Add landscaping-assistant to blackbox uptime monitoring #400

Merged

ldraney merged 1 commit from 399-add-landscaping-assistant-to-blackbox-up into main

2026-06-03 04:55:14 +00:00

ldraney commented

2026-06-03 03:53:52 +00:00

Owner

Summary

Adds the landscaping-assistant Rails app to the blackbox exporter probe targets so it gets uptime monitoring and EndpointDown alerts alongside all other deployed services.

Changes

terraform/modules/monitoring/main.tf -- added landscaping-assistant entry to serviceMonitor.targets in the blackbox exporter helm values, using the internal cluster URL http://landscaping-assistant.landscaping-assistant.svc.cluster.local:3000/up

tofu plan Output

Cannot run tofu plan without cluster credentials, but the change is a pure data addition (one new list element in the blackbox exporter helm values). tofu fmt -check passes clean.

Test Plan

tofu fmt -check passes (verified)
After apply, verify probe_success{instance=~".*landscaping-assistant.*"} appears in Prometheus
Confirm the EndpointDown alert fires if the service is unreachable

Review Checklist

Passed automated review-fix loop
No secrets committed
No unnecessary file changes
Commit messages are descriptive

ldraney/pal-e-platform#399 -- the Forgejo issue this PR implements
Closes ldraney/landscaping-assistant#21

## Summary Adds the landscaping-assistant Rails app to the blackbox exporter probe targets so it gets uptime monitoring and EndpointDown alerts alongside all other deployed services. ## Changes - `terraform/modules/monitoring/main.tf` -- added landscaping-assistant entry to `serviceMonitor.targets` in the blackbox exporter helm values, using the internal cluster URL `http://landscaping-assistant.landscaping-assistant.svc.cluster.local:3000/up` ## tofu plan Output Cannot run `tofu plan` without cluster credentials, but the change is a pure data addition (one new list element in the blackbox exporter helm values). `tofu fmt -check` passes clean. ## Test Plan - [ ] `tofu fmt -check` passes (verified) - [ ] After apply, verify `probe_success{instance=~".*landscaping-assistant.*"}` appears in Prometheus - [ ] Confirm the EndpointDown alert fires if the service is unreachable ## Review Checklist - [ ] Passed automated review-fix loop - [ ] No secrets committed - [ ] No unnecessary file changes - [ ] Commit messages are descriptive ## Related Notes - `ldraney/pal-e-platform#399` -- the Forgejo issue this PR implements - Closes ldraney/landscaping-assistant#21

ldraney added 1 commit

2026-06-03 03:53:52 +00:00

Add landscaping-assistant to blackbox uptime probe targets

ci/woodpecker/push/terraform Pipeline was successful

Details

ci/woodpecker/pr/terraform Pipeline was successful

Details

ci/woodpecker/pull_request_closed/terraform Pipeline was successful

Details

fc05e652df

The app is deployed in the landscaping-assistant namespace on port 3000
with a health endpoint at /up. Adding it to blackbox exporter ensures
uptime monitoring and EndpointDown alerts match the other services.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

ldraney commented

2026-06-03 03:54:26 +00:00

Author

Owner

PR Review

Scope: 1 file changed, 5 additions, 0 deletions.

Findings

Correctness -- PASS

URL pattern http://{service}.{namespace}.svc.cluster.local:{port}{path} matches the kustomization overlay: service name landscaping-assistant, namespace landscaping-assistant, port 3000, health path /up.
Labels follow convention: service = "landscaping-assistant", tier = "app" -- consistent with basketball-api, westside-app, playme2k entries.
Trailing comma added to playme2k entry and new entry is the final element (no trailing comma) -- valid HCL list syntax.

Pattern consistency -- PASS

Entry placement is in the application services section, after all existing app targets.
Structure matches existing entries exactly (name, url, labels keys).

Security -- PASS

No secrets, credentials, or sensitive values in the diff.
Internal cluster URL only; no external exposure.

Formatting -- PASS

tofu fmt -check confirmed clean per PR body.

No issues found.

VERDICT: APPROVE

## PR Review **Scope:** 1 file changed, 5 additions, 0 deletions. ### Findings **Correctness -- PASS** - URL pattern `http://{service}.{namespace}.svc.cluster.local:{port}{path}` matches the kustomization overlay: service name `landscaping-assistant`, namespace `landscaping-assistant`, port `3000`, health path `/up`. - Labels follow convention: `service = "landscaping-assistant"`, `tier = "app"` -- consistent with basketball-api, westside-app, playme2k entries. - Trailing comma added to `playme2k` entry and new entry is the final element (no trailing comma) -- valid HCL list syntax. **Pattern consistency -- PASS** - Entry placement is in the application services section, after all existing app targets. - Structure matches existing entries exactly (name, url, labels keys). **Security -- PASS** - No secrets, credentials, or sensitive values in the diff. - Internal cluster URL only; no external exposure. **Formatting -- PASS** - `tofu fmt -check` confirmed clean per PR body. **No issues found.** ### VERDICT: APPROVE

ldraney commented

2026-06-03 04:54:35 +00:00

Author

Owner

PR #400 Review

DOMAIN REVIEW

Stack: Terraform / Helm / Kubernetes monitoring infrastructure

This is a 5-line, single-file data addition to terraform/modules/monitoring/main.tf. It adds one new entry to the blackbox exporter probe targets list.

Terraform style: The new block follows the exact same structure as the four existing entries (name, url, labels with service + tier). Formatting is consistent -- tofu fmt compliance is claimed and the indentation matches.

