@checkstack/healthcheck-backend 0.0.3 → 0.2.0

package/CHANGELOG.md

@@ -1,5 +1,154 @@
 # @checkstack/healthcheck-backend
 
+## 0.2.0
+
+### Minor Changes
+
+- 8e43507: # Teams and Resource-Level Access Control
+
+  This release introduces a comprehensive Teams system for organizing users and controlling access to resources at a granular level.
+
+  ## Features
+
+  ### Team Management
+
+  - Create, update, and delete teams with name and description
+  - Add/remove users from teams
+  - Designate team managers with elevated privileges
+  - View team membership and manager status
+
+  ### Resource-Level Access Control
+
+  - Grant teams access to specific resources (systems, health checks, incidents, maintenances)
+  - Configure read-only or manage permissions per team
+  - Resource-level "Team Only" mode that restricts access exclusively to team members
+  - Separate `resourceAccessSettings` table for resource-level settings (not per-grant)
+  - Automatic cleanup of grants when teams are deleted (database cascade)
+
+  ### Middleware Integration
+
+  - Extended `autoAuthMiddleware` to support resource access checks
+  - Single-resource pre-handler validation for detail endpoints
+  - Automatic list filtering for collection endpoints
+  - S2S endpoints for access verification
+
+  ### Frontend Components
+
+  - `TeamsTab` component for managing teams in Auth Settings
+  - `TeamAccessEditor` component for assigning team access to resources
+  - Resource-level "Team Only" toggle in `TeamAccessEditor`
+  - Integration into System, Health Check, Incident, and Maintenance editors
+
+  ## Breaking Changes
+
+  ### API Response Format Changes
+
+  List endpoints now return objects with named keys instead of arrays directly:
+
+  ```typescript
+  // Before
+  const systems = await catalogApi.getSystems();
+
+  // After
+  const { systems } = await catalogApi.getSystems();
+  ```
+
+  Affected endpoints:
+
+  - `catalog.getSystems` → `{ systems: [...] }`
+  - `healthcheck.getConfigurations` → `{ configurations: [...] }`
+  - `incident.listIncidents` → `{ incidents: [...] }`
+  - `maintenance.listMaintenances` → `{ maintenances: [...] }`
+
+  ### User Identity Enrichment
+
+  `RealUser` and `ApplicationUser` types now include `teamIds: string[]` field with team memberships.
+
+  ## Documentation
+
+  See `docs/backend/teams.md` for complete API reference and integration guide.
+
+- 97c5a6b: Add UUID-based collector identification for better multiple collector support
+
+  **Breaking Change**: Existing health check configurations with collectors need to be recreated.
+
+  - Each collector instance now has a unique UUID assigned on creation
+  - Collector results are stored under the UUID key with `_collectorId` and `_assertionFailed` metadata
+  - Auto-charts correctly display separate charts for each collector instance
+  - Charts are now grouped by collector instance with clear headings
+  - Assertion status card shows pass/fail for each collector
+  - Renamed "Success" to "HTTP Success" to clarify it's about HTTP request success
