Prevent randomness in health check endpoint

discovery-provider/nginx_conf/main.lua

@@ -2,7 +2,6 @@ require "resty.core"
 
 local resty_random = require "resty.random"
 local resty_rsa = require "resty.rsa"
-local cjson = require "cjson"
 local resty_http = require "resty.http"
 
 local config = require "config"
@@ -28,24 +27,6 @@ function get_cached_public_key (discovery_provider)
     return public_key, nil
 end
 
-function _M.health_check ()
-    local httpc = resty_http.new()
-    local res, err = httpc:request_uri("http://127.0.0.1:3000/health_check", { method = "GET" })
-    httpc:close()
-    if not res then
-        ngx.log(ngx.ERR, "failed to get health check: ", err)
-        return nil
-    end
-
-    local data = cjson.decode(res.body)
-    data["openresty"] = {
-        ["rsa_public_key"] = config.rsa_public_key,
-        ["public_url"] = config.public_url,
-    }
-
-    return cjson.encode(data)
-end
-
 function _M.get_redirect_target ()
     return config.redirect_targets[math.random(1, #config.redirect_targets)]
 end

discovery-provider/nginx_conf/nginx.conf

@@ -39,20 +39,6 @@ http {
             }
         }
 
-        location = /health_check {
-            content_by_lua_block {
-                local main = require "main"
-                local response = main.health_check()
-                ngx.header.content_type = 'application/json'
-                if not response then
-                    ngx.status = 500
-                    ngx.say('{"success": false}')
-                    return
-                end
-                ngx.say(response)
-            }
-        }
-
         location ~* .*_(check|version) {
             proxy_pass http://127.0.0.1:3000;
         }

discovery-provider/src/queries/get_health.py

@@ -20,16 +20,14 @@
     challenges_last_processed_event_redis_key,
     user_balances_refresh_last_completion_redis_key,
     index_eth_last_completion_redis_key,
-    latest_legacy_play_db_key
+    latest_legacy_play_db_key,
 )
 from src.queries.get_balances import (
     LAZY_REFRESH_REDIS_PREFIX,
     IMMEDIATE_REFRESH_REDIS_PREFIX,
 )
 from src.queries.get_latest_play import get_latest_play
-from src.queries.get_sol_plays import (
-    get_sol_play_health_info
-)
+from src.queries.get_sol_plays import get_sol_play_health_info
 from src.utils.helpers import redis_get_or_restore, redis_set_and_dump
 from src.eth_indexing.event_scanner import eth_indexing_last_scanned_block_key
 
@@ -39,6 +37,8 @@
 
 disc_prov_version = helpers.get_discovery_provider_version()
 
+openresty_public_key = helpers.get_openresty_public_key()
+
 default_healthy_block_diff = int(shared_config["discprov"]["healthy_block_diff"])
 default_indexing_interval_seconds = int(
     shared_config["discprov"]["block_processing_interval_sec"]
@@ -213,8 +213,7 @@ def get_health(args: GetHealthArgs, use_redis_cache: bool = True) -> Tuple[Dict,
         latest_block_hash = latest_block.hash.hex()
 
     (unhealthy_plays, sol_play_info, time_diff_general) = get_play_health_info(
-        redis,
-        plays_count_max_drift
+        redis, plays_count_max_drift
     )
 
     # fetch latest db state if:
@@ -293,10 +292,8 @@ def get_health(args: GetHealthArgs, use_redis_cache: bool = True) -> Tuple[Dict,
         "index_eth_age_sec": index_eth_age_sec,
         "number_of_cpus": number_of_cpus,
         **sys_info,
-        "plays": {
-            "solana": sol_play_info,
-            "time_diff_general": time_diff_general
-        }
+        "plays": {"solana": sol_play_info, "time_diff_general": time_diff_general},
+        "openresty_public_key": openresty_public_key,
     }
 
     block_difference = abs(latest_block_num - latest_indexed_block_num)
@@ -359,7 +356,9 @@ def get_health(args: GetHealthArgs, use_redis_cache: bool = True) -> Tuple[Dict,
 
