Add keep-alive monitoring endpoint

[gocanto]

Summary

• add keep-alive handler and payload
• expose GET /keep-alive through public middleware
• test keep-alive handler and route protections

Testing

• go test ./...

---

https://chatgpt.com/codex/tasks/task_e_68bfc94809b48333bdd54d4fa40a135d

Summary by CodeRabbit

• New Features
  • Added an authenticated /ping endpoint for health checks, returning JSON with a “pong” message and current UTC timestamp.
• Chores
  • Introduced environment setup using PING_USERNAME and PING_PASSWORD to secure the endpoint.
  • Improved unauthorized request handling with clearer logging and consistent 401 responses.
• Tests
  • Added tests covering /ping authentication flows, required public headers, routing, and response format.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Caution

Review failed

The pull request is closed.

Walkthrough

Adds a new authenticated /ping endpoint: defines payload.PingResponse, implements PingHandler with BasicAuth and UTC timestamp, wires env.Ping credentials and validation, registers the route in the router and boots it, introduces a helper for unauthorized errors, and adds unit tests for the handler and router middleware behavior.

Changes

Cohort / File(s)	Summary
Ping payload handler/payload/ping.go	New payload.PingResponse struct with message and date_time JSON fields.
HTTP ping handler handler/ping.go, handler/ping_test.go	New PingHandler, constructor, and Handle method with BasicAuth using env.Ping; responds with versioned payload including UTC timestamp; tests for valid/invalid creds and response decoding.
Environment wiring for Ping metal/env/env.go, metal/env/ping.go, metal/kernel/factory.go	Adds env.Ping struct (username/password, validation, accessors, HasInvalidCreds), exposes on Environment, constructs/validates from PING_USERNAME/PING_PASSWORD in factory.
Router and boot registration metal/kernel/router.go, metal/kernel/app.go	Adds Router.Ping() to register GET /ping via pipeline and API handler; invokes router.Ping() during app boot.
Router middleware tests for /ping metal/kernel/router_ping_test.go	Tests PublicMiddleware gating on /ping for missing/invalid/valid headers and credentials; fixes time via internal now override for determinism.
HTTP error helper pkg/http/response.go	Adds LogUnauthorisedError(msg string, err error) *ApiError returning 401 with logging.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor C as Client
  participant R as Router
  participant M as PublicMiddleware
  participant H as PingHandler
  participant E as env.Ping
  participant S as Response

  C->>R: GET /ping (BasicAuth, headers)
  R->>M: Apply public middleware
  alt Missing/invalid public headers
    M-->>C: 401 Unauthorized
  else Headers ok
    M->>H: Call Handle(w,r)
    H->>H: r.BasicAuth()
    H->>E: HasInvalidCreds(user, pass)?
    alt Invalid creds
      H-->>C: 401 Unauthorized (ApiError)
    else Valid creds
      H->>H: Build PingResponse {"pong", UTC date_time}
      H->>S: RespondOk(data)
      S-->>C: 200 OK (JSON)
    end
  end

Loading

sequenceDiagram
  autonumber
  participant Boot as App.Boot()
  participant Rt as Router
  Boot->>Rt: Ping()
  Rt->>Rt: Register GET /ping via pipeline + API handler

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Add public middleware with basic rate limiting and timestamp checks #87 — Implements and tests /ping route registration with PublicMiddleware, matching the new Router.Ping and middleware gating introduced here.

Poem

Thump-thump goes my bunny heart—ping!
I nibble bytes, hear servers sing.
With secret creds and ticks of time,
A “pong” returns in perfect rhyme.
Ears up, routes set, we hop along—
200 OK, a carrot-strong song. 🥕

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e9e2a9e and c4c12d5.

📒 Files selected for processing (10)

• handler/payload/ping.go (1 hunks)
• handler/ping.go (1 hunks)
• handler/ping_test.go (1 hunks)
• metal/env/env.go (1 hunks)
• metal/env/ping.go (1 hunks)
• metal/kernel/app.go (1 hunks)
• metal/kernel/factory.go (2 hunks)
• metal/kernel/router.go (1 hunks)
• metal/kernel/router_ping_test.go (1 hunks)
• pkg/http/response.go (1 hunks)

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/create-keep-alive-endpoint-with-tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @gocanto, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new /keep-alive endpoint, designed to serve as a basic health check or monitoring probe for the application. This allows external systems to verify the application's operational status by receiving a simple "alive" response, enhancing system observability and reliability.

Highlights

• New Keep-Alive Endpoint: Implemented a new GET /keep-alive endpoint to provide a simple health check response.
• Public Middleware Integration: The new endpoint is exposed through the public middleware, ensuring proper request handling and security.
• Comprehensive Testing: Unit tests for the handler and integration tests for the route's public middleware protection have been added.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new /keep-alive endpoint for system monitoring. The changes are well-structured, including a dedicated handler, payload definition, and route registration within the existing application framework. The addition of tests for both the handler's functionality and the route's middleware protections is commendable. My feedback includes a couple of suggestions aimed at improving code maintainability and test reliability.