Skip to content

πŸš€ Release: beta β†’ master #87

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rajashish147 merged 4 commits into from
Apr 4, 2026
Merged

πŸš€ Release: beta β†’ master #87

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
bd2db23
fix(docker): align HEALTHCHECK timing with liveness; robust healthche…
rajashish147 Apr 4, 2026
2d42c08
fix: ESM healthcheck + CI exec validation
rajashish147 Apr 4, 2026
5011e92
Merge branch 'master' into beta
rajashish147 Apr 4, 2026
7e3c09b
fix(deploy): guard GITHUB_STEP_SUMMARY for set -u on VPS
rajashish147 Apr 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions .github/workflows/pr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -287,6 +287,12 @@ jobs:

echo "βœ“ /health returned 200"

# Same binary + script path as Docker HEALTHCHECK (exec form); catches ESM/require
# regressions and confirms 127.0.0.1:3000/health from inside the container.
echo "Validating /app/healthcheck.js (ESM, distroless node)..."
docker exec api-ci-test /nodejs/bin/node /app/healthcheck.js
echo "βœ“ healthcheck.js exited 0"

# Smoke tests: admin endpoints must reject unauthenticated requests with 401
for ENDPOINT in /admin/audit-log /admin/webhook-dlq; do
ECODE=$(docker run --rm \
Expand Down Expand Up @@ -541,6 +547,10 @@ jobs:
exit 1
fi

echo "Validating /app/healthcheck.js (same as Docker HEALTHCHECK)..."
docker exec api-blue /nodejs/bin/node /app/healthcheck.js
echo "βœ“ healthcheck.js exited 0"

# Smoke: auth guards must reject unauthenticated requests with 401.
for ENDPOINT in /admin/audit-log /admin/webhook-dlq; do
CODE=$(docker run --rm \
Expand Down
70 changes: 47 additions & 23 deletions healthcheck.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,10 @@
// Distroless-compatible liveness probe (no curl). Semantics align with:
// curl -fsS http://127.0.0.1:3000/health || exit 1
// ESM: package.json has "type":"module"; this file must not use require().
// - 127.0.0.1 + IPv4 only (avoid ::1 / dual-stack quirks)
// - exit 0 only on HTTP 200; any other status or error β†’ exit 1
// - bounded wall time < Docker --timeout (5s)
'use strict';

const http = require('http');
import http from 'node:http';

const TIMEOUT_MS = 4500;
let settled = false;
Expand All @@ -18,26 +17,51 @@
process.exit(code);
}

const req = http.request(
{
host: '127.0.0.1',
port: 3000,
path: '/health',
method: 'GET',
family: 4,
},
(res) => {
res.on('data', () => {});
res.on('end', () => {
finish(res.statusCode === 200 ? 0 : 1);
});
res.on('error', () => finish(1));
},
);
function logErr(prefix, err) {
console.error(`[healthcheck] ${prefix}`, err);

Check warning

Code scanning / CodeQL

Log injection Medium

Log entry depends on a
user-provided value
Loading
.

Copilot Autofix

AI about 2 months ago

In general, the fix is to avoid writing raw, potentially user-controlled strings (including error messages) directly to logs. Instead, sanitize them to remove or neutralize control characters (especially \n and \r) or clearly delimit them so they cannot forge additional log entries.

For this specific code, the cleanest low-impact change is to modify logErr so it never passes potentially untrusted values directly to console.error. Instead, build a safe, single-line string representation of the error or reason by:

  • Extracting a meaningful message (from err.message, err.toString(), or String(err)).
  • Stripping newline and carriage-return characters.
  • Including a minimal type indicator if useful (e.g., ErrorName: message).

We then log just that sanitized string along with the prefix, keeping semantics the same (we still report the error) while preventing multi-line injection. Only the logErr helper and its immediate logging call need to change, within healthcheck.js, and no new imports or dependencies are required.

Suggested changeset 1
healthcheck.js

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/healthcheck.js b/healthcheck.js
--- a/healthcheck.js
+++ b/healthcheck.js
@@ -18,7 +18,11 @@
 }
 
 function logErr(prefix, err) {
-  console.error(`[healthcheck] ${prefix}`, err);
+  const raw = (err && typeof err === 'object' && 'message' in err)
+    ? String(err.message)
+    : String(err);
+  const safe = raw.replace(/[\r\n]+/g, ' ');
+  console.error(`[healthcheck] ${prefix}: ${safe}`);
 }
 
 process.on('uncaughtException', (err) => {
EOF
@@ -18,7 +18,11 @@
}

function logErr(prefix, err) {
console.error(`[healthcheck] ${prefix}`, err);
const raw = (err && typeof err === 'object' && 'message' in err)
? String(err.message)
: String(err);
const safe = raw.replace(/[\r\n]+/g, ' ');
console.error(`[healthcheck] ${prefix}: ${safe}`);
}

process.on('uncaughtException', (err) => {
Copilot is powered by AI and may make mistakes. Always verify output.
}

process.on('uncaughtException', (err) => {
logErr('uncaughtException', err);
finish(1);
});

req.on('error', () => finish(1));
req.setTimeout(TIMEOUT_MS, () => {
req.destroy();
process.on('unhandledRejection', (reason) => {
logErr('unhandledRejection', reason);
finish(1);
});
req.end();

try {
const req = http.request(
{
host: '127.0.0.1',
port: 3000,
path: '/health',
method: 'GET',
family: 4,
},
(res) => {
res.on('data', () => {});
res.on('end', () => {
finish(res.statusCode === 200 ? 0 : 1);
});
res.on('error', (err) => {
logErr('response error', err);
finish(1);
});
},
);

req.on('error', (err) => {
logErr('request error', err);
finish(1);
});
req.setTimeout(TIMEOUT_MS, () => {
req.destroy();
finish(1);
});
req.end();
} catch (err) {
logErr('fatal', err);
finish(1);
}
6 changes: 4 additions & 2 deletions scripts/deploy.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -188,11 +188,13 @@ _ft_snapshot() {
}

# ---------------------------------------------------------------------------
# GITHUB ACTIONS SUMMARY
# GITHUB ACTIONS SUMMARY (optional; unset outside GitHub Actions β€” must not trip set -u)
# ---------------------------------------------------------------------------
_ft_github_summary() {
local status="$1" container="${2:-unknown}" image="${3:-unknown}" reason="${4:-}"
[ -z "$GITHUB_STEP_SUMMARY" ] && return 0
if [ -z "${GITHUB_STEP_SUMMARY:-}" ]; then
return 0
fi
{
echo "### πŸš€ Deployment Summary"
echo "| Field | Value |"
Expand Down
Loading