faas/apikey-secret at 204c0d7f9a1c7317377d41366af3300589295034 - faas

mirror of https://github.com/openfaas/faas.git synced 2025-06-08 16:26:47 +00:00

History

Lucas Roesler 41bda568a7 Update secret docs and sample-functions

**What**
- Update the documentation about secret management to note the changed
file location
- Remove the documentation on secret rotation, because this will not
currently work
- Update apikey-secret and ApiKeyProtected-Secrets to read secret values
from both the old and the new locations

**Why**
- Recent updates to faas-swarm and faas-netes changed the mount location
of secrets.  These changes update the docs to reflect this change.

Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>

2018-06-17 05:00:52 -07:00

handler.go

Update secret docs and sample-functions

2018-06-17 05:00:52 -07:00

README.md

Fix apikey-secret README.md

2018-04-16 06:33:46 -07:00

README.md

Sample: apikey-secret

This function returns access denied, or unlocked depending on whether your header for X-Api-Key matches a secret in the cluster called secret_api_key.

See the secure secret management guide for more information on secrets.

Trying the sample:


$ docker secret remove secret_api_key  # make sure we delete any existing secret

# Create a secret with Swarm
$ echo -n "secret_value_goes_here" | docker secret create secret_api_key -

# Deploy this sample with Docker Swarm and attach the secret to it

$ cd faas/sample-functions/
$ faas-cli deploy --filter apikey-secret --secret secret_api_key

# Now invoke the function with a good value:

$ echo -n | faas invoke --header "X-Api-Key=secret_value_goes_here" apikey-secret
You unlocked the function.

# Now invoke with a bad value:

echo -n | faas invoke --header "X-Api-Key=wrong_secret_value_goes_here" apikey-secret
Access was denied.