+  - Fixed deletion of collectors not persisting to database
+  - Fixed duplicate React key warnings in auto-chart grid
+
+### Patch Changes
+
+- 97c5a6b: Fix collector lookup when health check is assigned to a system
+
+  Collectors are now stored in the registry with their fully-qualified ID format (ownerPluginId.collectorId) to match how they are referenced in health check configurations. Added `qualifiedId` field to `RegisteredCollector` interface to avoid re-constructing the ID at query time. This fixes the "Collector not found" warning that occurred when executing health checks with assigned systems.
+
+- Updated dependencies [97c5a6b]
+- Updated dependencies [8e43507]
+- Updated dependencies [8e43507]
+- Updated dependencies [97c5a6b]
+  - @checkstack/backend-api@0.2.0
+  - @checkstack/catalog-common@1.0.0
+  - @checkstack/catalog-backend@0.1.0
+  - @checkstack/common@0.1.0
+  - @checkstack/healthcheck-common@0.2.0
+  - @checkstack/command-backend@0.0.4
+  - @checkstack/integration-backend@0.0.4
+  - @checkstack/queue-api@0.0.4
+  - @checkstack/signal-common@0.0.4
+
+## 0.1.0
+
+### Minor Changes
+
+- f5b1f49: Extended health check system with per-collector assertion support.
+
+  - Added `collectors` column to `healthCheckConfigurations` schema for storing collector configs
+  - Updated queue-executor to run configured collectors and evaluate per-collector assertions
+  - Added `CollectorAssertionSchema` to healthcheck-common for assertion validation
+  - Results now stored with `metadata.collectors` containing per-collector result data
+
+### Patch Changes
+
+- f5b1f49: Added JSONPath assertions for response body validation and fully qualified strategy IDs.
+
+  **JSONPath Assertions:**
+
+  - Added `healthResultJSONPath()` factory in healthcheck-common for fields supporting JSONPath queries
+  - Extended AssertionBuilder with jsonpath field type showing path input (e.g., `$.data.status`)
+  - Added `jsonPath` field to `CollectorAssertionSchema` for persistence
+  - HTTP Request collector body field now supports JSONPath assertions
+
+  **Fully Qualified Strategy IDs:**
+
+  - HealthCheckRegistry now uses scoped factories like CollectorRegistry
+  - Strategies are stored with `pluginId.strategyId` format
+  - Added `getStrategiesWithMeta()` method to HealthCheckRegistry interface
+  - Router returns qualified IDs so frontend can correctly fetch collectors
+
+  **UI Improvements:**
+
+  - Save button disabled when collector configs have invalid required fields
+  - Fixed nested button warning in CollectorList accordion
+
+- Updated dependencies [f5b1f49]
+- Updated dependencies [f5b1f49]
+- Updated dependencies [f5b1f49]
+- Updated dependencies [f5b1f49]
+  - @checkstack/backend-api@0.1.0
+  - @checkstack/healthcheck-common@0.1.0
+  - @checkstack/common@0.0.3
+  - @checkstack/catalog-backend@0.0.3
+  - @checkstack/command-backend@0.0.3
+  - @checkstack/integration-backend@0.0.3
+  - @checkstack/queue-api@0.0.3
+  - @checkstack/catalog-common@0.0.3
+  - @checkstack/signal-common@0.0.3
+
 ## 0.0.3
 
