Inline namespace check and create const for label

* Inlines the namespace check for valid faasd namespaces
* Creates a const for the namespace label applied to faasd
namespaces

Tested with go build and go test.

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>

cmd/provider.go

@@ -88,7 +88,7 @@ func makeProviderCmd() *cobra.Command {
 		baseUserSecretsPath := path.Join(wd, "secrets")
 		if err := moveSecretsToDefaultNamespaceSecrets(
 			baseUserSecretsPath,
-			faasd.FunctionNamespace); err != nil {
+			faasd.DefaultFunctionNamespace); err != nil {
 			return err
 		}
 

pkg/constants.go

@@ -1,8 +1,11 @@
 package pkg
 
 const (
-	// FunctionNamespace is the default containerd namespace functions are created
+	// DefaultFunctionNamespace is the default containerd namespace functions are created
-	FunctionNamespace = "openfaas-fn"
+	DefaultFunctionNamespace = "openfaas-fn"
+
+	// NamespaceLabel indicates that a namespace is managed by faasd
+	NamespaceLabel = "openfaas"
 
 	// FaasdNamespace is the containerd namespace services are created
 	FaasdNamespace = "openfaas"

pkg/logs/requestor.go

@@ -71,7 +71,7 @@ func buildCmd(ctx context.Context, req logs.Request) *exec.Cmd {
 
 	namespace := req.Namespace
 	if namespace == "" {
-		namespace = faasd.FunctionNamespace
+		namespace = faasd.DefaultFunctionNamespace
 	}
 
 	// find the description of the fields here

pkg/provider/handlers/delete.go

@@ -43,13 +43,13 @@ func MakeDeleteHandler(client *containerd.Client, cni gocni.CNI) func(w http.Res
 		lookupNamespace := getRequestNamespace(readNamespaceFromQuery(r))
 
 		// Check if namespace exists, and it has the openfaas label
-		nsValid, err := validateNamespace(client, lookupNamespace)
+		valid, err := validNamespace(client, lookupNamespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 
-		if !nsValid {
+		if !valid {
 			http.Error(w, "namespace not valid", http.StatusBadRequest)
 			return
 		}

pkg/provider/handlers/deploy.go

@@ -54,14 +54,14 @@ func MakeDeployHandler(client *containerd.Client, cni gocni.CNI, secretMountPath
 		namespace := getRequestNamespace(req.Namespace)
 
 		// Check if namespace exists, and it has the openfaas label
-		nsValid, err := validateNamespace(client, namespace)
+		valid, err := validNamespace(client, namespace)
 
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 
-		if !nsValid {
+		if !valid {
 			http.Error(w, "namespace not valid", http.StatusBadRequest)
 			return
 		}

pkg/provider/handlers/functions.go

@@ -12,6 +12,7 @@ import (
 
 	"github.com/containerd/containerd"
 	"github.com/containerd/containerd/namespaces"
+	"github.com/openfaas/faasd/pkg"
 	faasd "github.com/openfaas/faasd/pkg"
 	"github.com/openfaas/faasd/pkg/cninetwork"
 )
@@ -35,12 +36,12 @@ type Function struct {
 func ListFunctions(client *containerd.Client, namespace string) (map[string]*Function, error) {
 
 	// Check if namespace exists, and it has the openfaas label
-	nsValid, err := validateNamespace(client, namespace)
+	valid, err := validNamespace(client, namespace)
 	if err != nil {
 		return nil, err
 	}
 
-	if !nsValid {
+	if !valid {
 		return nil, errors.New("namespace not valid")
 	}
 
@@ -199,7 +200,7 @@ func ListNamespaces(client *containerd.Client) []string {
 	namespaces, err := store.List(context.Background())
 	if err != nil {
 		log.Printf("Error listing namespaces: %s", err.Error())
-		set = append(set, faasd.FunctionNamespace)
+		set = append(set, faasd.DefaultFunctionNamespace)
 		return set
 	}
 
@@ -210,12 +211,12 @@ func ListNamespaces(client *containerd.Client) []string {
 			continue
 		}
 
-		if _, found := labels["openfaas"]; found {
+		if _, found := labels[pkg.NamespaceLabel]; found {
 			set = append(set, namespace)
 		}
 
-		if !findNamespace(faasd.FunctionNamespace, set) {
+		if !findNamespace(faasd.DefaultFunctionNamespace, set) {
-			set = append(set, faasd.FunctionNamespace)
+			set = append(set, faasd.DefaultFunctionNamespace)
 		}
 	}
 

pkg/provider/handlers/invoke_resolver.go

@@ -24,7 +24,7 @@ func (i *InvokeResolver) Resolve(functionName string) (url.URL, error) {
 	actualFunctionName := functionName
 	log.Printf("Resolve: %q\n", actualFunctionName)
 
