Skip to content

Added liveness and readiness probes to infisical gateway #5096

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
av1nDs0uza wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Added liveness and readiness probes to infisical gateway #5096

av1nDs0uza wants to merge 3 commits into from
+21 −0

Conversation

@av1nDs0uza
Copy link

@av1nDs0uza av1nDs0uza commented Dec 30, 2025

This PR adds liveness and readiness HTTP probes to the infisical-gateway , Helm deployment to improve kubernetes pod health detection and restarts.

related to the issue: #445

please let me know if i made any mistake

@maidul98
Copy link
Collaborator

maidul98 commented Dec 30, 2025
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@greptile-apps
Copy link
Contributor

greptile-apps bot commented Dec 30, 2025

Greptile Summary

Added HTTP liveness and readiness probes to the infisical-gateway deployment to improve Kubernetes pod health detection and automatic restarts.

Key changes:

  • Added livenessProbe with 30s initial delay, checking /health endpoint every 10s
  • Added readinessProbe with 10s initial delay, checking /health endpoint every 10s
  • Both probes configured with 5s timeout and 3 failure threshold

Critical concern:

  • The /health endpoint used by these probes is not documented in the CLI gateway documentation
  • Other Infisical helm charts use different endpoints (e.g., /api/status for the backend)
  • If this endpoint doesn't exist in the infisical CLI gateway, the probes will continuously fail, causing pods to be marked as unhealthy and potentially restart indefinitely

Confidence Score: 2/5

  • This PR has a critical unverified assumption that could cause service disruption
  • The probe configuration itself follows Kubernetes best practices, but it assumes the /health endpoint exists in the infisical CLI gateway. No documentation or code evidence supports this endpoint's existence. If the endpoint doesn't exist, all pods will be marked as unhealthy and may enter restart loops, causing production issues.
  • Verify that helm-charts/infisical-gateway/templates/deployment.yaml uses the correct health check endpoint before merging

Important Files Changed

Filename Overview
helm-charts/infisical-gateway/templates/deployment.yaml Added liveness and readiness probes using /health endpoint, but endpoint existence needs verification

greptile-apps[bot]
greptile-apps bot reviewed Dec 30, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Additional Comments (1)

  1. helm-charts/infisical-gateway/templates/deployment.yaml, line 56-71 (link)

    logic: Verify /health endpoint exists in infisical CLI gateway. Documentation doesn't mention it, and infisical-standalone-postgres uses /api/status. If this endpoint doesn't exist, probes will fail and pods will be marked unhealthy.

1 file reviewed, 1 comment

Edit Code Review Agent Settings | Greptile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@av1nDs0uza @maidul98