Conversation
Adds a Docker HEALTHCHECK instruction to all four Dockerfiles so that orchestration tools (Docker Compose, Kubernetes, etc.) can detect when Floci is ready without requiring a custom healthcheck definition. Uses the existing /_floci/health endpoint with curl. Co-Authored-By: Matej Snuderl <ematej.snuderl@gmail.com>
Original prompt from Matej
|
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
The jvm-package (Alpine), native (quarkus-micro), and native-package (ubi9-minimal) base images do not include curl by default. Install it so the HEALTHCHECK instruction works correctly. Co-Authored-By: Matej Snuderl <ematej.snuderl@gmail.com>
Use wget (available by default in Alpine and UBI base images) instead of curl, eliminating the need to install additional packages. Co-Authored-By: Matej Snuderl <ematej.snuderl@gmail.com>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
The quarkus-micro-image and ubi9-minimal base images do not include wget by default. Install it via microdnf so the HEALTHCHECK works. Co-Authored-By: Matej Snuderl <ematej.snuderl@gmail.com>
- Alpine images (Dockerfile, Dockerfile.jvm-package): wget (BusyBox) - ubi9-minimal (Dockerfile.native-package): curl (pre-installed) - quarkus-micro-image (Dockerfile.native): bash /dev/tcp (no curl/wget) No new packages installed. Co-Authored-By: Matej Snuderl <ematej.snuderl@gmail.com>
| HEALTHCHECK --interval=5s --timeout=3s --retries=5 \ | ||
| CMD curl -f http://localhost:4566/_floci/health || exit 1 |
There was a problem hiding this comment.
🔴 HEALTHCHECK uses curl which is not installed in ubi9-minimal base image
The ubi9-minimal:9.7 base image does not include curl by default (it ships with only microdnf and a very minimal set of utilities). The HEALTHCHECK command curl -f http://localhost:4566/_floci/health will always fail with a "command not found" error, causing Docker to permanently mark the container as unhealthy. This can trigger restart loops in orchestrators or block dependent services that use depends_on: condition: service_healthy.
Prompt for agents
The HEALTHCHECK in Dockerfile.native-package uses `curl` but the base image `registry.access.redhat.com/ubi9-minimal:9.7` does not include curl. Options to fix: (1) Install curl-minimal via microdnf: add `RUN microdnf install -y curl-minimal && microdnf clean all` before the HEALTHCHECK. (2) Use a tool already present in ubi9-minimal, such as a shell-based TCP check if available. (3) Match the pattern used in Dockerfile.native with a raw TCP approach, but ensure the shell supports it (ubi9-minimal has bash available unlike micro images). For example: `CMD bash -c 'echo -e "GET /_floci/health HTTP/1.0\r\nHost: localhost\r\n\r\n" > /dev/tcp/localhost/4566' || exit 1`.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
False positive — curl is present in ubi9-minimal:9.7:
$ docker run --rm registry.access.redhat.com/ubi9-minimal:9.7 ls -lh /usr/bin/curl
-rwxr-xr-x 1 root root 193K Dec 2 11:04 /usr/bin/curl
$ docker run --rm registry.access.redhat.com/ubi9-minimal:9.7 curl --version | head -1
curl 7.76.1 (x86_64-redhat-linux-gnu) libcurl/7.76.1 OpenSSL/3.5.1 zlib/1.2.11 nghttp2/1.43.0
| HEALTHCHECK --interval=5s --timeout=3s --retries=5 \ | ||
| CMD bash -c 'echo -e "GET /_floci/health HTTP/1.0\r\nHost: localhost\r\n\r\n" > /dev/tcp/localhost/4566' || exit 1 |
There was a problem hiding this comment.
🔴 HEALTHCHECK uses bash which is not available in quarkus-micro-image base image
The quarkus-micro-image:2.0 is based on UBI Micro, an extremely minimal image that does not include bash (only /bin/sh at most, and no package manager to install it). The HEALTHCHECK command bash -c 'echo -e "GET /_floci/health HTTP/1.0\r\n..." > /dev/tcp/localhost/4566' will fail because bash is not found. Additionally, the /dev/tcp pseudo-device is a bash-specific feature unavailable in other shells. The container will be permanently marked unhealthy by Docker, which can cause restart loops and block dependent services.
Prompt for agents
The HEALTHCHECK in Dockerfile.native uses `bash` and bash-specific `/dev/tcp` but the base image `quarkus-micro-image:2.0` (UBI Micro) has neither bash nor a package manager to install it. Since UBI Micro is intentionally stripped down, there are limited options: (1) Install a small static HTTP client binary (e.g. copy a statically-compiled curl or wget from a build stage). (2) Use a Quarkus-native health check mechanism instead of a Docker HEALTHCHECK. (3) Switch to a slightly less minimal base image (e.g. ubi-minimal) that includes or can install bash/curl. (4) Use the native application itself to implement a health-check subcommand if supported.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
False positive — bash is present in quarkus-micro-image:2.0:
$ docker run --rm quay.io/quarkus/quarkus-micro-image:2.0 bash --version | head -1
GNU bash, version 4.4.20(1)-release (x86_64-redhat-linux-gnu)
And /dev/tcp works as expected (returns "Connection refused" when no server is running, confirming bash processes the pseudo-device):
$ docker run --rm quay.io/quarkus/quarkus-micro-image:2.0 bash -c 'echo > /dev/tcp/localhost/4566' 2>&1
bash: connect: Connection refused
1 participant
Summary
Adds a Docker
HEALTHCHECKinstruction to all four Dockerfiles (Dockerfile,Dockerfile.jvm-package,Dockerfile.native,Dockerfile.native-package) so orchestration tools can detect readiness without a custom healthcheck definition. This makes the Floci image a better drop-in replacement for LocalStack, which includes a built-in healthcheck.Each image uses whichever HTTP tool is already present in the base image — no new packages are installed:
Dockerfileeclipse-temurin:25-jre-alpinewget(BusyBox)wget -q --spiderDockerfile.jvm-packageeclipse-temurin:25-jre-alpinewget(BusyBox)wget -q --spiderDockerfile.native-packageubi9-minimal:9.7curl(pre-installed)curl -fDockerfile.nativequarkus-micro-image:2.0bash /dev/tcpAll healthchecks target the existing
/_floci/healthendpoint on port 4566.Type of change
fix:)feat:)feat!:orfix!:)AWS Compatibility
N/A — infrastructure-only change, no wire protocol impact.
Dockerfile.nativeusesbash /dev/tcp: Thequarkus-micro-image:2.0base image has neithercurlnorwget. The healthcheck falls back tobash -c '... > /dev/tcp/localhost/4566', which only verifies TCP connectivity — it does not check the HTTP response status code. If the server is listening but returning errors (e.g. 500), this healthcheck will still pass. Consider whether this is acceptable or whether installingcurl/wgetviamicrodnfis preferred for a proper HTTP-level check.wget --spider: Alpine's BusyBoxwgetsupports--spider, but its behavior may differ slightly from GNUwget. Verify the healthcheck succeeds on Alpine-based images.Checklist
./mvnw testpasses locallyLink to Devin session: https://app.devin.ai/sessions/06b7e28f3e664783b17ed18060e5c267
Requested by: @Meemaw