rx-healthcheck 0.1.6 → 0.1.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9a5089cc2aca4dab181a11a5aa9a3135862d7de57976ded482366a9e147ac7a8
-  data.tar.gz: 4ec642b3e93f6b0f983cb7dff58b4bed8ede3e64dd7655bd1cac7f76583c7dfe
+  metadata.gz: ebf9af8d3b43d1640503ddcba7138d1ef6c04f298faa09b39c8d93fcb0d4eb50
+  data.tar.gz: e22f89c795207f5a3a78bb6f63c362624e6b4104e3834f6ca928ecb1c6fd5b79
 SHA512:
-  metadata.gz: 439bc089d1ce63f1c63f687cdf0b8b473bbcb2f6bbf3c04a847905d176cdb667e6f6c3b6e754121af685b87fc2b00f318ca3e4c6fc2de17fd80cd4cd88693ff2
-  data.tar.gz: 37c97bcd6967d3d336e669d78b6474978771c0d7dbc79daca8276dd66484c2485398f1cc6bd888c5f46f63e4855c33c9b4bb70a7b7e042937b588259e7b61a0f
+  metadata.gz: a194f56c544904474062a866aa7c91cfe6de9548b97802beaa448b4b082dab4c1fc3ffa7f41e3c0aa14b8f94c11d518e586d6984f1a82cbfaf0d2479abc9ce06
+  data.tar.gz: 1fc1ea21c9586cb3583d25ab7c8ab7177d0789ec085cc4de316dd136ebeb3c03872f30c2b54293c2efd254ea5ebae6d0255d86816488020a584e7c1b8c8b39f9

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    rx-healthcheck (0.1.4)
+    rx-healthcheck (0.1.8)
 
 GEM
   remote: https://rubygems.org/
@@ -17,6 +17,7 @@ GEM
     simplecov_json_formatter (0.1.3)
 
 PLATFORMS
+  ruby
   x86_64-linux
 
 DEPENDENCIES
@@ -26,4 +27,4 @@ DEPENDENCIES
   simplecov (= 0.21.2)
 
 BUNDLED WITH
-   2.2.11
+   2.2.29

data/README.md

@@ -59,14 +59,52 @@ deep_secondary: []
 
 Each collection must contain 0 or more `Rx::Check` objects. Those checks will be performed when the health check is queried. Deep checks will always also run the readiness checks.
 
+### Cache
+
+For deep health checks Rx by default will use an in-memory cache. While this is useful when running in production, during testing it could lead to unexpected results.
+You can disable the in-memory cache by setting the cache key false in the options hash.
+
+```ruby
+Rails.application.config.middleware.insert(
+  Rx::Middleware,
+    liveness: [Rx::Check::FileSystemCheck.new],
+    readiness: [
+      Rx::Check::FileSystemCheck.new,
+      Rx::Check::ActiveRecordCheck.new,
+      Rx::Check::HttpCheck.new("http://example.com"),
+      Rx::Check::GenericCheck.new(-> { $redis.ping == "PONG" }, "redis")],
+    deep_critical: [Rx::Check::HttpCheck.new("http://criticalservice.com/health")],
+    deep_secondary: [Rx::Check::HttpCheck.new("http://otherservice.com/health-check")],
+    options: {
+      cache: false
+    }
+  )
+```
+
+### Deep end-point authorization
+
+It is considered as a good practice to protect the deep checks with a GUID to mitigate DDOS attacks. Hence you have 2 options to enable this. One is to use the `default_authorization` by passing the token to the authorization inside options hash, which you can use in a request with the authorization_token in the header of it. The other option would be to pass a lambda with an env argument (this gives you access to hash of request data) and have your own `custom_authorization`:
+
+```ruby
+options: {
+  #default
+  authorization: <token>
+
+  #custom
+  authorization: -> (env) {
+    #your code goes here
+  }
+ }
+```
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/zachpendleton/rx.
 
 Some tips for developing the gem locally:
 
-* Tests can be run by calling `rake`
-* You can point your Rails app to a local gem by adding a `path` option to your Gemfile, a la `gem "rx", path: "path/to/rx" (though you _will_ need to restart Rails whenever you change the gem).
+- Tests can be run by calling `rake`
+- You can point your Rails app to a local gem by adding a `path` option to your Gemfile, a la `gem "rx", path: "path/to/rx" (though you _will_ need to restart Rails whenever you change the gem).
 
 ## License
 

data/lib/rx/cache/{in_memory_cache.rb → lru_cache.rb}

@@ -2,7 +2,7 @@ require_relative "../util/heap"
 
 module Rx
   module Cache
-    class InMemoryCache
+    class LRUCache
       def initialize
         @heap = Rx::Util::Heap.new do |a, b|
           a[1] < b[1]

data/lib/rx/cache/map_cache.rb

@@ -0,0 +1,45 @@
+require "thread"
+
+module Rx
+  module Cache
+    class MapCache
+      def initialize
+        @data = {}
+        @lock = Mutex.new
+      end
+
+      def cache(k, expires_in = 60)
+        unless (value = get(k)).nil?
+          return value
+        end
+
+        value = yield
+        put(k, value, expires_in)
+        value
+      end
+
+      def get(k)
+        lock.synchronize do
+          value = data[k]
+          return nil unless value
+
+          if value[1] < Time.now
+            data.delete(k)
+            return nil
+          end
+          
+          value[0]
+        end
+      end
+
+      def put(k, v, expires_in = 60)
+        lock.synchronize do
+          data[k] = [v, Time.now + expires_in]
+        end
+      end
+
+      private
+      attr_reader :data, :lock
+    end
+  end
+end