 ### Patch Changes

package/drizzle/0006_reflective_power_pack.sql

@@ -0,0 +1 @@
+ALTER TABLE "health_check_configurations" ADD COLUMN "collectors" jsonb;

package/drizzle/meta/0006_snapshot.json

@@ -0,0 +1,407 @@
+{
+  "id": "1ae9bf74-594e-4801-b49a-e1b7073d8572",
+  "prevId": "18e326cb-700a-4c6e-bc15-43335c6bb035",
+  "version": "7",
+  "dialect": "postgresql",
+  "tables": {
+    "public.health_check_aggregates": {
+      "name": "health_check_aggregates",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "configuration_id": {
+          "name": "configuration_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "system_id": {
+          "name": "system_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "bucket_start": {
+          "name": "bucket_start",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "bucket_size": {
+          "name": "bucket_size",
+          "type": "bucket_size",
+          "typeSchema": "public",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "run_count": {
+          "name": "run_count",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "healthy_count": {
+          "name": "healthy_count",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "degraded_count": {
+          "name": "degraded_count",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "unhealthy_count": {
+          "name": "unhealthy_count",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "avg_latency_ms": {
+          "name": "avg_latency_ms",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "min_latency_ms": {
+          "name": "min_latency_ms",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "max_latency_ms": {
+          "name": "max_latency_ms",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "p95_latency_ms": {
+          "name": "p95_latency_ms",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "aggregated_result": {
+          "name": "aggregated_result",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": false
+        }
+      },
+      "indexes": {
+        "health_check_aggregates_bucket_unique": {
+          "name": "health_check_aggregates_bucket_unique",
+          "columns": [
+            {
+              "expression": "configuration_id",
+              "isExpression": false,
+              "asc": true,
+              "nulls": "last"
+            },
+            {
+              "expression": "system_id",
+              "isExpression": false,
+              "asc": true,
+              "nulls": "last"
+            },
+            {
+              "expression": "bucket_start",
+              "isExpression": false,
+              "asc": true,
+              "nulls": "last"
+            },
+            {
+              "expression": "bucket_size",
+              "isExpression": false,
+              "asc": true,
+              "nulls": "last"
+            }
+          ],
+          "isUnique": true,
+          "concurrently": false,
+          "method": "btree",
+          "with": {}
+        }
+      },
+      "foreignKeys": {
+        "health_check_aggregates_configuration_id_health_check_configurations_id_fk": {
+          "name": "health_check_aggregates_configuration_id_health_check_configurations_id_fk",
+          "tableFrom": "health_check_aggregates",
+          "tableTo": "health_check_configurations",
+          "columnsFrom": [
+            "configuration_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.health_check_configurations": {
+      "name": "health_check_configurations",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "name": {
+          "name": "name",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "strategy_id": {
+          "name": "strategy_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "config": {
+          "name": "config",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "collectors": {
+          "name": "collectors",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "interval_seconds": {
+          "name": "interval_seconds",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "is_template": {
+          "name": "is_template",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": false,
+          "default": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.health_check_runs": {
+      "name": "health_check_runs",
+      "schema": "",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "configuration_id": {
+          "name": "configuration_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "system_id": {
+          "name": "system_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "status": {
+          "name": "status",
+          "type": "health_check_status",
+          "typeSchema": "public",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "latency_ms": {
+          "name": "latency_ms",
+          "type": "integer",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "result": {
+          "name": "result",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "timestamp": {
+          "name": "timestamp",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "health_check_runs_configuration_id_health_check_configurations_id_fk": {
+          "name": "health_check_runs_configuration_id_health_check_configurations_id_fk",
+          "tableFrom": "health_check_runs",
+          "tableTo": "health_check_configurations",
+          "columnsFrom": [
+            "configuration_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    },
+    "public.system_health_checks": {
+      "name": "system_health_checks",
+      "schema": "",
+      "columns": {
+        "system_id": {
+          "name": "system_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "configuration_id": {
+          "name": "configuration_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "enabled": {
+          "name": "enabled",
+          "type": "boolean",
+          "primaryKey": false,
+          "notNull": true,
+          "default": true
+        },
+        "state_thresholds": {
+          "name": "state_thresholds",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "retention_config": {
+          "name": "retention_config",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamp",
+          "primaryKey": false,
+          "notNull": true,
+          "default": "now()"
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "system_health_checks_configuration_id_health_check_configurations_id_fk": {
+          "name": "system_health_checks_configuration_id_health_check_configurations_id_fk",
+          "tableFrom": "system_health_checks",
+          "tableTo": "health_check_configurations",
+          "columnsFrom": [
+            "configuration_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "system_health_checks_system_id_configuration_id_pk": {
+          "name": "system_health_checks_system_id_configuration_id_pk",
+          "columns": [
+            "system_id",
+            "configuration_id"
+          ]
+        }
+      },
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    }
+  },
+  "enums": {
+    "public.bucket_size": {
+      "name": "bucket_size",
+      "schema": "public",
+      "values": [
+        "hourly",
+        "daily"
+      ]
+    },
+    "public.health_check_status": {
+      "name": "health_check_status",
+      "schema": "public",
+      "values": [
+        "healthy",
+        "unhealthy",
+        "degraded"
+      ]
+    }
+  },
+  "schemas": {},
+  "sequences": {},
+  "roles": {},
+  "policies": {},
+  "views": {},
+  "_meta": {
+    "columns": {},
+    "schemas": {},
+    "tables": {}
+  }
+}

