rails_health_checks 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +38 -2
  3. data/app/controllers/rails_health_checks/application_controller.rb +2 -0
  4. data/lib/rails_health_checks/authentication.rb +36 -0
  5. data/lib/rails_health_checks/configuration.rb +9 -1
  6. data/lib/rails_health_checks/version.rb +1 -1
  7. data/lib/rails_health_checks.rb +1 -0
  8. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0a376b4d6a5d680684058c1c123903ebc889e48ffa38cfd937cec29d53ebdaf6
4
- data.tar.gz: c5aabce9da9a24785ae363f97cf0781f6a26184a53bfaa6d629fcea671c80189
3
+ metadata.gz: 128aa6485e85de5719cfb25c05192f5dd0277f8277bc6c8b4f74a095402f5f4b
4
+ data.tar.gz: e3b5eb28dd364012552e7f91e3e3b01f9d1db3778b4f7d0fe88662aed45c4073
5
5
  SHA512:
6
- metadata.gz: 35b074807441355e162b1c9bdccf1303ed3ce9c8b125fd6043676261e297c362cce28d3fb651555476c2a14f84ab282a18f1e59bf6b2e10a2e4c7268cab13603
7
- data.tar.gz: e5c9a043d6627f7bbfc8015d6104b679c1f80b99ec23952b353024c037e2c50954af36f1926e404005ab83a8637c360b92dd66e9aaa3722d852b865cd7111beb
6
+ metadata.gz: 02001fd4bbb80bc41567c449c4653aef0afa72766b1413cabe9cbbe61a248d2ef6c86bc1ae18bd2fad378b46748b9550e0b74001026514233de55aa04cc4f6ea
7
+ data.tar.gz: 34460c74d90057174f63461569e2132e320ec4440141e7914fa9c82075b6268f46680514f667dfe9a8eb6932964ab30ffa1d80f071bf8f22e15f9e8a5f6aaa0b
data/README.md CHANGED
@@ -1,11 +1,10 @@
1
1
  # RailsHealthChecks
2
2
 
3
3
  [![CI](https://github.com/eclectic-coding/rails_health_checks/actions/workflows/ci.yml/badge.svg)](https://github.com/eclectic-coding/rails_health_checks/actions/workflows/ci.yml)
4
- [![gem](https://badge.fury.io/rb/rails_health_checks.svg)](https://badge.fury.io/rb/rails_health_checks)
4
+ [![gem](https://img.shields.io/gem/v/rails_health_checks.svg)](https://rubygems.org/gems/rails_health_checks)
5
5
  [![downloads](https://img.shields.io/gem/dt/rails_health_checks.svg)](https://rubygems.org/gems/rails_health_checks)
6
6
  [![ruby](https://img.shields.io/badge/ruby-%3E%3D%203.3-ruby.svg)](https://www.ruby-lang.org)
7
7
  [![codecov](https://codecov.io/gh/eclectic-coding/rails_health_checks/branch/main/graph/badge.svg)](https://codecov.io/gh/eclectic-coding/rails_health_checks)
8
- [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
9
8
 
10
9
  A Rails engine providing structured, pluggable health check endpoints for monitoring application status. Goes beyond Rails' built-in `/up` endpoint with per-check diagnostics, latency tracking, and a configurable check registry.
11
10
 
@@ -14,6 +13,7 @@ A Rails engine providing structured, pluggable health check endpoints for monito
14
13
  - [Installation](#installation)
15
14
  - [Endpoints](#endpoints)
16
15
  - [Configuration](#configuration)
16
+ - [Authentication](#authentication)
17
17
  - [Built-in Checks](#built-in-checks)
18
18
  - [Contributing](#contributing)
19
19
  - [License](#license)
@@ -85,6 +85,42 @@ end
85
85
 
