Healthcheck Not Set

  • Query id: 698ed579-b239-4f8f-a388-baa4bcb13ef8
  • Query name: Healthcheck Not Set
  • Platform: DockerCompose
  • Severity: Medium
  • Category: Availability
  • CWE: 703
  • URL: Github

Description

Check containers periodically to see if they are running properly.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
version: '2.1'

services:
 lelele-service:
    build: ./
    image: lelele-service
    restart: always
    container_name: lelele
    network_mode: "host"
    hostname: localhost
    ports:
      - 8092:8092
Positive test num. 2 - yaml file
version: '2.1'

services:
 lelele-service:
    build: ./
    image: lelele-service
    restart: always
    container_name: lelele
    network_mode: "host"
    hostname: localhost
    ports:
      - 8092:8092
    healthcheck:
      disable: true
Positive test num. 3 - yaml file
version: '2.1'

services:
 lelele-service:
    build: ./
    image: lelele-service
    restart: always
    container_name: lelele
    network_mode: "host"
    hostname: localhost
    ports:
      - 8092:8092
    healthcheck:
      test: ["NONE"]

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
version: '3.1'

services:
 lelele-service:
    build: ./
    image: lelele-service
    restart: always
    container_name: lelele
    network_mode: "host"
    hostname: localhost
    ports:
      - 8092:8092
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost"]
      interval: 1m30s
      timeout: 10s
      retries: 3
      start_period: 40s
Negative test num. 2 - yaml file
version: '3.1'

services:
 lelele-service:
    build: ./
    image: lelele-service
    restart: always
    container_name: lelele
    network_mode: "host"
    hostname: localhost
    ports:
      - 8092:8092
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost"]