name: Health Check Monitoring
on:
schedule:
# Run health checks weekly on Sunday mornings to optimize resource usage
- cron: "0 8 * * 0"
workflow_dispatch:
release:
types: [published]
permissions:
contents: read
actions: read
env:
REGISTRY: docker.io
IMAGE_NAME: docdyhr/simplenote-mcp-server
jobs:
health-check:
runs-on: ubuntu-latest
timeout-minutes: 15
permissions:
contents: read
strategy:
matrix:
tag: [latest, main]
steps:
- name: Pull Docker image
run: |
docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.tag }}
- name: Health check - Container startup
run: |
# Start container in background and check if it starts successfully
# Note: We expect authentication to fail with dummy credentials,
# but the container should start and show proper error messages
container_id=$(docker run -d \
-e SIMPLENOTE_EMAIL=healthcheck@example.com \
-e SIMPLENOTE_PASSWORD=dummy-password \
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.tag }})
# Wait for container to initialize and show logs
sleep 15
container_logs=$(docker logs $container_id 2>&1)
echo "=== Container Logs ==="
echo "$container_logs"
echo "====================="
# Check if container shows expected behavior (help text or startup/auth messages)
if echo "$container_logs" | grep -q "Simplenote MCP Server"; then
if echo "$container_logs" | grep -q "Missing Simplenote credentials\|AUTHENTICATION.*environment variables must be set\|Usage:\|Environment Variables:"; then
echo "✅ Container ${{ matrix.tag }} started properly and shows expected output"
else
echo "⚠️ Container ${{ matrix.tag }} started but unexpected behavior"
echo "Expected startup messages, auth error, or help text not found"
fi
else
echo "❌ Container ${{ matrix.tag }} failed to start properly"
echo "No Simplenote MCP Server signature found in output"
exit 1
fi
# Clean up
docker stop $container_id
docker rm $container_id
- name: Health check - Basic functionality
run: |
# Test container response to help command
container_output=$(docker run --rm \
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.tag }} --help 2>&1 || true)
if echo "$container_output" | grep -q "Simplenote MCP Server"; then
echo "✅ Container ${{ matrix.tag }} responds correctly to --help"
else
echo "❌ Container ${{ matrix.tag }} help command failed"
echo "Output: $container_output"
exit 1
fi
- name: Health check - Image security scan
uses: aquasecurity/trivy-action@0.32.0
with:
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.tag }}
format: "json"
output: "trivy-results-${{ matrix.tag }}.json"
exit-code: "0" # Don't fail on vulnerabilities, just report
- name: Upload security scan results
uses: actions/upload-artifact@v4
if: always()
with:
name: trivy-results-${{ matrix.tag }}
path: trivy-results-${{ matrix.tag }}.json
notify-status:
needs: health-check
permissions:
contents: read
actions: read
uses: ./.github/workflows/notifications.yml
if: always()
with:
status: ${{ needs.health-check.result }}
workflow_name: "Health Check Monitoring"
message: "Health check monitoring completed for Docker images (latest and main tags). Checks: container startup, functionality test, security scan."
slack_enabled: false
email_enabled: true
secrets:
NOTIFICATION_EMAIL: ${{ secrets.NOTIFICATION_EMAIL }}
EMAIL_PASSWORD: ${{ secrets.EMAIL_PASSWORD }}
