Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Please support monitoring when using https #236

Open
greenmoss opened this issue Jan 13, 2022 · 1 comment
Open

Please support monitoring when using https #236

greenmoss opened this issue Jan 13, 2022 · 1 comment

Comments

@greenmoss
Copy link

Is your feature request related to a problem? Please describe.
Only becomes a problem if you enable SSL, and at that point it is a blocker

Describe the solution you'd like
When starting with https, fix the web monitoring healthcheck script to use the correct curl invocation

Describe alternatives you've considered
Works ok without https/SSL

@greenmoss
Copy link
Author

Here's a hacked version of the healthcheck script suitable as fuel for a legitimate PR:

diff --git a/scripts/st2web-healthcheck.sh b/scripts/st2web-healthcheck.sh
index 327a173..56aed6b 100755
--- a/scripts/st2web-healthcheck.sh
+++ b/scripts/st2web-healthcheck.sh
@@ -18,15 +18,15 @@ fi

 # Check each service through the nginx reverse proxy for a specific return code. If the curl request
 # fails to work through nginx, a stop signal will be sent to nginx, causing the container to restart.
-API_STATUS=$(curl --write-out "%{http_code}\n" --silent --output /dev/null http://localhost/api/v1/)
+API_STATUS=$(curl -k --write-out "%{http_code}\n" --silent --output /dev/null https://localhost/api/v1/)
 if [ "${API_STATUS}" != "401" ]; then
   echo "st2api nginx failure"; nginx -s stop;
 fi
-STREAM_STATUS=$(curl --write-out "%{http_code}\n" --silent --output /dev/null http://localhost/stream/v1/stream)
+STREAM_STATUS=$(curl -k --write-out "%{http_code}\n" --silent --output /dev/null https://localhost/stream/v1/stream)
 if [ "${STREAM_STATUS}" != "401" ]; then
   echo "st2stream nginx failure"; nginx -s stop;
 fi
-AUTH_STATUS=$(curl --write-out "%{http_code}\n" --silent --output /dev/null  http://localhost/auth/v1/)
+AUTH_STATUS=$(curl -k --write-out "%{http_code}\n" --silent --output /dev/null  https://localhost/auth/v1/)
 if [ "${AUTH_STATUS}" != "404" ]; then
   echo "st2auth nginx failure"; nginx -s stop;
 fi

Note it's a complete HACK, because I didn't retain compatibility with the old plain-text http monitoring method.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant