From 842773d1f4be5c95ad2d48f922737f54fd20fab2 Mon Sep 17 00:00:00 2001
From: aligneddev <aligneddev@github.com>
Date: Mon, 15 Jun 2026 14:59:53 +0000
Subject: [PATCH 1/2] fix(ci): smoke test hit / not /health in Production env

MapDefaultEndpoints only maps /health when IsDevelopment().
Published API runs Production -> /health returns 404.

Switch probe to / which always returns 200 in all environments.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
 .github/workflows/release.yml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index e7aa99b..c5c4224 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -215,7 +215,7 @@ jobs:
             --output /tmp/api-publish \
             --no-restore
 
-      - name: Start API and verify /health
+      - name: Start API and verify it responds
         run: |
           ASPNETCORE_URLS="http://localhost:5436" \
           ASPNETCORE_ENVIRONMENT="Production" \
@@ -223,18 +223,19 @@ jobs:
           API_PID=$!
           echo "API PID: $API_PID"
 
-          # Wait up to 30s for /health to respond 200
+          # Wait up to 30s for / to respond 200
+          # /health is only mapped in Development; / is always available.
           for i in $(seq 1 30); do
-            STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:5436/health || true)
+            STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:5436/ || true)
             if [ "$STATUS" = "200" ]; then
-              echo "API healthy after ${i}s"
+              echo "API responding after ${i}s"
               kill $API_PID
               exit 0
             fi
             sleep 1
           done
 
-          echo "ERROR: API did not become healthy within 30s"
+          echo "ERROR: API did not respond within 30s"
           kill $API_PID 2>/dev/null || true
           exit 1
 

From 2c49abb270b850e9f9e51680fadccac7467d8e86 Mon Sep 17 00:00:00 2001
From: aligneddev <aligneddev@github.com>
Date: Mon, 15 Jun 2026 15:04:30 +0000
Subject: [PATCH 2/2] fix(health): always map /health and /alive endpoints

MapDefaultEndpoints previously gated both endpoints behind IsDevelopment(),
causing 404 in the release smoke test and for installed-app users.

This is a local-first desktop app with no cloud exposure, so the
Aspire-template security caveat does not apply. Remove the guard so
/health is reachable in all environments.

Restore /health probe in release.yml smoke-test-api step.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
 .github/workflows/release.yml                 | 11 +++++-----
 .../Extensions.cs                             | 21 +++++++------------
 2 files changed, 13 insertions(+), 19 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c5c4224..e7aa99b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -215,7 +215,7 @@ jobs:
             --output /tmp/api-publish \
             --no-restore
 
-      - name: Start API and verify it responds
+      - name: Start API and verify /health
         run: |
           ASPNETCORE_URLS="http://localhost:5436" \
           ASPNETCORE_ENVIRONMENT="Production" \
@@ -223,19 +223,18 @@ jobs:
           API_PID=$!
           echo "API PID: $API_PID"
 
-          # Wait up to 30s for / to respond 200
-          # /health is only mapped in Development; / is always available.
+          # Wait up to 30s for /health to respond 200
           for i in $(seq 1 30); do
-            STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:5436/ || true)
+            STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:5436/health || true)
             if [ "$STATUS" = "200" ]; then
-              echo "API responding after ${i}s"
+              echo "API healthy after ${i}s"
               kill $API_PID
               exit 0
             fi
             sleep 1
           done
 
-          echo "ERROR: API did not respond within 30s"
+          echo "ERROR: API did not become healthy within 30s"
           kill $API_PID 2>/dev/null || true
           exit 1
 
diff --git a/src/BikeTracking.ServiceDefaults/Extensions.cs b/src/BikeTracking.ServiceDefaults/Extensions.cs
index af4ec9b..9e4a017 100644
--- a/src/BikeTracking.ServiceDefaults/Extensions.cs
+++ b/src/BikeTracking.ServiceDefaults/Extensions.cs
@@ -118,19 +118,14 @@ public static TBuilder AddDefaultHealthChecks<TBuilder>(this TBuilder builder)
 
     public static WebApplication MapDefaultEndpoints(this WebApplication app)
     {
-        // Adding health checks endpoints to applications in non-development environments has security implications.
-        // See https://aka.ms/dotnet/aspire/healthchecks for details before enabling these endpoints in non-development environments.
-        if (app.Environment.IsDevelopment())
-        {
-            // All health checks must pass for app to be considered ready to accept traffic after starting
-            app.MapHealthChecks(HealthEndpointPath);
-
-            // Only health checks tagged with the "live" tag must pass for app to be considered alive
-            app.MapHealthChecks(
-                AlivenessEndpointPath,
-                new HealthCheckOptions { Predicate = r => r.Tags.Contains("live") }
-            );
-        }
+        // All health checks must pass for app to be considered ready to accept traffic after starting
+        app.MapHealthChecks(HealthEndpointPath);
+
+        // Only health checks tagged with the "live" tag must pass for app to be considered alive
+        app.MapHealthChecks(
+            AlivenessEndpointPath,
+            new HealthCheckOptions { Predicate = r => r.Tags.Contains("live") }
+        );
 
         return app;
     }