package/drizzle/meta/_journal.json

@@ -43,6 +43,13 @@
       "when": 1767538124052,
       "tag": "0005_glossy_longshot",
       "breakpoints": true
+    },
+    {
+      "idx": 6,
+      "version": "7",
+      "when": 1768012161285,
+      "tag": "0006_reflective_power_pack",
+      "breakpoints": true
     }
   ]
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/healthcheck-backend",
-  "version": "0.0.3",
+  "version": "0.2.0",
   "type": "module",
   "main": "src/index.ts",
   "scripts": {

package/src/index.ts

@@ -90,6 +90,7 @@ export default createBackendPlugin({
       deps: {
         logger: coreServices.logger,
         healthCheckRegistry: coreServices.healthCheckRegistry,
+        collectorRegistry: coreServices.collectorRegistry,
         rpc: coreServices.rpc,
         rpcClient: coreServices.rpcClient,
         queueManager: coreServices.queueManager,
@@ -100,6 +101,7 @@ export default createBackendPlugin({
         logger,
         database,
         healthCheckRegistry,
+        collectorRegistry,
         rpc,
         rpcClient,
         queueManager,
@@ -114,6 +116,7 @@ export default createBackendPlugin({
         await setupHealthCheckWorker({
           db: database,
           registry: healthCheckRegistry,
+          collectorRegistry,
           logger,
           queueManager,
           signalService,

package/src/queue-executor.test.ts

@@ -18,7 +18,7 @@ import {
 } from "@checkstack/backend-api";
 import { mock } from "bun:test";
 
-// Helper to create mock health check registry
+// Helper to create mock health check registry with createClient pattern
 const createMockRegistry = (): HealthCheckRegistry => ({
   getStrategy: mock((id: string) => ({
     id,
@@ -28,19 +28,32 @@ const createMockRegistry = (): HealthCheckRegistry => ({
       version: 1,
       schema: z.object({}),
     }),
+    result: new Versioned({
+      version: 1,
+      schema: z.object({}),
+    }),
     aggregatedResult: new Versioned({
       version: 1,
       schema: z.object({}),
     }),
-    execute: mock(async () => ({
-      status: "healthy" as const,
-      message: "Mock check passed",
-      timestamp: new Date().toISOString(),
+    createClient: mock(async () => ({
+      client: {
+        exec: mock(async () => ({})),
+      },
+      close: mock(() => {}),
     })),
     aggregateResult: mock(() => ({})),
   })),
   register: mock(() => {}),
   getStrategies: mock(() => []),
+  getStrategiesWithMeta: mock(() => []),
+});
+
+// Helper to create mock collector registry
+const createMockCollectorRegistry = () => ({
+  register: mock(() => {}),
+  getCollector: mock(() => undefined),
+  getCollectors: mock(() => []),
 });
 
 // Helper to create mock catalog client for notification delegation
@@ -48,7 +61,7 @@ const createMockCatalogClient = () => ({
   notifySystemSubscribers: mock(async () => ({ notifiedCount: 0 })),
   // Other methods not used in queue-executor
   getEntities: mock(async () => ({ systems: [], groups: [] })),
-  getSystems: mock(async () => []),
+  getSystems: mock(async () => ({ systems: [] })),
   getGroups: mock(async () => []),
   createSystem: mock(async () => ({})),
   updateSystem: mock(async () => ({})),
@@ -120,6 +133,10 @@ describe("Queue-Based Health Check Executor", () => {
           typeof setupHealthCheckWorker
         >[0]["db"],
         registry: mockRegistry,
+        collectorRegistry:
+          createMockCollectorRegistry() as unknown as Parameters<
+            typeof setupHealthCheckWorker
+          >[0]["collectorRegistry"],
         logger: mockLogger,
         queueManager: mockQueueManager,
         signalService: createMockSignalService(),

