1. Use httptest.ResponseRecorder instead of custom implementation
StringResponseWriter.
2. Remove verbose log line in infohandler
Signed-off-by: Edward Wilde <ewilde@gmail.com>
**What**
- When determining the service name of the function, remove any trailing
slashes, the slashes are not allowed in service names for either Swarm
or K8S, so this can only be a left over from the url path
**Why**
- This was preventing service resolution, and hence failed functions,
when the function was called with a trailing slash
Fixes#714
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
This change enables secrets to be read from any mount on disk
rather than hard-coding a certain location which suits Swarm or
K8s. The default value if not specified will look in the Swarm
location of /run/secrets/
README.md (docs) updated and set to off by default.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
Fixes https://github.com/openfaas/faas/issues/687 allowing the
gateway to handle the responsibility of basic auth for when it is
in use.
To enable set basic_auth env-var to true and then mount two
secrets or plaintext files under /var/secrets/
basic_auth_user, basic_auth_password
Tested with faas-cli list/deploy and with Safari browser.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
Previous PR from Simon or Ken broke build due to missing gofmt
in the PR. This PR applies it to resolve the build issue.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
Introduced an new label to set the scaling factor that is used to calculate th proportions, setting it to 0 also allows to disable scaling.
Updated the tests to reflect the changes and added a new test which shows that setting the scaling factor to 0 indeed does disable scaling.
Ensured that the scaling factor is always between [0 and 100].
Signed-off-by: Simon Pelczer <templum.dev@gmail.com>
The unit tests were inside the `gateway/tests` directory which had no
effect to the coverage for `go test`. Therefore, moved the tests inside
the same directory as the test target.
Signed-off-by: Ken Fukuyama <kenfdev@gmail.com>
Proxy body was being passed correctly due to placement of defer
statement. This has been moved into outer scope to resolve issue.
Tested with new e2e tests in certifier component.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
HTTP proxy was not passing query-string upstream. This change
reinstates the behaviour through TDD - adding test coverage and
automated regression testing.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
This commit replaces occurences of http method strings with the
corresponding consts from the http package.
*Note* UPDATE is not strictly speaking a valid method and as such isn't
part of the http package (should be a PUT or PATCH?)
Signed-off-by: John McCabe <john@johnmccabe.net>
Adds a pair of configuration options for performance tuning. The
gateway can now invoke functions directly and can bypass the
provider. See updated table in README.md for configuration values.
BaseURLResolver is added with unit tests that decouples resolving
upstream URL from the reverse proxy client code.
- SingleHostBaseURLResolver resolves a single upstream host
- FunctionAsHostBaseURLResolver resolves host based upon conventions
within the URL of the request to a function for direct access
Tested with Kubernetes (faas-netes) and faas-swarm through UI, CLI
calling system endpoints and functions directly.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
**What**
- Add a description for the secret key to the api swagger spec.
- Remove optional examples from the secret management guide.
- Update the ApiKeyProtected README to point at the new guide.
- Refactor the `makeSpec` function to accept the already assembled secrets
array because this should be easier to unit test.
Signed-off-by: Lucas Roesler <lucas.roesler@gmail.com>
**What**
- Add the ability to specify secrets as a csv
- Vendor the docker/cli/opts
- Update the guide for secrets to use the `faas-cli`
**Why**
- Allowing the csv specification of secrets gives users more control about how
those secrets are mounted into the container. This is good for things like
key rotation and for developers that are building on top of OpenFaaS.
Signed-off-by: Lucas Roesler <lucas.roesler@gmail.com>
**What**
- During function creation, accept an array of strings defining swarm secrets
that are required for the service
- Update docs
- Add new guide on using the secrets capability
- Add new sample function to highlight using environment variables
- Update `ApiKeyProtected` sample function to utilize the new secrets
capabilities
**Why**
- This allows secrets to remain encrypted at rest instead of being unencrypted
in environment variables and yaml files.
Fixes#285
Signed-off-by: Lucas Roesler <lucas.roesler@gmail.com>
Note, not all `alexellis/github` references should be changed, there are
a number of repos which are not part of the openfaas org, this commit
excludes those.
Signed-off-by: John McCabe <john@johnmccabe.net>
This commit implements an update handler for Docker Swarm, it queries the
current spec, updates values in-situ before calling ServiceUpdate.
The UpdateConfig FailureAction is set to rollback, so in the event of
supplying values to the update that would result in the service failing
then the update will be rolled back.
The UpdateConfig Parallelism param is set to an explicit value of 1 which
will result in functions being updated 1 by 1 rather than all at once.
It also moves the restartDelay declaration out of the create and update
handlers and into the main server function alongside maxRestarts.
And finally this commit uses the PUT HTTP verb for updates rather than
the non-HTTP UPDATE verb which was being used initially (also adding it
to the Swagger definition).
Signed-off-by: John McCabe <john@johnmccabe.net>
