Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added healthcheck middleware #4

Merged
merged 1 commit into from
Feb 8, 2024
Merged

added healthcheck middleware #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions dojo/middleware.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
from threading import local
from django.db import models
from django.urls import reverse
from django.http import HttpResponse


logger = logging.getLogger(__name__)
Expand Down Expand Up @@ -164,3 +165,21 @@ def __init__(self, get_response):
def __call__(self, request):
request.META.update(settings.ADDITIONAL_HEADERS)
return self.get_response(request)


class HealthCheckMiddleware:
"""
Middleware that will allow for a healthcheck to return UP without the caller being in the
DJANGO ALLOWED_HOSTS list. Needed for AWS ALB healthchecks and improves general k8 healthchecks
"""

def __init__(self, get_response):

self.get_response = get_response

def __call__(self, request):
if request.META['PATH_INFO'] == '/health':
return HttpResponse('UP!')
else:
response = self.get_response(request)
return response
1 change: 1 addition & 0 deletions dojo/settings/settings.dist.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -920,6 +920,7 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param
# MIDDLEWARE
# ------------------------------------------------------------------------------
DJANGO_MIDDLEWARE_CLASSES = [
'dojo.middleware.HealthCheckMiddleware',
'django.middleware.common.CommonMiddleware',
'dojo.middleware.APITrailingSlashMiddleware',
'dojo.middleware.DojoSytemSettingsMiddleware',
Expand Down
2 changes: 2 additions & 0 deletions helm/defectdojo/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,8 @@ django:
# Depending on the size and complexity of your scans, you might want to increase the default ingress timeouts if you see repeated 504 Gateway Timeouts
# nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
# nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
# specific for AWS deployments Defectdojo has the /health endpoint for ALB healthchecks
# alb.ingress.kubernetes.io/healthcheck-path: /health
nginx:
tls:
enabled: false
Expand Down
8 changes: 7 additions & 1 deletion nginx/nginx.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,13 @@ http {
include /etc/nginx/wsgi_params;
access_log off;
}

# Used by AWS ALB health checks
location = /health {
limit_except GET { deny all; }
include /run/defectdojo/uwsgi_pass;
include /etc/nginx/wsgi_params;
access_log off;
}

error_page 500 502 503 504 /50x.html;
}
Expand Down
7 changes: 7 additions & 0 deletions nginx/nginx_TLS.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,13 @@ http {
include /etc/nginx/wsgi_params;
access_log off;
}
# Used by AWS ALB health checks
location = /health {
limit_except GET { deny all; }
include /run/defectdojo/uwsgi_pass;
include /etc/nginx/wsgi_params;
access_log off;
}
error_page 500 502 503 504 /50x.html;
}
}
Loading