package/src/queue-executor.ts

@@ -2,6 +2,8 @@ import {
   HealthCheckRegistry,
   Logger,
   type EmitHookFn,
+  type CollectorRegistry,
+  evaluateAssertions,
 } from "@checkstack/backend-api";
 import { QueueManager } from "@checkstack/queue-api";
 import {
@@ -159,6 +161,7 @@ async function executeHealthCheckJob(props: {
   payload: HealthCheckJobPayload;
   db: Db;
   registry: HealthCheckRegistry;
+  collectorRegistry: CollectorRegistry;
   logger: Logger;
   signalService: SignalService;
   catalogClient: CatalogClient;
@@ -168,6 +171,7 @@ async function executeHealthCheckJob(props: {
     payload,
     db,
     registry,
+    collectorRegistry,
     logger,
     signalService,
     catalogClient,
@@ -190,6 +194,7 @@ async function executeHealthCheckJob(props: {
         configName: healthCheckConfigurations.name,
         strategyId: healthCheckConfigurations.strategyId,
         config: healthCheckConfigurations.config,
+        collectors: healthCheckConfigurations.collectors,
         interval: healthCheckConfigurations.intervalSeconds,
         enabled: systemHealthChecks.enabled,
       })
@@ -234,10 +239,165 @@ async function executeHealthCheckJob(props: {
       return;
     }
 
-    // Execute health check
-    const result = await strategy.execute(
-      configRow.config as Record<string, unknown>
-    );
+    // Execute health check using createClient pattern
+    const start = performance.now();
+    let connectedClient;
+    try {
+      connectedClient = await strategy.createClient(
+        configRow.config as Record<string, unknown>
+      );
+    } catch (error) {
+      // Connection failed
+      const latencyMs = Math.round(performance.now() - start);
+      const errorMessage =
+        error instanceof Error ? error.message : "Connection failed";
+
+      const result = {
+        status: "unhealthy" as const,
+        latencyMs,
+        message: errorMessage,
+        metadata: { connected: false, error: errorMessage },
+      };
+
+      await db.insert(healthCheckRuns).values({
+        configurationId: configId,
+        systemId,
+        status: result.status,
+        latencyMs: result.latencyMs,
+        result: { ...result } as Record<string, unknown>,
+      });
+
+      logger.debug(
+        `Health check ${configId} for system ${systemId} failed: ${errorMessage}`
+      );
+
+      // Broadcast failure signal
+      await signalService.broadcast(HEALTH_CHECK_RUN_COMPLETED, {
+        systemId,
+        systemName,
+        configurationId: configId,
+        configurationName: configRow.configName,
+        status: result.status,
+        latencyMs: result.latencyMs,
+      });
+
+      // Check and notify state change
+      const newState = await service.getSystemHealthStatus(systemId);
+      if (newState.status !== previousStatus) {
+        await notifyStateChange({
+          systemId,
+          previousStatus,
+          newStatus: newState.status,
+          catalogClient,
+          logger,
+        });
+      }
+
+      return;
+    }
+
+    const connectionTimeMs = Math.round(performance.now() - start);
+
+    // Execute collectors
+    const collectors = configRow.collectors ?? [];
+    const collectorResults: Record<string, unknown> = {};
+    let hasCollectorError = false;
+    let errorMessage: string | undefined;
+
