Skip to content

Harden Docker container runtime health check #10402

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 15, 2025
Merged

Harden Docker container runtime health check #10402

merged 2 commits into from
Jul 15, 2025

Conversation

@captainsafia
Copy link
Member

Closes #10391.

@github-actions github-actions bot added the needs-area-label An area label is needed to ensure this gets routed to the appropriate area owners label Jul 15, 2025
Copilot AI reviewed Jul 15, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR strengthens the container runtime health check by verifying that the Docker daemon is running before checking Docker Buildx availability.

  • Adds CheckDockerDaemonAsync to probe the Docker daemon via docker container ls -n 1
  • Adds CheckDockerBuildxAsync to validate that Buildx is installed and functioning
  • Updates CheckIfRunningAsync to chain both checks sequentially
Comments suppressed due to low confidence (1)

src/Aspire.Hosting/Publishing/DockerContainerRuntime.cs:134

  • Add unit tests for the new CheckDockerDaemonAsync and CheckDockerBuildxAsync methods, covering both successful and failure paths to ensure the health check logic is fully validated.
    public async Task<bool> CheckIfRunningAsync(CancellationToken cancellationToken)

src/Aspire.Hosting/Publishing/DockerContainerRuntime.cs
OnErrorData = error =>
{
logger.LogInformation("docker buildx version (stderr): {Error}", error);
logger.LogInformation("docker container ls (stderr): {Error}", error);
Copy link

Copilot AI Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpick] Consider using LogWarning or LogError for stderr output to better reflect that this data represents an error stream rather than informational messages.

Suggested change
logger.LogInformation("docker container ls (stderr): {Error}", error);
logger.LogWarning("docker container ls (stderr): {Error}", error);

Copilot uses AI. Check for mistakes.
src/Aspire.Hosting/Publishing/DockerContainerRuntime.cs
Comment on lines 151 to 158
OnOutputData = output =>
{
logger.LogInformation("docker buildx version (stdout): {Output}", output);
logger.LogInformation("docker container ls (stdout): {Output}", output);
},
OnErrorData = error =>
{
logger.LogInformation("docker buildx version (stderr): {Error}", error);
logger.LogInformation("docker container ls (stderr): {Error}", error);
},
Copy link

Copilot AI Jul 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpick] The OnOutputData and OnErrorData logging closures are duplicated in both health-check methods; consider extracting a shared helper to reduce duplication and improve maintainability.

Suggested change
OnOutputData = output =>
{
logger.LogInformation("docker buildx version (stdout): {Output}", output);
logger.LogInformation("docker container ls (stdout): {Output}", output);
},
OnErrorData = error =>
{
logger.LogInformation("docker buildx version (stderr): {Error}", error);
logger.LogInformation("docker container ls (stderr): {Error}", error);
},
OnOutputData = output => LogProcessOutput("stdout", output),
OnErrorData = error => LogProcessOutput("stderr", error),

Copilot uses AI. Check for mistakes.
@davidfowl
Copy link
Member

Do the same for podman?

@captainsafia captainsafia merged commit f611600 into main Jul 15, 2025
544 of 546 checks passed
@captainsafia captainsafia deleted the safia/docker-runtime-check branch July 15, 2025 03:59
@captainsafia
Copy link
Member Author

/backport to release/9.4

@github-actions
Copy link
Contributor

Started backporting to release/9.4: https://github.com/dotnet/aspire/actions/runs/16283710455

@github-actions github-actions bot mentioned this pull request Jul 15, 2025
Merged
@github-actions github-actions bot locked and limited conversation to collaborators Aug 14, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

Copilot code review Copilot Copilot left review comments

@danegsta danegsta danegsta approved these changes

@davidfowl davidfowl Awaiting requested review from davidfowl

@eerhardt eerhardt Awaiting requested review from eerhardt

Assignees

No one assigned

Labels

needs-area-label An area label is needed to ensure this gets routed to the appropriate area owners

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

New Docker container runtime health check is not resilient

4 participants

@captainsafia @davidfowl @danegsta