feat(docker): add HEALTHCHECK and remove unused cron from Dockerfiles

[bitflicker64]

Purpose of the PR

• relates to [Bug] Docker containers never restart when Java process crashes — broken cron monitor + tail -f /dev/null supervision #3043

docker ps always shows Up even when Java has crashed inside the container because all three Dockerfiles had no HEALTHCHECK. Operators cannot distinguish a healthy container from a zombie. Also, cron was installed in all three images but is never used in Docker deployments — the cron-based monitor (-m true) is for VM/bare-metal only.

Main Changes

• Add HEALTHCHECK to hugegraph-server/Dockerfile, hugegraph-pd/Dockerfile, hugegraph-store/Dockerfile:
  • Server: curl http://localhost:8080/versions
  • PD: curl http://localhost:8620/v1/health
  • Store: curl http://localhost:8520/v1/health
  • Fallback: if HTTP is not yet up but Java is alive (kill -0 on pid file), report healthy — avoids false unhealthy during startup
  • Endpoints match what is already used in docker/docker-compose.yml
• Remove cron from apt-get install in all three Dockerfiles — shrinks image size and reduces attack surface

Verifying these changes

• Need tests and can be verified as follows:
  • docker run container → docker inspect --format='{{.State.Health.Status}}' → reports healthy once Java is up
  • kill -9 Java inside container → status transitions to unhealthy within --interval * --retries seconds

Does this PR potentially affect the following parts?

• Dependencies
• Modify configurations
• The public API
• Other affects
• Nope

Documentation Status

• Doc - No Need

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 39.08%. Comparing base (1f61c48) to head (f6f7c14).

Additional details and impacted files

@@             Coverage Diff              @@
##             master    #3052      +/-   ##
============================================
+ Coverage     36.11%   39.08%   +2.96%     
- Complexity      338      622     +284     
============================================
  Files           803      814      +11     
  Lines         68234    69385    +1151     
  Branches       8964     9161     +197     
============================================
+ Hits          24640    27116    +2476     
+ Misses        40936    39428    -1508     
- Partials       2658     2841     +183     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[imbajin]

Blocking: yes. Summary: The image healthchecks currently mark a live JVM as healthy even when the configured HTTP health endpoint is failing. Evidence: static review of hugegraph-server/Dockerfile:69-71 and existing compose healthchecks in docker/docker-compose.yml:49/77/99.

---

CI/status: codecov/project is failing on the latest head; please check 🔗 https://github.com/apache/hugegraph/runs/79772635318.

[imbajin]

⚠️ Keep the healthcheck tied to the HTTP endpoint

Evidence: the existing compose healthchecks use curl ... || exit 1 for /versions and /v1/health, but the new Dockerfile healthchecks return success whenever ./bin/pid still points to a live JVM. This same fallback is added to the server, hstore, PD, and store images.

Impact: after the start period, a container can remain healthy even when the REST endpoint is down or wedged, which weakens the health signal this PR is adding. Please make the steady-state Dockerfile healthcheck fail on HTTP failure, or keep any process-only fallback outside the steady-state HEALTHCHECK path.

[bitflicker64]

Good point --start-period=90s already covers the startup window, so the || kill -0 fallback is redundant and weakens the signal. Removing it from all four Dockerfiles so the HEALTHCHECK is purely HTTP-based. Pushing now.