Add health_check access token, and enforce on the health_check endpoint
Also added a health check page to the admin section for resetting the token.
This commit is contained in:
parent
9898f9b4e6
commit
160ef66d1b
|
@ -19,6 +19,12 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
|
|||
redirect_to admin_runners_path
|
||||
end
|
||||
|
||||
def reset_health_check_token
|
||||
@application_setting.reset_health_check_access_token!
|
||||
flash[:notice] = 'New health check access token has been generated!'
|
||||
redirect_to :back
|
||||
end
|
||||
|
||||
def clear_repository_check_states
|
||||
RepositoryCheck::ClearWorker.perform_async
|
||||
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
class Admin::HealthCheckController < Admin::ApplicationController
|
||||
def show
|
||||
begin
|
||||
@errors = HealthCheck::Utils.process_checks('standard')
|
||||
rescue => e
|
||||
@errors = e.message.blank? ? e.class.to_s : e.message.to_s
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,13 @@
|
|||
class HealthCheckController < HealthCheck::HealthCheckController
|
||||
before_action :validate_health_check_access!
|
||||
|
||||
protected
|
||||
|
||||
def validate_health_check_access!
|
||||
return render_404 unless params[:token].presence && params[:token] == current_application_settings.health_check_access_token
|
||||
end
|
||||
|
||||
def render_404
|
||||
render file: Rails.root.join("public", "404"), layout: false, status: "404"
|
||||
end
|
||||
end
|
|
@ -1,6 +1,7 @@
|
|||
class ApplicationSetting < ActiveRecord::Base
|
||||
include TokenAuthenticatable
|
||||
add_authentication_token_field :runners_registration_token
|
||||
add_authentication_token_field :health_check_access_token
|
||||
|
||||
CACHE_KEY = 'application_setting.last'
|
||||
|
||||
|
@ -70,6 +71,7 @@ class ApplicationSetting < ActiveRecord::Base
|
|||
end
|
||||
|
||||
before_save :ensure_runners_registration_token
|
||||
before_save :ensure_health_check_access_token
|
||||
|
||||
after_commit do
|
||||
Rails.cache.write(CACHE_KEY, self)
|
||||
|
@ -133,4 +135,8 @@ class ApplicationSetting < ActiveRecord::Base
|
|||
def runners_registration_token
|
||||
ensure_runners_registration_token!
|
||||
end
|
||||
|
||||
def health_check_access_token
|
||||
ensure_health_check_access_token!
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,40 @@
|
|||
- page_title "Health Check"
|
||||
|
||||
%h3.page-title
|
||||
Health Check
|
||||
%p.light
|
||||
Health information can be reteived as plain text, json, or xml using:
|
||||
%ul
|
||||
%li
|
||||
%code= "/health_check?token=#{current_application_settings.health_check_access_token}"
|
||||
%li
|
||||
%code= "/health_check.json?token=#{current_application_settings.health_check_access_token}"
|
||||
%li
|
||||
%code= "/health_check.xml?token=#{current_application_settings.health_check_access_token}"
|
||||
|
||||
.bs-callout.clearfix
|
||||
.pull-left
|
||||
%p
|
||||
You can reset the health check access token by pressing the button below.
|
||||
%p
|
||||
= button_to reset_health_check_token_admin_application_settings_path,
|
||||
method: :put, class: 'btn btn-default',
|
||||
data: { confirm: 'Are you sure you want to reset the health check token?' } do
|
||||
= icon('refresh')
|
||||
Reset health check access token
|
||||
|
||||
%hr
|
||||
.panel.panel-default
|
||||
.panel-heading
|
||||
Current Status:
|
||||
- if @errors.blank?
|
||||
= icon('circle', class: 'cgreen')
|
||||
Healthy
|
||||
- else
|
||||
= icon('warning', class: 'cred')
|
||||
Unhealthy
|
||||
.panel-body
|
||||
- if @errors.blank?
|
||||
No Health Problems Detected
|
||||
- else
|
||||
= @errors
|
|
@ -41,6 +41,11 @@
|
|||
= icon('file-text fw')
|
||||
%span
|
||||
Logs
|
||||
= nav_link(controller: :health_check) do
|
||||
= link_to admin_health_check_path, title: 'Health Check' do
|
||||
= icon('medkit fw')
|
||||
%span
|
||||
Health Check
|
||||
= nav_link(controller: :broadcast_messages) do
|
||||
= link_to admin_broadcast_messages_path, title: 'Messages' do
|
||||
= icon('bullhorn fw')
|
||||
|
|
|
@ -74,7 +74,7 @@ Rails.application.routes.draw do
|
|||
end
|
||||
|
||||
# Health check
|
||||
health_check_routes
|
||||
get 'health_check(/:checks)(.:format)' => 'health_check#index'
|
||||
|
||||
# Enable Grack support
|
||||
mount Grack::AuthSpawner, at: '/', constraints: lambda { |request| /[-\/\w\.]+\.git\//.match(request.path_info) }, via: [:get, :post, :put]
|
||||
|
@ -256,6 +256,7 @@ Rails.application.routes.draw do
|
|||
end
|
||||
|
||||
resource :logs, only: [:show]
|
||||
resource :health_check, controller: 'health_check', only: [:show]
|
||||
resource :background_jobs, controller: 'background_jobs', only: [:show]
|
||||
|
||||
resources :namespaces, path: '/projects', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: [] do
|
||||
|
@ -287,6 +288,7 @@ Rails.application.routes.draw do
|
|||
resource :application_settings, only: [:show, :update] do
|
||||
resources :services
|
||||
put :reset_runners_token
|
||||
put :reset_health_check_token
|
||||
put :clear_repository_check_states
|
||||
end
|
||||
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
class AddHealthCheckAccessTokenToApplicationSettings < ActiveRecord::Migration
|
||||
def change
|
||||
add_column :application_settings, :health_check_access_token, :string
|
||||
end
|
||||
end
|
|
@ -11,7 +11,7 @@
|
|||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(version: 20160508194200) do
|
||||
ActiveRecord::Schema.define(version: 20160509201028) do
|
||||
|
||||
# These are extensions that must be enabled in order to support this database
|
||||
enable_extension "plpgsql"
|
||||
|
@ -80,6 +80,7 @@ ActiveRecord::Schema.define(version: 20160508194200) do
|
|||
t.boolean "repository_checks_enabled", default: false
|
||||
t.text "shared_runners_text"
|
||||
t.integer "metrics_packet_size", default: 1
|
||||
t.string "health_check_access_token"
|
||||
end
|
||||
|
||||
create_table "audit_events", force: :cascade do |t|
|
||||
|
|
Loading…
Reference in New Issue