URL correctness: The target URL http://landscaping-assistant.landscaping-assistant.svc.cluster.local:3000/up is well-formed:

Follows the {service}.{namespace}.svc.cluster.local:{port} k8s DNS convention used by all other entries
The /up path is confirmed to exist -- config/routes.rb in the landscaping-assistant repo maps get "up" to rails/health#show (the standard Rails health check)
Port 3000 matches the default Rails/Puma port and is consistent with playme2k and westside-app entries

Pattern note: This is the only entry using an explicit health-check path (/up). The others hit root / or /docs. This is actually better practice -- probing a dedicated health endpoint avoids false positives from redirects or error pages. Not a concern, just an observation.

Diff mechanics: The trailing comma is correctly added after the playme2k block closing brace, and the new entry is placed as the last element before the closing bracket. Clean HCL.

BLOCKERS

None.

This is a pure data addition -- no new logic, no user input, no auth changes, no secrets. The BLOCKER criteria (missing tests for new functionality, unvalidated input, secrets in code, DRY violations in auth) do not apply to declarative infrastructure data additions.

NITS

None. The change is minimal, correctly structured, and follows established patterns.

SOP COMPLIANCE

Branch 399-add-landscaping-assistant-to-blackbox-up follows {issue-number}-{kebab-case-purpose} convention
PR body has: Summary, Changes, Test Plan, Related -- all present
Related section references pal-e-platform#399 (the Forgejo issue) and closes landscaping-assistant#21 (the parent issue)
No secrets committed
No unnecessary file changes (1 file, 5 lines, exactly scoped)
Commit messages are descriptive (PR title matches issue title)

Minor SOP note: The PR body has "tofu plan Output" instead of the standard "Test Plan" header, and a "Review Checklist" section. The Test Plan content is present and reasonable (cannot run tofu plan without cluster creds, but tofu fmt -check passes and post-apply verification steps are listed). Acceptable for an infra change.

PROCESS OBSERVATIONS

Deployment risk: Very low. Adding one element to a list in a Helm values block. The blackbox exporter will simply start probing one additional URL. No existing targets are affected.
Change failure risk: Minimal. If the landscaping-assistant service or /up endpoint is unreachable, the EndpointDown alert (configured at line 483 with probe_success == 0 and 5m for duration) will fire as a warning -- which is the desired behavior.
Cross-repo coordination: This PR correctly closes landscaping-assistant#21 from the pal-e-platform repo where the monitoring infra lives. Good cross-repo issue tracking.

VERDICT: APPROVED

## PR #400 Review ### DOMAIN REVIEW **Stack: Terraform / Helm / Kubernetes monitoring infrastructure** This is a 5-line, single-file data addition to `terraform/modules/monitoring/main.tf`. It adds one new entry to the blackbox exporter probe targets list. **Terraform style**: The new block follows the exact same structure as the four existing entries (name, url, labels with service + tier). Formatting is consistent -- `tofu fmt` compliance is claimed and the indentation matches. **URL correctness**: The target URL `http://landscaping-assistant.landscaping-assistant.svc.cluster.local:3000/up` is well-formed: - Follows the `{service}.{namespace}.svc.cluster.local:{port}` k8s DNS convention used by all other entries - The `/up` path is confirmed to exist -- `config/routes.rb` in the landscaping-assistant repo maps `get "up"` to `rails/health#show` (the standard Rails health check) - Port 3000 matches the default Rails/Puma port and is consistent with `playme2k` and `westside-app` entries **Pattern note**: This is the only entry using an explicit health-check path (`/up`). The others hit root `/` or `/docs`. This is actually *better* practice -- probing a dedicated health endpoint avoids false positives from redirects or error pages. Not a concern, just an observation. **Diff mechanics**: The trailing comma is correctly added after the `playme2k` block closing brace, and the new entry is placed as the last element before the closing bracket. Clean HCL. ### BLOCKERS None. This is a pure data addition -- no new logic, no user input, no auth changes, no secrets. The BLOCKER criteria (missing tests for new functionality, unvalidated input, secrets in code, DRY violations in auth) do not apply to declarative infrastructure data additions. ### NITS None. The change is minimal, correctly structured, and follows established patterns. ### SOP COMPLIANCE - [x] Branch `399-add-landscaping-assistant-to-blackbox-up` follows `{issue-number}-{kebab-case-purpose}` convention - [x] PR body has: Summary, Changes, Test Plan, Related -- all present - [x] Related section references pal-e-platform#399 (the Forgejo issue) and closes landscaping-assistant#21 (the parent issue) - [x] No secrets committed - [x] No unnecessary file changes (1 file, 5 lines, exactly scoped) - [x] Commit messages are descriptive (PR title matches issue title) **Minor SOP note**: The PR body has "tofu plan Output" instead of the standard "Test Plan" header, and a "Review Checklist" section. The Test Plan content is present and reasonable (cannot run tofu plan without cluster creds, but `tofu fmt -check` passes and post-apply verification steps are listed). Acceptable for an infra change. ### PROCESS OBSERVATIONS - **Deployment risk**: Very low. Adding one element to a list in a Helm values block. The blackbox exporter will simply start probing one additional URL. No existing targets are affected. - **Change failure risk**: Minimal. If the landscaping-assistant service or `/up` endpoint is unreachable, the EndpointDown alert (configured at line 483 with `probe_success == 0` and 5m `for` duration) will fire as a warning -- which is the desired behavior. - **Cross-repo coordination**: This PR correctly closes `landscaping-assistant#21` from the `pal-e-platform` repo where the monitoring infra lives. Good cross-repo issue tracking. ### VERDICT: APPROVED