will update the documentation to declare the behaviour explicitly.