feat: Add health check endpoints for deployment verification

[cfsmp3]

Summary

Adds health check endpoints to enable deployment verification and monitoring:

• /health - Returns 200 if all critical checks pass (database, config), 503 otherwise
• /health/live - Liveness probe, always returns 200 if Flask is responding
• /health/ready - Readiness probe, same as /health

Why This Is Needed

Currently, the deployment pipeline has no way to verify that a deployment was successful. If code is deployed that crashes on startup or can't connect to the database, the platform becomes "bricked" with no automatic recovery.

These endpoints enable:

1. Post-deployment verification: After deploying, check /health to confirm the app started successfully
2. Automatic rollback: If health check fails, rollback to previous version
3. Load balancer integration: Standard health endpoints for nginx/HAProxy
4. Container orchestration: Kubernetes liveness/readiness probes

Test Plan

• /health returns 200 when database and config are OK
• /health returns 503 when database fails
• /health returns 503 when config is missing
• /health/live always returns 200
• /health/ready behaves same as /health
• Verify CI passes

Example Response

{
  "status": "healthy",
  "timestamp": "2025-12-23T15:30:00Z",
  "checks": {
    "database": {"status": "ok"},
    "config": {"status": "ok"}
  }
}

Related

This is part of a larger effort to make deployments more reliable. Future PRs will:

1. Add deployment scripts with pre/post checks
2. Update GitHub Actions workflow to use health checks and auto-rollback

🤖 Generated with Claude Code

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.02%. Comparing base (53b3d7f) to head (ab0cf74).

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #948      +/-   ##
==========================================
+ Coverage   86.88%   87.02%   +0.14%     
==========================================
  Files          35       36       +1     
  Lines        3759     3800      +41     
  Branches      767      774       +7     
==========================================
+ Hits         3266     3307      +41     
  Misses        355      355              
  Partials      138      138              

Flag	Coverage Δ
unittests	87.02% <100.00%> (+0.14%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[canihavesomecoffee]

We don't want to just dump the exception message here, it might contain sensitive information. Better log the exception and return a generic error message.

[cfsmp3]

Good catch! Fixed - now logging the exception server-side with g.log.exception() and returning a generic "Database connection failed" message to the client.

[canihavesomecoffee]

Also, you might want to rebase the branch :)

[cfsmp3]

Rebased on master and addressed review comments in the latest commit. CI is now running.

[sonarqubecloud]

Quality Gate passed

Issues
2 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud