Add support for HEALTHCHECK_URL environment variable #407
Description
Add support for a HEALTHCHECK_URL environment variable to allow customizing the health check endpoint without overriding the entire HEALTHCHECK instruction.
Problem
When running PHP applications with secure cookie configurations in production, the default health check fails.
Why this happens
-
Production applications commonly use secure cookies:
__Host-or__Secure-cookie prefixesSecureflag set totrueSameSite=StrictorSameSite=Lax
-
The internal health checker correctly uses plain HTTP (
http://127.0.0.1/) -
When the application tries to set a secure cookie over HTTP, it throws an exception
Example error
Fatal error: Uncaught SecurityException: Attempted to send a secure cookie over a non-secure connection.
This affects all major PHP frameworks when configured for production security:
- CodeIgniter 4 -
Config\Cookie::$secure = true - Laravel -
SESSION_SECURE_COOKIE=true - Symfony -
framework.session.cookie_secure: true
Current workaround
Users must override the entire HEALTHCHECK in their Dockerfile:
HEALTHCHECK --interval=30s --timeout=5s --start-period=30s --retries=3 \
CMD curl -sf http://127.0.0.1/health || exit 1This works but:
- Bypasses the well-designed wait-for script
- Requires users to duplicate health check logic
- Loses any future improvements to the base image's health checking
Proposed solution
Add support for a HEALTHCHECK_URL environment variable:
# In wait-for or health check script
target="${1:-${HEALTHCHECK_URL:-http://127.0.0.1/}}"