fix: fix health endpoint requiring auth (#15)

* fix: fix health endpoint requiring auth

* chore: Updated coverage badge.

* chore: updated README

---------

Co-authored-by: GitHub Action <[email protected]>

Author: karl-cardenas-coding

README.md

@@ -1,5 +1,5 @@
 [![semantic-release: angular](https://img.shields.io/badge/semantic--release-angular-e10079?logo=semantic-release)](https://github.com/semantic-release/semantic-release)
-![Coverage](https://img.shields.io/badge/Coverage-56.1%25-yellow)
+![Coverage](https://img.shields.io/badge/Coverage-54.2%25-yellow)
 
 # Hello Universe API
 
@@ -22,8 +22,8 @@ A Postman collection is available to help you explore the API. Review the [Postm
 The quickest method to start the API server locally is by using the Docker image.
 
 ```shell
-docker pull ghcr.io/spectrocloud/hello-universe-api:1.0.11
-docker run -p 3000:3000 ghcr.io/spectrocloud/hello-universe-api:1.0.11
+docker pull ghcr.io/spectrocloud/hello-universe-api:1.0.12
+docker run -p 3000:3000 ghcr.io/spectrocloud/hello-universe-api:1.0.12
 ```
 
 To start the API server you must have connectivity to a Postgres instance. Use [environment variables](#environment-variables) to customize the API server start parameters.
@@ -60,6 +60,10 @@ curl --location --request POST 'http://localhost:3000/api/v1/counter' \
 --header 'Authorization: Bearer 931A3B02-8DCC-543F-A1B2-69423D1A0B94'
 ```
 
+> [!NOTE]
+>
+> Authorization does not apply to the `/health` endpoint.
+
 ## Image Verification
 
 We sign our images through [Cosign](https://docs.sigstore.dev/signing/quickstart/). Review the [Image Verification](./docs/image-verification.md) page to learn more.

endpoints/healthRoute.go

@@ -9,7 +9,6 @@ import (
 	"net/http"
 
 	"github.com/rs/zerolog/log"
-	"spectrocloud.com/hello-universe-api/internal"
 )
 
 // NewHandlerContext returns a new CounterRoute with a database connection.
@@ -23,15 +22,6 @@ func (health *HealthRoute) HealthHTTPHandler(writer http.ResponseWriter, request
 	writer.Header().Set("Access-Control-Allow-Origin", "*")
 	var payload []byte
 
-	if health.authorization {
-		validation := internal.ValidateToken(request.Header.Get("Authorization"))
-		if !validation {
-			log.Info().Msg("Invalid token")
-			http.Error(writer, "Invalid credentials", http.StatusUnauthorized)
-			return
-		}
-	}
-
 	switch request.Method {
 	case "GET":
 		value, err := health.getHandler(request)

endpoints/healthRoute_test.go

@@ -99,12 +99,12 @@ func TestHealthHTTPHandlerInvalidToken(t *testing.T) {
 	handler := http.HandlerFunc(health.HealthHTTPHandler)
 	handler.ServeHTTP(rr, req)
 
-	if status := rr.Code; status != http.StatusUnauthorized {
+	if status := rr.Code; status != http.StatusOK {
 		t.Errorf("handler returned wrong status code: got %v want %v",
 			status, http.StatusOK)
 	}
 
-	expected := `Invalid credentials`
+	expected := `{"status":"OK"}`
 	msg := strings.TrimSpace(rr.Body.String())
 	if msg != expected {
 		t.Errorf("handler returned unexpected body: got %v want %v",