Update the sample functions

**What**
- Move the new secrets sample function to ApiKeyProtected-Secrets
- Bring back the original ApiKeyProtected sample function

Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>

sample-functions/ApiKeyProtected-Secrets/.gitignore

@@ -0,0 +1,2 @@
+ApiKeyProtected
+

sample-functions/ApiKeyProtected-Secrets/Dockerfile

@@ -0,0 +1,23 @@
+FROM golang:1.7.5 as builder
+RUN mkdir -p /go/src/app
+COPY handler.go /go/src/app
+WORKDIR /go/src/app
+
+RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o app .
+
+
+FROM alpine:latest
+
+WORKDIR /root/
+
+EXPOSE 8080
+ENV http_proxy      ""
+ENV https_proxy     ""
+
+ADD https://github.com/alexellis/faas/releases/download/0.6.6d/fwatchdog /usr/bin
+RUN chmod +x /usr/bin/fwatchdog
+
+COPY --from=builder /go/src/app/app    .
+
+ENV fprocess="/root/app"
+CMD ["fwatchdog"]

sample-functions/ApiKeyProtected-Secrets/README.md

@@ -0,0 +1,6 @@
+### Api-Key-Protected sample
+
+See the [secure secret management guide](../guide/secure_secret_management.md) for instructions on how to use this function.
+
+When calling via the gateway pass the additional header "X-Api-Key", if it matches the `secret_api_key` value then the function will give access, otherwise access denied.
+

sample-functions/ApiKeyProtected-Secrets/build.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+echo Building functions/api-key-protected:latest
+docker build --no-cache -t functions/api-key-protected:latest .

sample-functions/ApiKeyProtected-Secrets/handler.go

@@ -0,0 +1,31 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"log"
+	"os"
+	"strings"
+)
+
+func handle(body []byte) {
+	key := os.Getenv("Http_X_Api_Key")
+
+	secretBytes, err := ioutil.ReadFile("/run/secrets/secret_api_key")
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	secret := strings.TrimSpace(string(secretBytes))
+
+	if key == secret {
+		fmt.Println("Unlocked the function!")
+	} else {
+		fmt.Println("Access denied!")
+	}
+}
+
+func main() {
+	bytes, _ := ioutil.ReadAll(os.Stdin)
+	handle(bytes)
+}