Add site health check to detect blocked REST API and short-circuit optimization when unavailable

[b1ink0]

Summary

Fixes #1731

Relevant technical choices

• Adds a site health check to verify the availability and status of the /optimization-detective/v1/url-metrics:store REST API endpoint. The process will short-circuit if the endpoint is inaccessible.
• Based on the status, a global admin notice on plugin activation and meta row notice on subsequent admin pages will be shown.

Scenarios:

1. When the health check passes
   

2. When the REST API endpoint returns a forbidden error

   
   

3. When the REST API endpoint returns an unauthorized error
   
   

4. When other errors are encountered
   
   

[westonruter]

Should there be a plugin activation hook added as well which does add_option() for the new option and then also kicks off (or schedules) a REST API check? Ideally there would be a warning shown immediately after activating the plugin (e.g. on the plugins list table screen) whether the REST API is working so that the user doesn't have to discover it later via Site Health.

[westonruter]

Maybe put site-health in the root directory instead of inside includes since there are no other directories in there?

[b1ink0]

I thought in future if we added something like admin dashboard for managing URL metrics or any other admin dashboard related thing then it would be better to add that feature in includes/admin. But we can just refactor things later when we need it so moving site-health to root makes sence.

[westonruter]

Yeah, let's put it in the root for now since all other directories are there.

if we added something like admin dashboard for managing URL metrics or any other admin dashboard related thing

Aside: I did put together a rough utility plugin for this: https://github.com/westonruter/od-admin-ui

[westonruter]

This is the first PR that adds an option to to Optimization Detective. We'll need to make sure that the relevant delete_option() calls get added to the plugin's uninstall.php.

[westonruter]

Actually, this check wouldn't make sense here. It should rather be done in od_maybe_add_template_output_buffer_filter() to short-circuit if the REST API it is not available.

[westonruter]

Should the $error->get_message() and maybe $error->get_code() be stored here?

[westonruter]

Instead of storing the string, what about storing the $status_code instead?

[westonruter]

The else condition should be added as an error result as well. Here especially the $status_code could be used.

[westonruter]

Instead of having update_option() appearing in multiple places, each condition could populate an $info variable which is then sent into update_option() once at the end of the function.

[westonruter]

Is this a best practice? Should it rather go in admin_init to avoid frontend writes? I'm not sure what others do here.

[b1ink0]

I think scheduling on plugin activation hook will be better than admin_init.

[westonruter]

The problem is that the plugin activation hook doesn't work when network-activating a plugin in multisite.

[westonruter]

In looking at WP_Site_Health, it goes ahead and schedules an event even for frontend requests, since it calls its maybe_create_scheduled_event method in the constructor. And the instance is loaded in wp-settings.php. Nevertheless, since a database write is involved, it is preferable if event scheduling happens via an admin request and not unauthenticated frontend requests.

[b1ink0]

Please look at this comment regarding which hook should be used.

[westonruter]

I think hourly is too much. Maybe weekly would make sense.

[b1ink0]

I currently have it set to run weekly, but that might be too infrequent. If a configuration change disables the REST API, it could take an entire week for user to detect the issue. I believe running it daily would be a better choice.

[westonruter]

I think weekly is fine. It's not likely that a user would be changing the availability of the REST API. If we check at the moment that a plugin is activated, and then check weekly thereafter, then this should be good. Note that Site Health's own checks run on a weekly basis via the wp_site_health_scheduled_check action.

[westonruter]

I realized that the Site Health test was getting buried among other recommended tests so I've bumped it to critical. I've also included the raw response so the user can have additional context:

[westonruter]

Example I've seen with Nginx blocking the REST API shows up as this:

[westonruter]

Looking forward to getting this out there!

[westonruter]

Ah, the rest case should actually run the admin_notices action to increase code coverage here.

[westonruter]

Done in 6fee919

[westonruter]

Looks like I neglected to include a test for the cached state.

[westonruter]

See 6fee919

[westonruter]

This intentionally makes the option autoloaded. Maybe we should pass the parameter to make this explicit.

[westonruter]

See 8926f10

[felixarntz]

I think there are still a few things in here that need to be addressed, given the major additional changes made.

[felixarntz]

I'm a bit concerned about trying to store a potential WP_Error object in a transient. Can we parse that into a raw data array instead to make this safer?

[westonruter]

Why is it concerning to store a WP_Error in a transient? The object gets serialized.

[felixarntz]

Hmm, is there prior art for that in WordPress? I suppose it could work, but have you tested this, both using the DB for transients as well as a persistent object cache?

[felixarntz]

Looking at the WP_Error class, for instance I would expect the $additional_data property to be missing, since it's not public. Granted, that data may not be important for what we're doing here, but it shows the fragility of relying on serialization.

[westonruter]

As noted above, the test_od_get_rest_api_health_check_response test confirms that transients return unserialized WP_Error instances.

[westonruter]

Take a look at fetch_feed() such as used in the RSS widget. It stores an array that contains objects in it.

FWIW, I've been aware of storing class instances in transients and options since before I can remember. What's the difference with arrays? Both require serialization.

[westonruter]

I was googling for other examples, and I found a reference to Site Kit storing objects in transients: https://wpengine.com/resources/guide-to-transients-in-wordpress/

I can't find the current reference to that code in GitHub though.

Here's an example in the Transients documentation about storing a WP_Query instance in a transient: https://developer.wordpress.org/apis/transients/#complete-example

[westonruter]

Here's another example where an object is stored in a transient in wp_version_check(): https://github.com/WordPress/wordpress-develop/blob/2f654881e494424634d5821d1ef37c06edb8923a/src/wp-includes/update.php#L36-L73

[westonruter]

Objects are also stored in object cache in WP_Term_Query: https://github.com/WordPress/wordpress-develop/blob/2f654881e494424634d5821d1ef37c06edb8923a/src/wp-includes/class-wp-term-query.php#L879-L902

[felixarntz]

Okay, you have me convinced. With this already done elsewhere in Core, this shouldn't be an issue, and the WP_Error class is basically always available, so there shouldn't be a problem unserializing it. 👍

[felixarntz]

@westonruter This looks good, only a few minor points now. My only blocking concern still is #1762 (comment) (I don't think we can rely on serialization for sites with a persistent object cache).

[felixarntz]

LGTM, thanks for all the iterations and discussion @b1ink0 @westonruter!