Docker healthcheck fails in 8.3.0

[cnoelle]

The container remains in status starting for some time then turns into unhealthy. This seems to be related to endpoint /iot/about being protected by access control, when probably it shouldn't. The service is available nevertheless, but this is quite misleading and worth fixing, in my opinion.

Start the container (requires an additional IDM service and env vars for the service to start successfully):

docker run --rm -d --name wilma -e PEP_PROXY_PORT=1027 fiware/pep-proxy:8.3.0

Login and run healtcheck script:

docker exec -it -u root wilma bash
node bin/healthcheck

The result is Performed health check, result 401.
The problem can be confirmed by installing curl in the container (apt update && apt install -y curl) and issuing a request:

curl http://localhost:1027/iot/about

Result:

{
    "type": "urn:dx:as:MissingAuthenticationToken",
    "title": "Unauthorized",
    "detail": "Auth-token not found in request header"
  }

[jason-fox]

/iot/about is just a fallback if no PEP_PROXY_PUBLIC_PATHS have been defined. The default config.js just sets an empty array, so the health check needs to attempt to contact somewhere:

https://github.com/ging/fiware-pep-proxy/blob/master/bin/healthcheck.js#L18

Since the PEP Proxy is not tightly bound to any particular web service, the details of your preferred public path will vary depending upon which service you want to protect.

Set something like PEP_PROXY_PUBLIC_PATHS=version if you want to use the PEP Proxy with the Orion Context Broker.