Lucas Roesler 41bda568a7 Update secret docs and sample-functions
**What**
- Update the documentation about secret management to note the changed
file location
- Remove the documentation on secret rotation, because this will not
currently work
- Update apikey-secret and ApiKeyProtected-Secrets to read secret values
from both the old and the new locations

**Why**
- Recent updates to faas-swarm and faas-netes changed the mount location
of secrets.  These changes update the docs to reflect this change.

Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
2018-06-17 05:00:52 -07:00

40 lines
922 B
Go

package function
import (
"io/ioutil"
"log"
"os"
"strings"
)
func getAPISecret(secretName string) (secretBytes []byte, err error) {
// read from the openfaas secrets folder
secretBytes, err = ioutil.ReadFile("/var/openfaas/secrets/" + secretName)
if err != nil {
// read from the original location for backwards compatibility with openfaas <= 0.8.2
secretBytes, err = ioutil.ReadFile("/run/secrets/" + secretName)
}
return secretBytes, err
}
// Handle a serverless request
func Handle(req []byte) string {
key := os.Getenv("Http_X_Api_Key") // converted via the Header: X-Api-Key
secretBytes, err := getAPISecret("secret_api_key") // You must create a secret ahead of time named `secret_api_key`
if err != nil {
log.Fatal(err)
}
secret := strings.TrimSpace(string(secretBytes))
message := "Access was denied."
if key == secret {
message = "You unlocked the function."
}
return message
}