Skip to content

Add support for HEALTHCHECK_URL environment variable #407

Closed
Closed
Add support for HEALTHCHECK_URL environment variable#407
@jozefrebjak

Description

@jozefrebjak
jozefrebjak
opened on Dec 30, 2025

Add support for a HEALTHCHECK_URL environment variable to allow customizing the health check endpoint without overriding the entire HEALTHCHECK instruction.

Problem

When running PHP applications with secure cookie configurations in production, the default health check fails.

Why this happens

  1. Production applications commonly use secure cookies:

    • __Host- or __Secure- cookie prefixes
    • Secure flag set to true
    • SameSite=Strict or SameSite=Lax

  2. The internal health checker correctly uses plain HTTP (http://127.0.0.1/)

  3. When the application tries to set a secure cookie over HTTP, it throws an exception

Example error

Fatal error: Uncaught SecurityException: Attempted to send a secure cookie over a non-secure connection.

This affects all major PHP frameworks when configured for production security:

  • CodeIgniter 4 - Config\Cookie::$secure = true
  • Laravel - SESSION_SECURE_COOKIE=true
  • Symfony - framework.session.cookie_secure: true

Current workaround

Users must override the entire HEALTHCHECK in their Dockerfile:

HEALTHCHECK --interval=30s --timeout=5s --start-period=30s --retries=3 \
  CMD curl -sf http://127.0.0.1/health || exit 1

This works but:

  • Bypasses the well-designed wait-for script
  • Requires users to duplicate health check logic
  • Loses any future improvements to the base image's health checking

Proposed solution

Add support for a HEALTHCHECK_URL environment variable:

# In wait-for or health check script
target="${1:-${HEALTHCHECK_URL:-http://127.0.0.1/}}"

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions