HOTT-4446: Adds HEALTHCHECK #745

willfish · 2024-01-05T09:56:10Z

Jira link

https://transformuk.atlassian.net/browse/HOTT-4446

What?

ECS healthchecks are managed separately:

https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_HealthCheck.html

I have added/removed/altered:

Added HEALTHCHECK to Dockerfile
Make Dockerfile run locally with minimum-required configuration

Why?

I am doing this because:

This is remediation work from our pentest report

willfish · 2024-01-05T09:59:16Z

config/environments/production.rb

@@ -32,7 +32,7 @@

  # Assume all access to the app is happening through a SSL-terminating reverse proxy.
  # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies.
-  config.assume_ssl = true
+  config.assume_ssl = ENV.fetch('RAILS_ASSUME_SSL', "true") == "true"


We don't want to assume reverse proxy that terminates SSL when running locally

HOTT-4446: Pentest remediation work

3c84790

willfish changed the title ~~HOTT-4446: Pentest remediation work~~ HOTT-4446: Adds HEALTHCHECK Jan 5, 2024

willfish commented Jan 5, 2024

View reviewed changes

HOTT-4446: No healthcheck in shell task

8d16d44

amberstarlight approved these changes Jan 5, 2024

View reviewed changes

willfish merged commit a2af782 into main Jan 5, 2024
15 checks passed

willfish deleted the HOTT-4446-pentest-remediation branch January 5, 2024 10:24

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

HOTT-4446: Adds HEALTHCHECK #745

HOTT-4446: Adds HEALTHCHECK #745

willfish commented Jan 5, 2024

willfish Jan 5, 2024

HOTT-4446: Adds HEALTHCHECK #745

HOTT-4446: Adds HEALTHCHECK #745

Conversation

willfish commented Jan 5, 2024

Jira link

What?

Why?

willfish Jan 5, 2024

Choose a reason for hiding this comment