Most pressing: A decision Scott’s PR’s #59 in comparison to #60.
Key areas for 1.0:
Baseline API (PR’s #59 in comparison to #60)
HTTP protocol binding:
Single entry point per JVM (runtime) or per deployment (more in line with Java EE models and assumptions)?
We could a) leave it to the implementor to decide
… or b) scope the /health binding to the JVM (runtime) per spec decision
a) leaves more room to evolve and has less conflicts with baseline assumptions in Java EE, but b) reflects clearly what the intention of a health check is and the assumption behind it (i.e. failed check terminates the JVM)
Security (Authentication needs):
We see two possible approaches for 1.0:
a) just name the required authentication means required to be supported (i.e. Digest and JWT) and leave it the runtime how these are configured and enabled (out-of-bounds)
b) A different approach altogether: no payload by default. Without payload, no sensitive data can be exposed. Without sensitive data, no authentication is required
For b) speaks the fact that:
Primary use case is machine-machine communication. Here the payload is ignored anyway
Without payload the performance increases and health checks are time sensitive (<1 sec in many cloud platforms)
Most cloud platform don’t support authentication means for health checks
An approach to b) could be @Health(sensitive=true) by default, which suppresses the payload and forces developer to explicitly enabled a response payload for a health check with @Health(sensitive=false)
With respect to the PR’s #59 in comparison to #60 a decision for #60 has been taken, based on the information available to the participants on the call (github votes, ML comments)