+    try {
+      for (const collectorEntry of collectors) {
+        const registered = collectorRegistry.getCollector(
+          collectorEntry.collectorId
+        );
+        if (!registered) {
+          logger.warn(
+            `Collector ${collectorEntry.collectorId} not found, skipping`
+          );
+          continue;
+        }
+
+        // Use the collector's UUID as the storage key
+        const storageKey = collectorEntry.id;
+
+        try {
+          const collectorResult = await registered.collector.execute({
+            config: collectorEntry.config,
+            client: connectedClient.client,
+            pluginId: configRow.strategyId,
+          });
+
+          // Check for collector-level error
+          if (collectorResult.error) {
+            hasCollectorError = true;
+            errorMessage = collectorResult.error;
+          }
+
+          // Evaluate per-collector assertions
+          let assertionFailed: string | undefined;
+          if (
+            collectorEntry.assertions &&
+            collectorEntry.assertions.length > 0 &&
+            collectorResult.result
+          ) {
+            const assertions = collectorEntry.assertions;
+            const failedAssertion = evaluateAssertions(
+              assertions,
+              collectorResult.result as Record<string, unknown>
+            );
+            if (failedAssertion) {
+              hasCollectorError = true;
+              assertionFailed = `${failedAssertion.field} ${
+                failedAssertion.operator
+              } ${failedAssertion.value ?? ""}`;
+              errorMessage = `Assertion failed: ${assertionFailed}`;
+              logger.debug(
+                `Collector ${storageKey} assertion failed: ${errorMessage}`
+              );
+            }
+          }
+
+          // Store result under the collector's UUID, with collector type and assertion metadata
+          collectorResults[storageKey] = {
+            _collectorId: collectorEntry.collectorId, // Store the type for frontend schema linking
+            _assertionFailed: assertionFailed, // null if no assertion failed
+            ...collectorResult.result,
+          };
+        } catch (error) {
+          hasCollectorError = true;
+          errorMessage = error instanceof Error ? error.message : String(error);
+          collectorResults[storageKey] = {
+            _collectorId: collectorEntry.collectorId,
+            _assertionFailed: undefined,
+            error: errorMessage,
+          };
+          logger.debug(`Collector ${storageKey} failed: ${errorMessage}`);
+        }
+      }
+    } finally {
+      // Clean up connection
+      try {
+        connectedClient.close();
+      } catch {
+        // Ignore close errors
+      }
+    }
+
+    // Determine health status based on collector results
+    const status = hasCollectorError ? "unhealthy" : "healthy";
+    const totalLatencyMs = Math.round(performance.now() - start);
+
+    const result = {
+      status: status as "healthy" | "unhealthy",
+      latencyMs: totalLatencyMs,
+      message: hasCollectorError
+        ? `Check failed: ${errorMessage}`
+        : `Completed in ${totalLatencyMs}ms`,
+      metadata: {
+        connected: true,
+        connectionTimeMs,
+        collectors: collectorResults,
+      },
+    };
 
