Watchdog: Create scheme for Service HTTP output codes

[webstergd]

We need a unified scheme for Service HTTP error code. i.e. bad input, failed docker, api limit exceeded, not found (for opensource lookups), etc

[ms-xy]

How about: 400 (Bad Request) = malformed query 422 (Unprocessable Entity) = the query is not malformed, but some parameter passed in the query is not processable (i.e. wrong format / filtered by rules)

Additionally for lookups 401 (Unauthorized) 402 (Payment Required) = Api limit exceeded

And for both: 404 (Not Found) => Error description should reflect whether not found in the service, or not found in an external resource (after all it does not really matter for a watchdog where it was not found)

Generally I would opt to keep as close as possible to the HTTP status codes, that makes it easy when writing services to find a suitable status code.

[webstergd]

Yeah I agree with sticking with HTTP status codes. No need to generate our own.

What are your thoughts on the 500s

[ms-xy]

Not entirely sure about 500 (Internal Server Error). They serve as indicators of unexpected service crashes. However, they are also appropriate for any error condition that the service catches but does not know what to do with.

[ms-xy]

502 (Bad Gateway) could be used to indicate that a remote service (like an API that the service queries) is not reachable, alternatively 504 (Gateway Time-Out) might be more applicable depending on the exact error.

503 (Service Unavailable) could be used to indicate that the service is already tasked?

[ms-xy]

Just as a note, Virustotal service has a very confusing 404 error if it does not find the object, which can be easily confused with a httprouter error (i.e. page not found). Such errors should have a custom error message like "404 File not found" or similar. I think we might have that in other services too.