86
86
  ---
87
87
 
88
+ ## Authentication
89
+
90
+ By default health endpoints are public. Use one of the following strategies to restrict access. Unauthenticated requests receive `401 Unauthorized`.
91
+
92
+ ### Bearer token
93
+
94
+ ```ruby
95
+ RailsHealthChecks.configure do |config|
96
+ config.token = ENV["HEALTH_TOKEN"]
97
+ end
98
+ ```
99
+
100
+ Requests must include `Authorization: Bearer <token>`.
101
+
102
+ ### IP allowlist
103
+
104
+ ```ruby
105
+ RailsHealthChecks.configure do |config|
106
+ config.allowed_ips = ["127.0.0.1", "10.0.0.0/8"] # exact IPs or CIDR ranges
107
+ end
108
+ ```
109
+
110
+ ### Custom block
111
+
112
+ ```ruby
113
+ RailsHealthChecks.configure do |config|
114
+ config.authenticate { |request| request.headers["X-Internal"] == "true" }
115
+ end
116
+ ```
117
+
118
+ The block receives the `ActionDispatch::Request` object and must return a truthy value to allow access.
119
+
120
+ [↑ Back to top](#table-of-contents)
121
+
122
+ ---
123
+
88
124
  ## Built-in Checks
89
125
 
90
126
  | Check | Description |
data/app/controllers/rails_health_checks/application_controller.rb CHANGED
@@ -2,5 +2,7 @@
2
2
 
3
3
  module RailsHealthChecks
4
4
  class ApplicationController < ActionController::API
5
+ include Authentication
6
+ before_action :authenticate!
5
7
  end
6
8
  end
data/lib/rails_health_checks/authentication.rb ADDED
@@ -0,0 +1,36 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "ipaddr"
4
+
5
+ module RailsHealthChecks
6
+ module Authentication
7
+ def authenticate!
8
+ config = RailsHealthChecks.configuration
9
+ return unless auth_configured?(config)
10
+ head :unauthorized unless authorized?(config)
11
+ end
12
+
13
+ private
14
+
15
+ def auth_configured?(config)
16
+ config.authenticate_block || config.token || config.allowed_ips
17
+ end
18
+
19
+ def authorized?(config)
20
+ if config.authenticate_block
21
+ config.authenticate_block.call(request)
22
+ elsif config.token
23
+ request.headers["Authorization"] == "Bearer #{config.token}"
24
+ elsif config.allowed_ips
25
+ ip_allowed?(config.allowed_ips)
26
+ end
27
+ end
28
+
29
+ def ip_allowed?(allowed_ips)
30
+ client_ip = IPAddr.new(request.ip)
31
+ allowed_ips.any? { |entry| IPAddr.new(entry).include?(client_ip) }
32
+ rescue IPAddr::InvalidAddressError
33
+ false
34
+ end
35
+ end
36
+ end
data/lib/rails_health_checks/configuration.rb CHANGED
@@ -2,11 +2,19 @@
2
2
 
3
3
  module RailsHealthChecks
4
4
  class Configuration
5
- attr_accessor :checks, :timeout
5
+ attr_accessor :checks, :timeout, :allowed_ips, :token
6
+ attr_reader :authenticate_block
6
7
 
7
8
  def initialize
8
9
  @checks = [:database]
9
10
  @timeout = 5
11
+ @allowed_ips = nil
12
+ @token = nil
13
+ @authenticate_block = nil
14
+ end
15
+
16
+ def authenticate(&block)
17
+ @authenticate_block = block
10
18
  end
11
19
  end
12
20
  end
data/lib/rails_health_checks/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module RailsHealthChecks
4
- VERSION = "0.1.0"
4
+ VERSION = "0.2.0"
5
5
  end
data/lib/rails_health_checks.rb CHANGED
@@ -3,6 +3,7 @@
3
3
  require "rails_health_checks/version"
4
4
  require "rails_health_checks/engine"
5
5
  require "rails_health_checks/configuration"
6
+ require "rails_health_checks/authentication"
6
7
  require "rails_health_checks/check"
7
8
  require "rails_health_checks/checks/database_check"
8
9
  require "rails_health_checks/check_registry"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_health_checks
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chuck Smith
@@ -41,6 +41,7 @@ files:
41
41
  - app/models/rails_health_checks/application_record.rb
42
42
  - config/routes.rb
43
43
  - lib/rails_health_checks.rb
44
+ - lib/rails_health_checks/authentication.rb
44
45
  - lib/rails_health_checks/check.rb
45
46
  - lib/rails_health_checks/check_registry.rb
46
47
  - lib/rails_health_checks/checks/database_check.rb