     // Store result (spread to convert structured type to plain record for jsonb)
     await db.insert(healthCheckRuns).values({
@@ -412,6 +572,7 @@ async function executeHealthCheckJob(props: {
 export async function setupHealthCheckWorker(props: {
   db: Db;
   registry: HealthCheckRegistry;
+  collectorRegistry: CollectorRegistry;
   logger: Logger;
   queueManager: QueueManager;
   signalService: SignalService;
@@ -421,6 +582,7 @@ export async function setupHealthCheckWorker(props: {
   const {
     db,
     registry,
+    collectorRegistry,
     logger,
     queueManager,
     signalService,
@@ -438,6 +600,7 @@ export async function setupHealthCheckWorker(props: {
         payload: job.data,
         db,
         registry,
+        collectorRegistry,
         logger,
         signalService,
         catalogClient,

package/src/router.test.ts

@@ -40,6 +40,7 @@ describe("HealthCheck Router", () => {
     register: mock(),
     getStrategy: mock(),
     getStrategies: mock(() => []),
+    getStrategiesWithMeta: mock(() => []),
   };
 
   const router = createHealthCheckRouter(mockDb as never, mockRegistry);
@@ -48,26 +49,31 @@ describe("HealthCheck Router", () => {
     const context = createMockRpcContext({
       user: mockUser,
       healthCheckRegistry: {
-        getStrategies: mock().mockReturnValue([
+        getStrategiesWithMeta: mock().mockReturnValue([
           {
-            id: "http",
-            displayName: "HTTP",
-            description: "Check HTTP",
-            config: {
-              version: 1,
-              schema: z.object({}),
-            },
-            aggregatedResult: {
-              schema: z.object({}),
+            strategy: {
+              id: "http",
+              displayName: "HTTP",
+              description: "Check HTTP",
+              config: {
+                version: 1,
+                schema: z.object({}),
+              },
+              aggregatedResult: {
+                schema: z.object({}),
+              },
             },
+            qualifiedId: "healthcheck-http.http",
+            ownerPluginId: "healthcheck-http",
           },
         ]),
-      } as any,
+        getStrategies: mock().mockReturnValue([]),
+      } as never,
     });
 
     const result = await call(router.getStrategies, undefined, { context });
     expect(result).toHaveLength(1);
-    expect(result[0].id).toBe("http");
+    expect(result[0].id).toBe("healthcheck-http.http");
   });
 
   it("getConfigurations calls service", async () => {
@@ -76,6 +82,65 @@ describe("HealthCheck Router", () => {
     });
 
     const result = await call(router.getConfigurations, undefined, { context });
-    expect(Array.isArray(result)).toBe(true);
+    expect(result).toHaveProperty("configurations");
+    expect(Array.isArray(result.configurations)).toBe(true);
+  });
+
+  it("getCollectors returns collectors for strategy", async () => {
+    const mockCollector = {
+      qualifiedId: "collector-hardware.cpu",
+      collector: {
+        id: "cpu",
+        displayName: "CPU Metrics",
+        description: "Collect CPU stats",
+        supportedPlugins: [{ pluginId: "healthcheck-ssh" }],
+        allowMultiple: false,
+        config: { version: 1, schema: z.object({}) },
+        result: { version: 1, schema: z.object({}) },
+        aggregatedResult: { version: 1, schema: z.object({}) },
+      },
+      ownerPlugin: { pluginId: "collector-hardware" },
+    };
+
+    const context = createMockRpcContext({
+      user: mockUser,
+      healthCheckRegistry: {
+        getStrategy: mock().mockReturnValue({ id: "healthcheck-ssh" }),
+        getStrategies: mock().mockReturnValue([]),
+      } as never,
+      collectorRegistry: {
+        getCollectorsForPlugin: mock().mockReturnValue([mockCollector]),
+        getCollector: mock(),
+        getCollectors: mock().mockReturnValue([]),
+        register: mock(),
+      } as never,
+    });
+
+    const result = await call(
+      router.getCollectors,
+      { strategyId: "healthcheck-ssh" },
+      { context }
+    );
+    expect(result).toHaveLength(1);
+    expect(result[0].id).toBe("collector-hardware.cpu");
+    expect(result[0].displayName).toBe("CPU Metrics");
+    expect(result[0].allowMultiple).toBe(false);
+  });
+
+  it("getCollectors returns empty for unknown strategy", async () => {
+    const context = createMockRpcContext({
+      user: mockUser,
+      healthCheckRegistry: {
+        getStrategy: mock().mockReturnValue(undefined),
+        getStrategies: mock().mockReturnValue([]),
+      } as never,
+    });
+
+    const result = await call(
+      router.getCollectors,
+      { strategyId: "unknown" },
+      { context }
+    );
+    expect(result).toHaveLength(0);
   });
 });

package/src/router.ts

@@ -31,22 +31,55 @@ export const createHealthCheckRouter = (
 
   return os.router({
     getStrategies: os.getStrategies.handler(async ({ context }) => {
-      return context.healthCheckRegistry.getStrategies().map((s) => ({
-        id: s.id,
-        displayName: s.displayName,
-        description: s.description,
-        configSchema: toJsonSchema(s.config.schema),
-        resultSchema: s.result
-          ? toJsonSchemaWithChartMeta(s.result.schema)
+      return context.healthCheckRegistry.getStrategiesWithMeta().map((r) => ({
+        id: r.qualifiedId, // Return fully qualified ID
+        displayName: r.strategy.displayName,
+        description: r.strategy.description,
+        configSchema: toJsonSchema(r.strategy.config.schema),
+        resultSchema: r.strategy.result
+          ? toJsonSchemaWithChartMeta(r.strategy.result.schema)
           : undefined,
         aggregatedResultSchema: toJsonSchemaWithChartMeta(
-          s.aggregatedResult.schema
+          r.strategy.aggregatedResult.schema
         ),
       }));
     }),
 
