fix liveness and readiness probes for webserver

[henzigo]

No description provided.

[Copilot]

Pull request overview

Updates the Kubernetes webserver/PHP-FPM health checking approach so /health is backed by PHP-FPM’s ping endpoint, and adjusts container probes accordingly.

Changes:

• Switch Nginx /health from stub_status to a FastCGI call into PHP-FPM ping.
• Enable PHP-FPM ping via ping.path / ping.response.
• Update Kubernetes liveness/readiness probes and ports for the webserver and php-fpm containers; document upgrade steps.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
tests/scenarios/production-with-cloudflare/expected/webserver.yaml	Updates expected manifest output for new /health and probe configuration.
tests/scenarios/escaping-env/expected/webserver.yaml	Updates expected manifest output for new /health and probe configuration.
tests/scenarios/development-single-domain/expected/webserver.yaml	Updates expected manifest output for new /health and probe configuration.
tests/scenarios/basic-production/expected/webserver.yaml	Updates expected manifest output for new /health and probe configuration.
tests/fixtures/orchestration/kubernetes/configmap/nginx.yaml	Adjusts Nginx fixture to route /health to PHP-FPM ping.
kubernetes/deployments/webserver-php-fpm.yaml	Adds/adjusts probes and ports for webserver and php-fpm, and tweaks php-fpm preStop command.
kubernetes/configmap/production-php-fpm.yaml	Enables PHP-FPM ping endpoint (/ping).
UPGRADE.md	Documents manual upgrade steps for the /health change.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

preStop was changed to run /bin/sh -lc .... The -l (login shell) flag is unnecessary here and can introduce non-obvious behavior (sourcing profile scripts) or portability issues compared to the rest of the manifests that use sh -c. Using a plain -c keeps the command consistent and reduces risk.

Suggested change

	command: ["/bin/sh","-lc","sleep 10; kill -QUIT 1 || true"]
	command: ["/bin/sh","-c","sleep 10; kill -QUIT 1 || true"]

[Copilot]

These blank lines contain trailing whitespace (lines with spaces only). It’s better to keep them as truly empty lines to avoid noisy diffs and potential formatting/linting issues.

Suggested change

	include fastcgi_params;
	fastcgi_read_timeout 3s;
	fastcgi_param SCRIPT_FILENAME /ping;
	fastcgi_param SCRIPT_NAME /ping;
	fastcgi_param REQUEST_METHOD GET;
	include fastcgi_params;
	fastcgi_read_timeout 3s;
	fastcgi_param SCRIPT_FILENAME /ping;
	fastcgi_param SCRIPT_NAME /ping;
	fastcgi_param REQUEST_METHOD GET;

[Copilot]

The new php-fpm liveness/readiness probes use tcpSocket: port: 9000, but PHP-FPM is configured to listen = 127.0.0.1:9000 (ConfigMap production-php-fpm). Kubernetes TCP socket probes connect to the Pod IP, not 127.0.0.1, so these probes will fail and continuously restart the container. Consider switching to an exec probe that connects to 127.0.0.1:9000 (e.g., via a local fastcgi client), or change PHP-FPM to listen on 0.0.0.0:9000/a unix socket and update Nginx accordingly.

Suggested change

	tcpSocket:
	port: 9000
	initialDelaySeconds: 30
	periodSeconds: 10
	timeoutSeconds: 2
	readinessProbe:
	tcpSocket:
	port: 9000
	exec:
	command:
	- /bin/sh
	- -lc
	- 'php -r ''$s=@fsockopen("127.0.0.1", 9000, $errno, $errstr, 1); if (!$s) { exit(1); } fclose($s);'''
	initialDelaySeconds: 30
	periodSeconds: 10
	timeoutSeconds: 2
	readinessProbe:
	exec:
	command:
	- /bin/sh
	- -lc
	- 'php -r ''$s=@fsockopen("127.0.0.1", 9000, $errno, $errstr, 1); if (!$s) { exit(1); } fclose($s);'''