feat(compose): M5-04 — wire log-shipper→coraza service_healthy#221
Merged
Conversation
Flip log-shipper depends_on coraza from service_started to service_healthy so the shipper only starts after coraza's SPOA is ready, completing issue #129. haproxy→coraza intentionally stays service_started to preserve the degraded-mode fail-closed design (#69): haproxy must be able to start and serve 503-degraded responses even when coraza is unavailable. Scope the haproxy regression test to the haproxy service block so the new global `coraza: service_healthy` (log-shipper) doesn't trip the existing global assertion. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
… healthcheck test BusyBox nc in Alpine 3.19 does not support -z, so the coraza healthcheck (nc -z 127.0.0.1 9000) was silently broken. Now that log-shipper waits for coraza: service_healthy, a broken healthcheck deadlocks startup. Fix by installing netcat-openbsd which provides a full nc with -z support. Also add a regression test asserting that log-shipper -> coraza uses service_healthy, so a future accidental revert is caught immediately.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #129
Summary
log-shipper→corazadependency fromservice_startedtoservice_healthy, so the log-shipper only starts once coraza's SPOA port is actually listeninghaproxy→corazaintentionally staysservice_started— haproxy must start in degraded mode and serve 503 when coraza is down (Runtime and Deployed Configuration Status Endpoint #69)coraza: service_healthyline in the file)Everything else in #129 was already shipped by M5-03 in PR #220 (backend
/readyprobe, compose healthcheck switch, all five service healthcheck blocks,service_healthywiring for all other deps).Test plan
pytest tests/unit/— 195 passed, 1 skippeddocker compose config— validates cleanlydocker compose up -d && docker compose ps— all services healthy; log-shipper starts after coraza healthy