[Choreo Connect 1.0.0] Health check is not checking the connection status between router and enforcer

[Sumudu-Sahan]

Description

The CC health check endpoint is not checking the connection between the router and the enforcer and just returning the success response if the router is up and running.

Steps to Reproduce

• Open the docker-compose.yml file and change value under the ENFORCER_PORT of the router config block (Configure 8082. Correct one is 8081). Need to make this change to break the connection between the router and the enforcer pods.
• Start up all 3 pods and invoke the health check endpoint. (Will get the 200 response)

curl https://apim:9095/ready -kv
*   Trying 192.168.1.105:9095...
* Connected to apim (192.168.1.105) port 9095 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=US; ST=CA; L=Mountain View; O=WSO2; OU=WSO2; CN=localhost
*  start date: Jan 31 17:52:35 2021 GMT
*  expire date: Jan 29 17:52:35 2031 GMT
*  issuer: C=US; ST=CA; L=Mountain View; O=WSO2; OU=WSO2; CN=localhost
*  SSL certificate verify result: self-signed certificate (18), continuing anyway.
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /ready HTTP/1.1
> Host: apim:9095
> User-Agent: curl/7.81.0
> Accept: */*
> 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< content-length: 19
< content-type: text/plain
< date: Wed, 04 Oct 2023 09:31:51 GMT
< server: envoy
< 
* Connection #0 to host apim left intact
{"status": "ready"}

• Then invoke the deployed API and able to see the below response in the client side.

• Check the router access logs and able to see the 500 response with the UAEX flag as below.

{'start_time': '[2023-10-04T09:33:40.731Z]', 'request_method': 'GET', 'request_path':'/test/1.0.0', 'protocol': 'HTTP/1.1', **'response_code':'500', 'response_flags':'UAEX'**, 'bytes_received':'0', 'bytes_sent':'114', 'duration': '40', 'response_upstream_service_time':'-', 'request_x_forwarded_for':'-', 'user_agent':'PostmanRuntime/7.33.0', 'request_id':'11cd48ae-2177-493f-b960-c45011a067d9', 'authority':'apim:9095', 'upstream_host':'-'}

Version

1.0.0

Environment Details (with versions)

No response

Relevant Log Output

No response

Related Issues

No response

Suggested Labels

No response