search

skulpturenz / shared-resources

MIT License
0 stars 0 forks source link

chore: update healthchecks for keycloak and add wget to final image #272

Closed nmathew98 closed 1 week ago

github-actions[bot] commented 1 week ago

Title

chore: update healthchecks for keycloak and add wget to final image

PR Type

enhancement, configuration changes

Description

Changes walkthrough ๐Ÿ“

Relevant files
Configuration changes
docker-compose.yml
Add healthcheck to Keycloak service in Docker Compose       
authnz/docker-compose.yml
  • Added healthcheck configuration for the Keycloak service.
  • Configured healthcheck with wget command.
    		•  +6/-0     
    docker-compose.yml
    Update healthcheck configuration in rollout Docker Compose
    rollout/docker-compose.yml
  • Updated healthcheck command to use CMD-SHELL.
  • Added detailed healthcheck configuration.
    		•  +5/-1     
    docker-compose.yml
    Enhance healthcheck settings in telemetry Docker Compose 
    telemetry/docker-compose.yml
  • Added interval, timeout, retries, and start_period to healthchecks.
  • Configured healthchecks for multiple services.
    		•  +14/-0   
    Enhancement
    Dockerfile
    Add wget installation to Keycloak Dockerfile                         
    authnz/keycloak/Dockerfile
  • Added installation of wget to the final image.
  • Used Red Hat UBI for building additional packages.
    		•  +10/-0   

    ๐Ÿ’ก PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

    github-actions[bot] commented 1 week ago

    PR Reviewer Guide ๐Ÿ”

    Here are some key observations to aid the review process:

    โฑ๏ธ Estimated effort to review: 4 ๐Ÿ”ต๐Ÿ”ต๐Ÿ”ต๐Ÿ”ตโšช
    ๐Ÿ… Score: 85
    ๐Ÿงช No relevant tests
    ๐Ÿ”’ No security concerns identified
    โšก Recommended focus areas for review

    Configuration Change
    The healthcheck command uses `wget` to check the service's availability. Ensure that `wget` is installed and available in the container environment. Dependency Installation
    The Dockerfile installs `wget` in a specific build stage. Verify that this does not introduce unnecessary dependencies in the final image. Configuration Change
    Similar to the previous healthcheck, ensure that the `wget` command is appropriate for the service being monitored. Configuration Change
    The healthcheck configuration has been updated. Validate that the new settings align with the service's expected behavior. Configuration Change
    Ensure that the healthcheck for the APM server is correctly configured to reflect its operational status.
    github-actions[bot] commented 1 week ago

    PR Code Suggestions โœจ

    Explore these optional code suggestions:

    CategorySuggestion                                                                                                                                    Score
    Enhancement
    Improve the healthcheck command to ensure proper error handling for authentication failures ___ **Validate that the healthcheck command for curl correctly handles authentication
    errors to avoid false positives.** [telemetry/docker-compose.yml [105]](https://github.com/skulpturenz/shared-resources/pull/272/files#diff-a6537addc8ca7f4a881be0eb4c728fcf311c8e0d3f731c6b49e2c14a4672f607R105-R105) ```diff healthcheck: - test: [ "CMD", "sh", "-c", "curl -sf --insecure https://$ELASTIC_USERNAME:$ELASTIC_PASSWORD@localhost:$ELASTICSEARCH_PORT/_cat/health | grep -ioE 'green|yellow' || echo 'not green/yellow cluster status'" ] + test: [ "CMD", "sh", "-c", "curl -sf --insecure https://$ELASTIC_USERNAME:$ELASTIC_PASSWORD@localhost:$ELASTICSEARCH_PORT/_cat/health || { echo 'Healthcheck failed'; exit 1; }" ] ```
    Suggestion importance[1-10]: 6 Why: This suggestion enhances the healthcheck command by adding error handling for authentication failures, which is important for accurate health status reporting, thus providing a significant improvement.
    		6
    Enhance the healthcheck command to provide clearer failure feedback ___ **Consider adjusting the healthcheck command to use a more specific error handling
    mechanism to improve reliability.** [rollout/docker-compose.yml [83]](https://github.com/skulpturenz/shared-resources/pull/272/files#diff-be092be3b541d71eab5969ed2268083690f8982a3f84e80e1ba3035ead16882fR83-R83) ```diff healthcheck: - test: [ "CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:8080 || exit 1" ] + test: [ "CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:8080 || { echo 'Healthcheck failed'; exit 1; }" ] ```
    Suggestion importance[1-10]: 5 Why: The proposed change adds clearer error handling to the healthcheck command, which can improve reliability and debugging, making it a moderate enhancement.
    		5
    Possible issue
    Update the healthcheck command to use the loopback address for consistency ___ **Ensure that the healthcheck command for wget uses the correct URL format to avoid
    potential connectivity issues.** [authnz/docker-compose.yml [68-69]](https://github.com/skulpturenz/shared-resources/pull/272/files#diff-85f4696189ef3338eada54f07a4ff1ca1f02d1436164c86af2f549df173ba774R68-R69) ```diff healthcheck: - test: [ "CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:8080 || exit 1" ] + test: [ "CMD-SHELL", "wget --no-verbose --tries=1 --spider http://127.0.0.1:8080 || exit 1" ] ```
    Suggestion importance[1-10]: 3 Why: The suggestion to change 'localhost' to '127.0.0.1' is a minor improvement, as both refer to the local machine. This change does not significantly impact functionality.
    		3
    github-actions[bot] commented 1 week ago

