Add a healthcheck API endpoint
User stories:
- The deployment process wants to check if the API is "OK" after deployment.
- Server admin wants to regularly know if system as a whole is working for monitoring
- Frontend app wants to show a warning if a related backend is not working. A server admin wants to do maintenance on a backend service and wants the users to know about it. pdf-as server gets shutdown, esign user should be notified that the service is limited.
Suggestion:
-
The bundles could implement an interface which we collect during autoconfiguration and then iterate over all available ones.
-
/healthcheck
- Asks each bundle, returns error if any of them fail with details as to what is affected
-
/healthcheck?roles=FOO,BAR
- asks each bundle with a set of roles (preferably the roles of the current user)
- bundle only returns error if the role has access to the backend (this depends on roles being dynamic, tied to the app not the user, so those inferred from the Keycloak scopes)
Example:
- esign app checks (with some delay after loading the app to not have a performance hit)
- core bundle checks if LDAP is working and campus online is reachable
- esign bundle checks if pdf-as is reachable
- alma is not asked because the app doesn't have access
In case everything is ok it would return 200 and nothing. If something is broken it would return an HTTP error and simple message re which service is broken (I'd keep this at a minimum to not leak information, or only add information if authorized).
Open question:
- Should this be accessible un-authorized?
- Since these checks might take some time, should we cache them in the backend for some minutes?