feat: healthz server (#3228)

* feat: healthz server

Signed-off-by: Asgeir Nilsen <asgeir@twingine.no>

* fix: startup and readiness probe activation points

Enable startup probe at end of Controller.Init and readiness probe at
end of Controller.Run

Signed-off-by: Asgeir Nilsen <asgeir@twingine.no>

* fix: rewrote to reuse same HTTP listener

Signed-off-by: Asgeir Nilsen <asgeir@twingine.no>

---------

Signed-off-by: Asgeir Nilsen <asgeir@twingine.no>

pkg/api/controller.go

@@ -55,6 +55,7 @@ type Controller struct {
 	HTPasswdWatcher *HTPasswdWatcher
 	LDAPClient      *LDAPClient
 	taskScheduler   *scheduler.Scheduler
+	Healthz         *common.Healthz
 	// runtime params
 	chosenPort int // kernel-chosen port
 }
@@ -63,6 +64,7 @@ func NewController(appConfig *config.Config) *Controller {
 	var controller Controller
 
 	logger := log.NewLogger(appConfig.Log.Level, appConfig.Log.Output)
+	controller.Healthz = common.NewHealthzServer(appConfig, logger)
 
 	if appConfig.Cluster != nil {
 		// we need the set of local sockets (IP address:port) for identifying
@@ -241,9 +243,13 @@ func (c *Controller) Run() error {
 			server.TLSConfig.ClientCAs = caCertPool
 		}
 
+		c.Healthz.Ready()
+
 		return server.ServeTLS(listener, c.Config.HTTP.TLS.Cert, c.Config.HTTP.TLS.Key)
 	}
 
+	c.Healthz.Ready()
+
 	return server.Serve(listener)
 }
 
@@ -277,6 +283,7 @@ func (c *Controller) Init() error {
 	}
 
 	c.InitCVEInfo()
+	c.Healthz.Started()
 
 	if c.Config.IsHtpasswdAuthEnabled() {
 		err := c.HTPasswdWatcher.ChangeFile(c.Config.HTTP.Auth.HTPasswd.Path)

pkg/api/routes.go

@@ -65,6 +65,11 @@ func NewRouteHandler(c *Controller) *RouteHandler {
 }
 
 func (rh *RouteHandler) SetupRoutes() {
+	// health endpoints get added first
+	rh.c.Router.Path("/livez").Handler(rh.c.Healthz.Handler)
+	rh.c.Router.Path("/readyz").Handler(rh.c.Healthz.Handler)
+	rh.c.Router.Path("/startupz").Handler(rh.c.Healthz.Handler)
+
 	// first get Auth middleware in order to first setup openid/ldap/htpasswd, before oidc provider routes are setup
 	authHandler := AuthHandler(rh.c)
 

pkg/common/healthz.go

@@ -0,0 +1,64 @@
+package common
+
+import (
+	"errors"
+	"net/http"
+
+	"sigs.k8s.io/controller-runtime/pkg/healthz"
+
+	"zotregistry.dev/zot/pkg/api/config"
+	"zotregistry.dev/zot/pkg/log"
+)
+
+var errNotReady = errors.New("not ready yet")
+
+type Healthz struct {
+	log     log.Logger
+	ready   bool
+	started bool
+	Handler *healthz.Handler
+}
+
+func NewHealthzServer(appConfig *config.Config, logger log.Logger) *Healthz {
+	var health Healthz
+	health.ready = false
+	health.started = false
+	health.log = logger
+	health.Handler = &healthz.Handler{Checks: map[string]healthz.Checker{
+		"livez":    health.livez,
+		"readyz":   health.readyz,
+		"startupz": health.startupz,
+	}}
+
+	return &health
+}
+
+func (h *Healthz) livez(req *http.Request) error {
+	return nil
+}
+
+func (h *Healthz) readyz(req *http.Request) error {
+	if h.ready {
+		return nil
+	}
+
+	return errNotReady
+}
+
+func (h *Healthz) startupz(req *http.Request) error {
+	if h.started {
+		return nil
+	}
+
+	return errNotReady
+}
+
+func (h *Healthz) Ready() {
+	h.ready = true
+	h.log.Debug().Msg("ready")
+}
+
+func (h *Healthz) Started() {
+	h.started = true
+	h.log.Debug().Msg("started")
+}