Session check does not work when IP allowlist is configured

[sebhoss]

We have configured allowedips to contain our monitoring server which can now fetch the health status of our Moodle instances (thanks!). However, this does not work when we use fullcheck or checksession. I'm guessing that this is because the session check verifies the incoming IP address as well. Since the code (https://github.com/catalyst/moodle-tool_heartbeat/blob/MOODLE_39_STABLE/index.php#L128-L129) is just using curl to call the sessionone.php site, the IP verification fails because the request is no longer coming from an allowed IP address.

In our case, we are running in Kubernetes and do not know the pod IP upfront, and therefore cannot add its IP to the list of allowed IPs. We tried adding the pod CIDR but that does not work either. Likewise, adding 127.0.0.1, localhost, and ::1 did not work either.