 
 # Aggregate play health info across Solana and legacy storage
-def get_play_health_info(redis, plays_count_max_drift: Optional[int]) -> Tuple[bool, Dict, int]:
+def get_play_health_info(
+    redis, plays_count_max_drift: Optional[int]
+) -> Tuple[bool, Dict, int]:
     if redis is None:
         raise Exception("Invalid arguments for get_play_health_info")
 
@@ -369,8 +368,7 @@ def get_play_health_info(redis, plays_count_max_drift: Optional[int]) -> Tuple[b
 
     # If play count max drift provided, perform comparison
     is_unhealthy_sol_plays = bool(
-        plays_count_max_drift
-        and plays_count_max_drift < sol_play_info["time_diff"]
+        plays_count_max_drift and plays_count_max_drift < sol_play_info["time_diff"]
     )
 
     # If unhealthy sol plays, this will be overwritten
@@ -383,24 +381,23 @@ def get_play_health_info(redis, plays_count_max_drift: Optional[int]) -> Tuple[b
             # Query and cache latest db play if found
             latest_db_play = get_latest_play()
             if latest_db_play:
-                redis_set_and_dump(redis, latest_legacy_play_db_key, latest_db_play.timestamp())
+                redis_set_and_dump(
+                    redis, latest_legacy_play_db_key, latest_db_play.timestamp()
+                )
         else:
             # Decode bytes into float for latest timestamp
             latest_db_play = float(latest_db_play.decode())
             latest_db_play = datetime.utcfromtimestamp(latest_db_play)
 
         time_diff_general = (
             (current_time_utc - latest_db_play).total_seconds()
-                if latest_db_play
-                else time_diff_general
+            if latest_db_play
+            else time_diff_general
         )
 
     is_unhealthy_plays = bool(
         plays_count_max_drift
-        and (
-            is_unhealthy_sol_plays
-            and (plays_count_max_drift < time_diff_general)
-        )
+        and (is_unhealthy_sol_plays and (plays_count_max_drift < time_diff_general))
     )
 
     return (is_unhealthy_plays, sol_play_info, time_diff_general)

discovery-provider/src/utils/helpers.py

@@ -19,6 +19,7 @@
 
 from . import multihash
 
+
 def get_ip(request_obj):
     """Gets the IP address from a request using the X-Forwarded-For header if present"""
     ip = request_obj.headers.get("X-Forwarded-For", request_obj.remote_addr)
@@ -27,6 +28,16 @@ def get_ip(request_obj):
     return ip.split(",")[0].strip()
 
 
+def get_openresty_public_key():
+    """Get public key for openresty if it is running"""
+    try:
+        resp = requests.get("http://localhost:5000/openresty_pubkey")
+        resp.raise_for_status()
+        return resp.text
+    except (requests.exceptions.HTTPError, requests.exceptions.ConnectionError):
+        return None
+
+
 def redis_restore(redis, key):
     logger = logging.getLogger(__name__)
     filename = f"{key}_dump"
@@ -50,6 +61,7 @@ def redis_get_or_restore(redis, key):
     value = redis.get(key)
     return value if value else redis_restore(redis, key)
 
+
 def redis_get_json_cached_key_or_restore(redis, key):
     logger = logging.getLogger(__name__)
     cached_value = redis.get(key)
@@ -68,6 +80,7 @@ def redis_get_json_cached_key_or_restore(redis, key):
     logger.info(f"Redis Cache - miss {key}")
     return None
 
+
 def redis_dump(redis, key):
     logger = logging.getLogger(__name__)
     try:
@@ -85,6 +98,7 @@ def redis_set_json_and_dump(redis, key, value):
     serialized = json.dumps(value)
     redis_set_and_dump(redis, key, serialized)
 
+
 def redis_set_and_dump(redis, key, value):
     redis.set(key, value)
     redis_dump(redis, key)
@@ -113,6 +127,7 @@ def bytes32_to_str(bytes32input):
     r"^(?:^|[ \t])((https?:\/\/)?(?:localhost|[\w-]+(?:\.[\w-]+)+)(:\d+)?(\/\S*)?)$"
 )
 
+
 # Helper function to check if a given string is a valid FQDN
 def is_fqdn(endpoint_str):
     # Regex used to verify valid FQDN