From 9579cc12bfd2dbe69ee825ec9d8a1424f3f64c58 Mon Sep 17 00:00:00 2001
From: Ee Durbin <ewdurbin@gmail.com>
Date: Thu, 7 Nov 2024 12:00:36 -0500
Subject: [PATCH 1/2] disable logging to datadog by default

When the logging_datadog section was added in #2519, there was no logging condition applied leading to all requests being logged to datadog.

this adds a "False" condition so that logs are only emitted from the rate limiter
---
 infra/cdn/main.tf | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/infra/cdn/main.tf b/infra/cdn/main.tf
index 059fd8977..398f24c7e 100644
--- a/infra/cdn/main.tf
+++ b/infra/cdn/main.tf
@@ -136,6 +136,12 @@ resource "fastly_service_vcl" "python_org" {
     statement = "req.http.host == \"python.org\""
     type      = "REQUEST"
   }
+  condition {
+    name      = "False"
+    priority  = 10
+    statement = "false"
+    type      = "RESPONSE"
+  }
 
   condition {
     name      = "Don't cache 404s for /static"
@@ -262,9 +268,10 @@ resource "fastly_service_vcl" "python_org" {
   }
 
   logging_datadog {
-    name   = "ratelimit-debug"
-    token  = var.datadog_key
-    region = "US"
+    name               = "ratelimit-debug"
+    token              = var.datadog_key
+    region             = "US"
+    response_condition = "False"
   }
 
   logging_s3 {
@@ -361,7 +368,7 @@ resource "fastly_service_vcl" "python_org" {
   dynamic "dictionary" {
     for_each = var.activate_ngwaf_service ? [1] : []
     content {
-      name = var.edge_security_dictionary
+      name          = var.edge_security_dictionary
       force_destroy = true
     }
   }

From c38e543cd307028c2af1098c051999429fcadf51 Mon Sep 17 00:00:00 2001
From: Ee Durbin <ewdurbin@gmail.com>
Date: Thu, 7 Nov 2024 12:28:39 -0500
Subject: [PATCH 2/2] rename response condition for clarity

---
 infra/cdn/main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/infra/cdn/main.tf b/infra/cdn/main.tf
index 398f24c7e..91cac411e 100644
--- a/infra/cdn/main.tf
+++ b/infra/cdn/main.tf
@@ -137,7 +137,7 @@ resource "fastly_service_vcl" "python_org" {
     type      = "REQUEST"
   }
   condition {
-    name      = "False"
+    name      = "Always False"
     priority  = 10
     statement = "false"
     type      = "RESPONSE"
@@ -271,7 +271,7 @@ resource "fastly_service_vcl" "python_org" {
     name               = "ratelimit-debug"
     token              = var.datadog_key
     region             = "US"
-    response_condition = "False"
+    response_condition = "Always False"
   }
 
   logging_s3 {