data/lib/rx/concurrent/future.rb

@@ -32,7 +32,7 @@ module Rx
         @state = :in_progress
         pool.submit do
           begin
-            channel << work.call
+            channel << execute_work(&work)
             @state = :completed
           rescue StandardError => ex
             @error = ex
@@ -70,6 +70,10 @@ module Rx
       def pool
         @@pool
       end
+
+      def execute_work(&block)
+        defined?(Rails) ? Rails.application.executor.wrap(&block) : block.call
+      end
     end
   end
 end

data/lib/rx/middleware.rb

@@ -3,7 +3,8 @@ require "json"
 module Rx
   class Middleware
     DEFAULT_OPTIONS = {
-      cache: true
+      cache: true,
+      authorization: nil
     }.freeze
 
     def initialize(app,
@@ -34,12 +35,16 @@ module Rx
       when "/readiness"
         readiness_response(check_to_component(readiness_checks))
       when "/deep"
-        @cache.cache("deep") do
-          readiness = check_to_component(readiness_checks)
-          critical  = check_to_component(deep_critical_checks)
-          secondary = check_to_component(deep_secondary_checks)
-
-          deep_response(readiness, critical, secondary)
+        if !Rx::Util::HealthCheckAuthorization.new(env, @options[:authorization]).ok?
+          deep_response_authorization_failed
+        else
+          @cache.cache("deep") do
+            readiness = check_to_component(readiness_checks)
+            critical  = check_to_component(deep_critical_checks)
+            secondary = check_to_component(deep_secondary_checks)
+
+            deep_response(readiness, critical, secondary)
+          end
         end
       end
     end
@@ -50,11 +55,16 @@ module Rx
                 :deep_secondary_checks, :options
 
     def cache_factory(options)
-      unless options[:cache]
-        return Rx::Cache::NoOpCache.new
+      case options[:cache]
+      when true
+        Rx::Cache::LRUCache.new
+      when "LRU"
+        Rx::Cache::LRUCache.new
+      when "MAP"
+        Rx::Cache::MapCache.new
+      else
+        Rx::Cache::NoOpCache.new
       end
-
-      Rx::Cache::InMemoryCache.new
     end
 
     def health_check_request?(path)
@@ -79,6 +89,14 @@ module Rx
       ]
     end
 
+    def deep_response_authorization_failed
+      [
+        403,
+        {"content-type" => "application/json"},
+        [JSON.dump({ message: "authorization failed" })]
+      ]
+    end
+
     def deep_response(readiness, critical, secondary)
       status = (readiness.map { |x| x[:status] == 200 } + critical.map { |x| x[:status] == 200 }).all? ? 200 : 503
 

data/lib/rx/util/health_check_authorization.rb

@@ -0,0 +1,25 @@
+module Rx
+  module Util
+    class HealthCheckAuthorization
+      HTTP_HEADER = "HTTP_AUTHORIZATION"
+
+      def initialize(env, authorization)
+        @authorization = authorization
+        @env = env
+      end
+
+      def ok?
+        case @authorization
+          when NilClass
+            true
+          when Proc
+            @authorization.call(@env)
+          when String
+            @authorization == @env[HTTP_HEADER]
+          else
+            raise StandardError.new("Authorization is not configured properly")
+        end
+      end
+    end
+  end
+end

data/lib/rx/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Rx
-  VERSION = "0.1.6"
+  VERSION = "0.1.9"
 end

data/lib/rx.rb

@@ -2,7 +2,8 @@
 
 require_relative "rx/version"
 require_relative "rx/middleware"
-require_relative "rx/cache/in_memory_cache"
+require_relative "rx/cache/lru_cache"
+require_relative "rx/cache/map_cache"
 require_relative "rx/cache/no_op_cache"
 require_relative "rx/check/active_record_check"
 require_relative "rx/check/file_system_check"
@@ -12,6 +13,7 @@ require_relative "rx/check/result"
 require_relative "rx/concurrent/future"
 require_relative "rx/concurrent/thread_pool"
 require_relative "rx/util/heap"
+require_relative "rx/util/health_check_authorization"
 
 module Rx
   class Error < StandardError; end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rx-healthcheck
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.9
 platform: ruby
 authors:
 - Zach Pendleton
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-09-29 00:00:00.000000000 Z
+date: 2022-04-27 00:00:00.000000000 Z
 dependencies: []
 description: 
 email:
@@ -26,7 +26,8 @@ files:
 - bin/console
 - bin/setup
 - lib/rx.rb
-- lib/rx/cache/in_memory_cache.rb
+- lib/rx/cache/lru_cache.rb
+- lib/rx/cache/map_cache.rb
 - lib/rx/cache/no_op_cache.rb
 - lib/rx/check/active_record_check.rb
 - lib/rx/check/file_system_check.rb
@@ -36,6 +37,7 @@ files:
 - lib/rx/concurrent/future.rb
 - lib/rx/concurrent/thread_pool.rb
 - lib/rx/middleware.rb
+- lib/rx/util/health_check_authorization.rb
 - lib/rx/util/heap.rb
 - lib/rx/version.rb
 - rx.gemspec