5 changed files with 29 additions and 31 deletions
--- a/2
+++ b/2
@ -12,6 +12,4 @@ FROM scratch
 COPY --from=builder /checker-kerberos /checker-kerberos
 USER 65534:65534
 EXPOSE 8080
-HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
-  CMD ["/checker-kerberos", "-healthcheck"]
 ENTRYPOINT ["/checker-kerberos"]
--- a/README.md
+++ b/README.md
@ -59,4 +59,4 @@ KDC over the network as part of an authenticated round-trip. It is
 meant to run on a trusted network, reachable only by the happyDomain
 instance that drives it. Restrict access via a reverse proxy with
 authentication, a network ACL, or by binding the listener to a private
-interface; do not expose it directly to the public internet.
+interface — do not expose it directly to the public internet.
--- a/checker/rules.go
+++ b/checker/rules.go
@ -12,31 +12,31 @@ import (
 // Rule codes emitted by the kerberos rules. Keep these stable; UI / metrics
 // may match on them.
 const (
-	CodeSRVOK            = "kerberos.srv.ok"
-	CodeNoSRV            = "kerberos.srv.missing"
-	CodeKDCReachableOK   = "kerberos.kdc.reachable"
-	CodeKDCUnreachable   = "kerberos.kdc.unreachable"
-	CodeKDCPartial       = "kerberos.kdc.partial"
-	CodeASProbeOK        = "kerberos.as.ok"
-	CodeASProbeFailed    = "kerberos.as.failed"
-	CodeASWrongRealm     = "kerberos.as.wrong_realm"
-	CodeASRepNoPreauth   = "kerberos.as.no_preauth"
-	CodeClockSkewOK      = "kerberos.clock_skew.ok"
-	CodeClockSkewBad     = "kerberos.clock_skew.bad"
-	CodeEnctypesStrong   = "kerberos.enctypes.strong"
-	CodeEnctypesWeakOnly = "kerberos.enctypes.weak_only"
-	CodeEnctypesMixed    = "kerberos.enctypes.mixed"
-	CodeEnctypesUnknown  = "kerberos.enctypes.unknown"
-	CodeKadminDown       = "kerberos.kadmin.unreachable"
-	CodeKadminOK         = "kerberos.kadmin.ok"
-	CodeKpasswdDown      = "kerberos.kpasswd.unreachable"
-	CodeKpasswdOK        = "kerberos.kpasswd.ok"
-	CodeAuthSkipped      = "kerberos.auth.skipped"
-	CodeAuthTGTOK        = "kerberos.auth.tgt_ok"
-	CodeAuthTGTFail      = "kerberos.auth.tgt_fail"
-	CodeAuthTGSOK        = "kerberos.auth.tgs_ok"
-	CodeAuthTGSFail      = "kerberos.auth.tgs_fail"
-	CodeAuthTGSSkipped   = "kerberos.auth.tgs_skipped"
+	CodeSRVOK              = "kerberos.srv.ok"
+	CodeNoSRV              = "kerberos.srv.missing"
+	CodeKDCReachableOK     = "kerberos.kdc.reachable"
+	CodeKDCUnreachable     = "kerberos.kdc.unreachable"
+	CodeKDCPartial         = "kerberos.kdc.partial"
+	CodeASProbeOK          = "kerberos.as.ok"
+	CodeASProbeFailed      = "kerberos.as.failed"
+	CodeASWrongRealm       = "kerberos.as.wrong_realm"
+	CodeASRepNoPreauth     = "kerberos.as.no_preauth"
+	CodeClockSkewOK        = "kerberos.clock_skew.ok"
+	CodeClockSkewBad       = "kerberos.clock_skew.bad"
+	CodeEnctypesStrong     = "kerberos.enctypes.strong"
+	CodeEnctypesWeakOnly   = "kerberos.enctypes.weak_only"
+	CodeEnctypesMixed      = "kerberos.enctypes.mixed"
+	CodeEnctypesUnknown    = "kerberos.enctypes.unknown"
+	CodeKadminDown         = "kerberos.kadmin.unreachable"
+	CodeKadminOK           = "kerberos.kadmin.ok"
+	CodeKpasswdDown        = "kerberos.kpasswd.unreachable"
+	CodeKpasswdOK          = "kerberos.kpasswd.ok"
+	CodeAuthSkipped        = "kerberos.auth.skipped"
+	CodeAuthTGTOK          = "kerberos.auth.tgt_ok"
+	CodeAuthTGTFail        = "kerberos.auth.tgt_fail"
+	CodeAuthTGSOK          = "kerberos.auth.tgs_ok"
+	CodeAuthTGSFail        = "kerberos.auth.tgs_fail"
+	CodeAuthTGSSkipped     = "kerberos.auth.tgs_skipped"
 )

 // Rules returns the full list of CheckRules exposed by the Kerberos checker.
--- a/go.mod
+++ b/go.mod
@ -3,7 +3,7 @@ module git.happydns.org/checker-kerberos
 go 1.25.0

 require (
-	git.happydns.org/checker-sdk-go v1.5.0
+	git.happydns.org/checker-sdk-go v1.3.0
 	github.com/jcmturner/gofork v1.7.6
 	github.com/jcmturner/gokrb5/v8 v8.4.4
 )
--- a/go.sum
+++ b/go.sum
@ -1,5 +1,5 @@
-git.happydns.org/checker-sdk-go v1.5.0 h1:5uD5Cm6xJ+lwnhbJ09iCXGHbYS9zRh+Yh0NeBHkAPBY=
-git.happydns.org/checker-sdk-go v1.5.0/go.mod h1:aNAcfYFfbhvH9kJhE0Njp5GX0dQbxdRB0rJ0KvSC5nI=
+git.happydns.org/checker-sdk-go v1.3.0 h1:FG2kIhlJCzI0m35EhxSgn4UWc9M4ha6aZTeoChu4l7A=
+git.happydns.org/checker-sdk-go v1.3.0/go.mod h1:aNAcfYFfbhvH9kJhE0Njp5GX0dQbxdRB0rJ0KvSC5nI=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=