Merge branch 'envoy-health-check' into 'main'

Allow envoy to handle health checks

See merge request gitlab-org/software-supply-chain-security/authorization/sparkled!8

6 files changed, 7 insertions, 32 deletions

diff --git a/app/app.go b/app/app.go
index 23f49bb..5bcc69a 100644
--- a/app/app.go
+++ b/app/app.go
@@ -10,7 +10,6 @@ import (
 	"github.com/xlgmokha/x/pkg/log"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/dashboard"
-	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/health"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/sparkles"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/middleware"
@@ -25,7 +24,6 @@ func New(rootDir string) http.Handler {
 
 	mountable := []Mountable{
 		ioc.MustResolve[*dashboard.Controller](ioc.Default),
-		ioc.MustResolve[*health.Controller](ioc.Default),
 		ioc.MustResolve[*sparkles.Controller](ioc.Default),
 	}
 	for _, m := range mountable {
diff --git a/app/app_test.go b/app/app_test.go
index 8817a3c..f1cc28c 100644
--- a/app/app_test.go
+++ b/app/app_test.go
@@ -23,12 +23,5 @@ func TestApp(t *testing.T) {
 			assert.Equal(t, http.StatusOK, response.Code)
 			assert.Contains(t, response.Body.String(), "SparkleLab")
 		})
-
-		t.Run("GET /health", func(t *testing.T) {
-			response := httptest.NewRecorder()
-
-			server.ServeHTTP(response, test.Request("GET", "/health"))
-			assert.Equal(t, http.StatusOK, response.Code)
-		})
 	})
 }
diff --git a/app/controllers/health/controller.go b/app/controllers/health/controller.go
deleted file mode 100644
index 5bcff66..0000000
--- a/app/controllers/health/controller.go
+++ /dev/null
@@ -1,18 +0,0 @@
-package health
-
-import "net/http"
-
-type Controller struct {
-}
-
-func New() *Controller {
-	return &Controller{}
-}
-
-func (c *Controller) MountTo(mux *http.ServeMux) {
-	mux.HandleFunc("GET /health", c.Index)
-}
-
-func (c *Controller) Index(w http.ResponseWriter, r *http.Request) {
-	w.WriteHeader(http.StatusOK)
-}
diff --git a/app/init.go b/app/init.go
index 7ea0dd2..868c2f7 100644
--- a/app/init.go
+++ b/app/init.go
@@ -11,7 +11,6 @@ import (
 	"github.com/xlgmokha/x/pkg/log"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/dashboard"
-	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/health"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/sparkles"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/db"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain"
@@ -38,9 +37,6 @@ func init() {
 	ioc.Register[*sparkles.Controller](ioc.Default, func() *sparkles.Controller {
 		return sparkles.New(ioc.MustResolve[domain.Repository[*domain.Sparkle]](ioc.Default))
 	})
-	ioc.Register[*health.Controller](ioc.Default, func() *health.Controller {
-		return health.New()
-	})
 	ioc.RegisterSingleton[*http.Client](ioc.Default, func() *http.Client {
 		return &http.Client{
 			Transport: &web.Transport{
diff --git a/etc/envoy/envoy.yaml b/etc/envoy/envoy.yaml
index 2141649..5842448 100644
--- a/etc/envoy/envoy.yaml
+++ b/etc/envoy/envoy.yaml
@@ -76,6 +76,13 @@ static_resources:
                           user_agent: "%REQ(USER-AGENT)%"
                 codec_type: AUTO
                 http_filters:
+                  - name: envoy.filters.http.health_check
+                    typed_config:
+                      "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck
+                      pass_through_mode: false
+                      headers:
+                        - name: ":path"
+                          exact_match: "/health"
                   - name: envoy.filters.http.oauth2
                     typed_config:
                       "@type": type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2
diff --git a/test/integration/container_test.go b/test/integration/container_test.go
index 73724fb..c51c5e0 100644
--- a/test/integration/container_test.go
+++ b/test/integration/container_test.go
@@ -60,7 +60,6 @@ func TestContainer(t *testing.T) {
 		envoyEndpoint + "/logo.png",
 		sparkleEndpoint + "/",
 		sparkleEndpoint + "/favicon.ico",
-		sparkleEndpoint + "/health",
 		srv.DiscoveryEndpoint(),
 	} {
 		t.Run(publicPath, func(t *testing.T) {