    :tropical_drink: preview on authnz/skulpture/shared-authnz

    Pulumi report 
    Previewing update (shared-authnz)

View Live: https://app.pulumi.com/skulpture/authnz/shared-authnz/previews/3be8c705-2484-45c0-99ed-30990f690843

@ Previewing update......
Downloading plugin gcp-7.38.0: starting
Downloading plugin cloudflare-5.42.0: starting
Downloading plugin cloudflare-5.42.0: done
Downloading plugin gcp-7.38.0: done
Installing plugin cloudflare-5.42.0: starting
Installing plugin gcp-7.38.0: starting
@ Previewing update....
Installing plugin cloudflare-5.42.0: done
Installing plugin gcp-7.38.0: done

@ Previewing update...........................................................................
pulumi:pulumi:Stack authnz-shared-authnz running 
@ Previewing update....
pulumi:pulumi:Stack authnz-shared-authnz  
Resources:
4 unchanged
    github-actions[bot] commented 1 week ago

    :tropical_drink: preview on network/skulpture/shared-infrastructure

    Pulumi report 
    Previewing update (shared-infrastructure)

View Live: https://app.pulumi.com/skulpture/network/shared-infrastructure/previews/25b866a8-c291-4e70-b492-8787940a79f8

@ Previewing update.....
Downloading plugin gcp-7.38.0: starting
Downloading plugin digitalocean-4.34.0: starting
Downloading plugin digitalocean-4.34.0: done
Downloading plugin gcp-7.38.0: done
Installing plugin digitalocean-4.34.0: starting
Installing plugin gcp-7.38.0: starting
@ Previewing update....
Installing plugin digitalocean-4.34.0: done
@ Previewing update....
Installing plugin gcp-7.38.0: done

@ Previewing update........................................................................
pulumi:pulumi:Stack network-shared-infrastructure running 
@ Previewing update....
pulumi:pulumi:Stack network-shared-infrastructure  
Resources:
12 unchanged
    github-actions[bot] commented 1 week ago

    :tropical_drink: preview on telemetry/skulpture/shared-telemetry

    Pulumi report 
    Previewing update (shared-telemetry)

View Live: https://app.pulumi.com/skulpture/telemetry/shared-telemetry/previews/483db81d-daf6-4943-b380-f1b34b010051

@ Previewing update......
Downloading plugin gcp-7.38.0: starting
Downloading plugin cloudflare-5.42.0: starting
Downloading plugin cloudflare-5.42.0: done
@ Previewing update....
Downloading plugin gcp-7.38.0: done
Installing plugin cloudflare-5.42.0: starting
Installing plugin gcp-7.38.0: starting
Installing plugin cloudflare-5.42.0: done
@ Previewing update....
Installing plugin gcp-7.38.0: done

@ Previewing update...........................................................................
pulumi:pulumi:Stack telemetry-shared-telemetry running 
@ Previewing update....
pulumi:pulumi:Stack telemetry-shared-telemetry  
Resources:
4 unchanged
    github-actions[bot] commented 1 week ago

    :tropical_drink: preview on rollout/skulpture/shared-rollout

    Pulumi report 
    Previewing update (shared-rollout)

View Live: https://app.pulumi.com/skulpture/rollout/shared-rollout/previews/3e31be5d-2a76-4b4b-9bbf-919e33887599

@ Previewing update.....
Downloading plugin gcp-7.38.0: starting
Downloading plugin cloudflare-5.42.0: starting
Downloading plugin cloudflare-5.42.0: done
Downloading plugin gcp-7.38.0: done
Installing plugin cloudflare-5.42.0: starting
@ Previewing update....
Installing plugin gcp-7.38.0: starting
Installing plugin cloudflare-5.42.0: done
@ Previewing update....
Installing plugin gcp-7.38.0: done

@ Previewing update...............................................................................
pulumi:pulumi:Stack rollout-shared-rollout running 
@ Previewing update....
pulumi:pulumi:Stack rollout-shared-rollout  
Resources:
4 unchanged