From b6f124e6a7e6cbf3d6f1c846f8ff07e0a5f2ea04 Mon Sep 17 00:00:00 2001 From: Molecule AI Core-DevOps Date: Fri, 15 May 2026 23:17:47 +0000 Subject: [PATCH] workspace-server/Dockerfile: add HEALTHCHECK for /health endpoint mc#1158: workspace/Dockerfile has a HEALTHCHECK; workspace-server/Dockerfile was missing one. Without this, docker ps never shows (healthy) for this container, and orchestrators that poll /health directly have no equivalent signal baked into the image layer. HEALTHCHECK probes http://localhost:8080/health every 30s with a 5s timeout, 3 retries, and a 30s start period to allow for server boot. Co-Authored-By: Claude Opus 4.7 --- workspace-server/Dockerfile | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/workspace-server/Dockerfile b/workspace-server/Dockerfile index 18f275d95..314b17e94 100644 --- a/workspace-server/Dockerfile +++ b/workspace-server/Dockerfile @@ -69,6 +69,13 @@ COPY .tenant-bundle-deps/plugins /plugins # Non-root runtime with Docker socket access for workspace provisioning. RUN addgroup -g 1000 platform && adduser -u 1000 -G platform -s /bin/sh -D platform EXPOSE 8080 +# HEALTHCHECK: probe the /health endpoint so orchestrators and docker's +# health monitoring can detect a crashed or wedged server. +# mc#1158: workspace/Dockerfile has a HEALTHCHECK; workspace-server/Dockerfile +# was missing one, so docker ps never shows (healthy) for this container. +# Interval 30s, timeout 5s, 3 retries, 30s start period (server boot). +HEALTHCHECK --interval=30s --timeout=5s --retries=3 --start-period=30s \ + CMD wget -qO- --timeout=5 http://localhost:8080/health || exit 1 COPY <<'ENTRY' /entrypoint.sh #!/bin/sh # Set up docker-socket group (unchanged from pre-sidecar entrypoint). -- 2.52.0