posture-check: endpoint-agnostic Healthchecks heartbeat ping
Wrap main() with a Healthchecks ping (start + success/fail). The capability ping URL is read from $HEALTHCHECKS_POSTURE_URL or the host secret file /mnt/user/appdata/secrets/healthchecks_posture_url (never in the repo, same pattern as pre-borg.sh). Exit code preserved; warning/critical still count as "ran" (posture alerts stay on ntfy), only a real abort (rc>2) pings /fail. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -429,4 +429,21 @@ main() {
|
||||
write_json
|
||||
}
|
||||
|
||||
main "$@"
|
||||
# --- Healthchecks Heartbeat (endpoint-agnostisch; Capability-URL ist ein Secret, nie ins Repo) ---
|
||||
HEALTHCHECKS_POSTURE_URL="${HEALTHCHECKS_POSTURE_URL:-}"
|
||||
HEALTHCHECKS_POSTURE_URL_FILE="${HEALTHCHECKS_POSTURE_URL_FILE:-/mnt/user/appdata/secrets/healthchecks_posture_url}"
|
||||
if [ -z "$HEALTHCHECKS_POSTURE_URL" ] && [ -r "$HEALTHCHECKS_POSTURE_URL_FILE" ]; then
|
||||
HEALTHCHECKS_POSTURE_URL="$(tr -d '[:space:]' < "$HEALTHCHECKS_POSTURE_URL_FILE")"
|
||||
fi
|
||||
hc_ping() {
|
||||
[ -n "$HEALTHCHECKS_POSTURE_URL" ] || return 0
|
||||
curl -fsS -m 10 --retry 3 "${HEALTHCHECKS_POSTURE_URL}${1:-}" >/dev/null 2>&1 || true
|
||||
}
|
||||
|
||||
hc_ping "/start"
|
||||
rc=0
|
||||
main "$@" || rc=$?
|
||||
# Exit 0/1/2 = ok/warning/critical: der Monitor LIEF (Posture-Alarme laufen separat via ntfy).
|
||||
# Nur ein echter Abbruch (rc>2) ist ein Job-Fehler -> /fail.
|
||||
if [ "$rc" -le 2 ]; then hc_ping ""; else hc_ping "/fail"; fi
|
||||
exit "$rc"
|
||||
|
||||
Reference in New Issue
Block a user