Lucas Roesler 41bda568a7 Update secret docs and sample-functions
**What**
- Update the documentation about secret management to note the changed
file location
- Remove the documentation on secret rotation, because this will not
currently work
- Update apikey-secret and ApiKeyProtected-Secrets to read secret values
from both the old and the new locations

**Why**
- Recent updates to faas-swarm and faas-netes changed the mount location
of secrets.  These changes update the docs to reflect this change.

Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
2018-06-17 05:00:52 -07:00

43 lines
844 B
Go

package main
import (
"fmt"
"io/ioutil"
"log"
"os"
"strings"
)
func getAPISecret(secretName string) (secretBytes []byte, err error) {
// read from the openfaas secrets folder
secretBytes, err = ioutil.ReadFile("/var/openfaas/secrets/" + secretName)
if err != nil {
// read from the original location for backwards compatibility with openfaas <= 0.8.2
secretBytes, err = ioutil.ReadFile("/run/secrets/" + secretName)
}
return secretBytes, err
}
func handle(body []byte) {
key := os.Getenv("Http_X_Api_Key")
secretBytes, err := getAPISecret("secret_api_key")
if err != nil {
log.Fatal(err)
}
secret := strings.TrimSpace(string(secretBytes))
if key == secret {
fmt.Println("Unlocked the function!")
} else {
fmt.Println("Access denied!")
}
}
func main() {
bytes, _ := ioutil.ReadAll(os.Stdin)
handle(bytes)
}