module Ops class HealthController < ActionController::API before_action :authorize_deep_health! def show summary = Ops::HealthChecks.new.summary status_code = case summary[:status] when "ok" then :ok when "degraded" then :service_unavailable else :service_unavailable end render json: summary, status: status_code end private def authorize_deep_health! token = ENV["OPS_HEALTH_TOKEN"].presence return if token.blank? provided = request.headers["X-Ops-Token"].presence || params[:token].presence return head :unauthorized if provided.blank? head :unauthorized unless ActiveSupport::SecurityUtils.secure_compare(provided, token) end end end