From 6fd1abf6fada6fab5661ca0d32919b3b6485920f Mon Sep 17 00:00:00 2001
From: Nyk <0xnykcd@googlemail.com>
Date: Sat, 21 Mar 2026 23:53:40 +0700
Subject: [PATCH] fix(ci): allow rate limit bypass in production test mode

The E2E tests run the standalone server (NODE_ENV=production) but need
rate limiting disabled. Allow MC_DISABLE_RATE_LIMIT bypass when
MISSION_CONTROL_TEST_MODE=1 is also set, even in production.

Fixes 100 E2E failures (429 rate limited) in CI.
---
 src/lib/rate-limit.ts | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/lib/rate-limit.ts b/src/lib/rate-limit.ts
index d87824a..6da42c0 100644
--- a/src/lib/rate-limit.ts
+++ b/src/lib/rate-limit.ts
@@ -71,8 +71,9 @@ export function createRateLimiter(options: RateLimiterOptions) {
   if (cleanupInterval.unref) cleanupInterval.unref()
 
   return function checkRateLimit(request: Request): NextResponse | null {
-    // Allow disabling non-critical rate limiting for E2E tests (never in production)
-    if (process.env.MC_DISABLE_RATE_LIMIT === '1' && !options.critical && process.env.NODE_ENV !== 'production') return null
+    // Allow disabling non-critical rate limiting for E2E tests
+    // In CI, standalone server runs with NODE_ENV=production but needs rate limit bypass
+    if (process.env.MC_DISABLE_RATE_LIMIT === '1' && !options.critical && (process.env.NODE_ENV !== 'production' || process.env.MISSION_CONTROL_TEST_MODE === '1')) return null
     const ip = extractClientIp(request)
     const now = Date.now()
     const entry = store.get(ip)
@@ -143,7 +144,7 @@ export function createAgentRateLimiter(options: RateLimiterOptions) {
   if (cleanupInterval.unref) cleanupInterval.unref()
 
   return function checkAgentRateLimit(request: Request): NextResponse | null {
-    if (process.env.MC_DISABLE_RATE_LIMIT === '1' && !options.critical && process.env.NODE_ENV !== 'production') return null
+    if (process.env.MC_DISABLE_RATE_LIMIT === '1' && !options.critical && (process.env.NODE_ENV !== 'production' || process.env.MISSION_CONTROL_TEST_MODE === '1')) return null
 
     const agentName = (request.headers.get('x-agent-name') || '').trim()
     const key = agentName || `ip:${extractClientIp(request)}`