Do not expose health check data in health handler

Because health check errors may expose sensitive data, we shouldn't expose the
details of the failure to clients. Instead, an error is returned to the client
with a hint about where they could find further information on why the service
is down.

Signed-off-by: Stephen J Day <stephen.day@docker.com>

health/health.go

@@ -8,6 +8,7 @@ import (
 	"time"
 
 	"github.com/docker/distribution/context"
+	"github.com/docker/distribution/registry/api/errcode"
 )
 
 var (
@@ -214,7 +215,8 @@ func Handler(handler http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		checks := CheckStatus()
 		if len(checks) != 0 {
-			statusResponse(w, r, http.StatusServiceUnavailable, checks)
+			errcode.ServeJSON(w, errcode.ErrorCodeUnavailable.
+				WithDetail("health check failed: please see /debug/health"))
 			return
 		}