# Health & capability endpoint contract (DOCKER-44-003)

Target services: API, Console, Orchestrator, Task Runner, Concelier, Excititor, Policy, Notify, Export, AdvisoryAI.

## HTTP paths
- `GET /health/liveness` — fast, dependency-free check; returns `200` and minimal body.
- `GET /health/readiness` — may hit critical deps (DB, bus, cache); returns `503` when not ready.
- `GET /version` — static payload with `service`, `version`, `commit`, `buildTimestamp` (ISO-8601 UTC), `source` (channel).
- `GET /metrics` — Prometheus text exposition; reuse existing instrumentation.
- `GET /capabilities` — if present for Concelier/Excititor, must include `"merge": false`.

## Minimal ASP.NET 10 wiring (per service)
```csharp
var builder = WebApplication.CreateBuilder(args);
// health checks; add real checks as needed
builder.Services.AddHealthChecks();
var app = builder.Build();

app.MapHealthChecks("/health/liveness", new() { Predicate = _ => false });
app.MapHealthChecks("/health/readiness");

app.MapGet("/version", () => Results.Json(new {
    service = "StellaOps.Policy", // override per service
    version = ThisAssembly.AssemblyInformationalVersion,
    commit = ThisAssembly.Git.Commit,
    buildTimestamp = ThisAssembly.Git.CommitDate.UtcDateTime,
    source = Environment.GetEnvironmentVariable("STELLA_CHANNEL") ?? "edge"
}));

app.UseHttpMetrics();
app.MapMetrics();

app.Run();
```
- Ensure `ThisAssembly.*` source generators are enabled or substitute build vars.
- Keep `/health/liveness` lightweight; `/health/readiness` should test critical dependencies (Mongo, Redis, message bus) with timeouts.
- When adding `/capabilities`, explicitly emit `merge = false` for Concelier/Excititor.

## CI verification
- After publishing an image, run `ops/devops/docker/verify_health_endpoints.sh <image> [port]`.
- CI should fail if any required endpoint is missing or non-200.

## Deployment
- Helm/Compose should set `readOnlyRootFilesystem: true` and wire readiness/liveness probes to these paths/port.