+    getCollectors: os.getCollectors.handler(async ({ input, context }) => {
+      // Get strategy to verify it exists
+      const strategy = context.healthCheckRegistry.getStrategy(
+        input.strategyId
+      );
+      if (!strategy) {
+        return [];
+      }
+
+      // Strategy ID is fully qualified: pluginId.strategyId
+      // Extract the plugin ID (everything before the last dot)
+      const lastDotIndex = input.strategyId.lastIndexOf(".");
+      const pluginId =
+        lastDotIndex > 0
+          ? input.strategyId.slice(0, lastDotIndex)
+          : input.strategyId;
+
+      // Get collectors that support this strategy's plugin
+      const registeredCollectors =
+        context.collectorRegistry.getCollectorsForPlugin({
+          pluginId,
+        });
+
+      return registeredCollectors.map(({ qualifiedId, collector }) => ({
+        id: qualifiedId,
+        displayName: collector.displayName,
+        description: collector.description,
+        configSchema: toJsonSchema(collector.config.schema),
+        resultSchema: toJsonSchemaWithChartMeta(collector.result.schema),
+        allowMultiple: collector.allowMultiple ?? false,
+      }));
+    }),
+
     getConfigurations: os.getConfigurations.handler(async () => {
-      return service.getConfigurations();
+      return { configurations: await service.getConfigurations() };
     }),
 
     createConfiguration: os.createConfiguration.handler(async ({ input }) => {

package/src/schema-utils.ts

@@ -58,6 +58,8 @@ function addHealthResultMeta(
         jsonField["x-chart-label"] = healthMeta["x-chart-label"];
       if (healthMeta["x-chart-unit"])
         jsonField["x-chart-unit"] = healthMeta["x-chart-unit"];
+      if (healthMeta["x-jsonpath"])
+        jsonField["x-jsonpath"] = healthMeta["x-jsonpath"];
     }
 
     // Recurse into nested objects and arrays

package/src/schema.ts

@@ -10,7 +10,10 @@ import {
   primaryKey,
   uniqueIndex,
 } from "drizzle-orm/pg-core";
-import type { StateThresholds } from "@checkstack/healthcheck-common";
+import type {
+  StateThresholds,
+  CollectorConfigEntry,
+} from "@checkstack/healthcheck-common";
 import type { VersionedRecord } from "@checkstack/backend-api";
 
 /**
@@ -38,6 +41,8 @@ export const healthCheckConfigurations = pgTable(
     name: text("name").notNull(),
     strategyId: text("strategy_id").notNull(),
     config: jsonb("config").$type<Record<string, unknown>>().notNull(),
+    /** Collector configurations for this health check */
+    collectors: jsonb("collectors").$type<CollectorConfigEntry[]>(),
     intervalSeconds: integer("interval_seconds").notNull(),
     isTemplate: boolean("is_template").default(false),
     createdAt: timestamp("created_at").defaultNow().notNull(),

package/src/service.ts

@@ -49,6 +49,7 @@ export class HealthCheckService {
         name: data.name,
         strategyId: data.strategyId,
         config: data.config,
+        collectors: data.collectors ?? undefined,
         intervalSeconds: data.intervalSeconds,
         isTemplate: false, // Defaulting for now
       })
@@ -715,6 +716,7 @@ export class HealthCheckService {
       name: row.name,
       strategyId: row.strategyId,
       config: row.config,
+      collectors: row.collectors ?? undefined,
       intervalSeconds: row.intervalSeconds,
       createdAt: row.createdAt,
       updatedAt: row.updatedAt,