**What**
- Document the new logs handler url env variable in the gateway readme
- Document the logs handler in the swagger docs
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Use NotImplemented when we get a 404 from the log provider. When we
get a 200, process the log request, as normal. For all other status
codes, return a sever error with a message stating that the
response was unexpected. The message will contain the original status
code to assist with debugging
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Fix missing imports since my ide forgot to add the "time" package
- Update the tests to accept the handler timeout duration
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Pass the writetimeout to the logs handler to set the context timeout
of the log stream.
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Add test to verify that the log proxy shutsdown correctly when the
client cancels
- Add test to verify that the log proxy shutsdown correctly when the
logs provider closes the connection
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Implement log handler method that will hijack the connection and clear
timeouts to allow long lived streams
- Proxies requests to the logs provider and returns the response
unmodified
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
Automatic builds for auth-module on x86_64 (via Travis) and on-demand on-device for arm via publish.sh
The basic-auth module is not built or pushed upon 'tag' / 'release' of the faas repo, but it should be: https://github.com/openfaas/faas/tree/master/auth. We also don't create on-device images for this, but should do for both armhf and arm64: https://github.com/openfaas/faas/blob/master/contrib/publish-arm.sh
This change addresses these challenges and also introduces a tagAndPush script to alleviate some of the recently introduced repetition in .travis.yml.
Signed-off-by: Richard Gee <richard@technologee.co.uk>
The customize button was redundant to the custom tab
This could lead to confusion with the user experience,
so the additional button has been removed.
Signed-off-by: Burton Rheutan <rheutan7@gmail.com>
Detail was removed on 10th June with a comment that it will be enabled once GitHub provide access to the beta. This access was provided on 12th June hence re-enabling.
Signed-off-by: Richard Gee <richard@technologee.co.uk>
Adding additional inputs for Environment variables, Secrets,
Labels, and annotations so that more advanced functions can
be deployed through the UI.
This also allows more advanced functions to be provided via
the store. Allowing modification to secret values, and
environment variables which will allow functions like a
Slack Bot function to be deployed through the store adn
configured with an environment variable
Signed-off-by: Burton Rheutan <rheutan7@gmail.com>
This corrects an issue where the error body was being hidden
for the external auth handler. It also adds the ca-certs into
the runtime Docker image for when the gateway is calling an
external plugin exposed over HTTPS.
Tested with OAuth2 plugin.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
This commit moves the OpenFaaS gateway from using in-process
basic-auth for everything to use an external auth URL instead.
When auth is not enable, this functionality is not added to the
handlers and behaves as before. When enabled, the configured
plugin with authenticate requests.
Tested on Docker Swarm with positive and negative tests.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
Fixes issue by adding unit test to make sure the body from
the plugin is written correctly and proxied to the client.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
Fix for external auth wrapper handler. Written by introducing
a broken unit test. Whenever the auth plugin returns a request
as not authorized, we must pass back any headers set by the
plugin.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
Fixes issue found in e2e testing where the headers were not
being passed to the basic-auth-plugin. This change makes sure
the upstream check gets all headers copied in before making
the call.
Tested with negative unit tests before writing fix.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