-	namespace := getNamespace(functionName, faasd.FunctionNamespace)
+	namespace := getNamespace(functionName, faasd.DefaultFunctionNamespace)
 
 	if strings.Contains(functionName, ".") {
 		actualFunctionName = strings.TrimSuffix(functionName, "."+namespace)

pkg/provider/handlers/read.go

@@ -15,13 +15,13 @@ func MakeReadHandler(client *containerd.Client) func(w http.ResponseWriter, r *h
 
 		lookupNamespace := getRequestNamespace(readNamespaceFromQuery(r))
 		// Check if namespace exists, and it has the openfaas label
-		nsValid, err := validateNamespace(client, lookupNamespace)
+		valid, err := validNamespace(client, lookupNamespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 
-		if !nsValid {
+		if !valid {
 			http.Error(w, "namespace not valid", http.StatusBadRequest)
 			return
 		}

pkg/provider/handlers/replicas.go

@@ -17,13 +17,13 @@ func MakeReplicaReaderHandler(client *containerd.Client) func(w http.ResponseWri
 		lookupNamespace := getRequestNamespace(readNamespaceFromQuery(r))
 
 		// Check if namespace exists, and it has the openfaas label
-		nsValid, err := validateNamespace(client, lookupNamespace)
+		valid, err := validNamespace(client, lookupNamespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 
-		if !nsValid {
+		if !valid {
 			http.Error(w, "namespace not valid", http.StatusBadRequest)
 			return
 		}

pkg/provider/handlers/scale.go

@@ -42,13 +42,13 @@ func MakeReplicaUpdateHandler(client *containerd.Client, cni gocni.CNI) func(w h
 		namespace := getRequestNamespace(readNamespaceFromQuery(r))
 
 		// Check if namespace exists, and it has the openfaas label
-		nsValid, err := validateNamespace(client, namespace)
+		valid, err := validNamespace(client, namespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 
-		if !nsValid {
+		if !valid {
 			http.Error(w, "namespace not valid", http.StatusBadRequest)
 			return
 		}

pkg/provider/handlers/secret.go

@@ -50,13 +50,13 @@ func listSecrets(c *containerd.Client, w http.ResponseWriter, r *http.Request, m
 
 	lookupNamespace := getRequestNamespace(readNamespaceFromQuery(r))
 	// Check if namespace exists, and it has the openfaas label
-	nsValid, err := validateNamespace(c, lookupNamespace)
+	valid, err := validNamespace(c, lookupNamespace)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
 	}
 
-	if !nsValid {
+	if !valid {
 		http.Error(w, "namespace not valid", http.StatusBadRequest)
 		return
 	}

pkg/provider/handlers/update.go

@@ -43,13 +43,13 @@ func MakeUpdateHandler(client *containerd.Client, cni gocni.CNI, secretMountPath
 		namespace := getRequestNamespace(req.Namespace)
 
 		// Check if namespace exists, and it has the openfaas label
-		nsValid, err := validateNamespace(client, namespace)
+		valid, err := validNamespace(client, namespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
 		}
 
-		if !nsValid {
+		if !valid {
 			http.Error(w, "namespace not valid", http.StatusBadRequest)
 			return
 		}

pkg/provider/handlers/utils.go

@@ -2,10 +2,12 @@ package handlers
 
 import (
 	"context"
-	"github.com/containerd/containerd"
 	"net/http"
 	"path"
 
+	"github.com/containerd/containerd"
+
+	"github.com/openfaas/faasd/pkg"
 	faasd "github.com/openfaas/faasd/pkg"
 )
 
@@ -14,7 +16,7 @@ func getRequestNamespace(namespace string) string {
 	if len(namespace) > 0 {
 		return namespace
 	}
-	return faasd.FunctionNamespace
+	return faasd.DefaultFunctionNamespace
 }
 
 func readNamespaceFromQuery(r *http.Request) string {
@@ -26,8 +28,10 @@ func getNamespaceSecretMountPath(userSecretPath string, namespace string) string
 	return path.Join(userSecretPath, namespace)
 }
 
-func validateNamespace(client *containerd.Client, namespace string) (bool, error) {
+// validNamespace indicates whether the namespace is eligable to be
-	if namespace == faasd.FunctionNamespace {
+// used for OpenFaaS functions.
+func validNamespace(client *containerd.Client, namespace string) (bool, error) {
+	if namespace == faasd.DefaultFunctionNamespace {
 		return true, nil
 	}
 
@@ -37,12 +41,8 @@ func validateNamespace(client *containerd.Client, namespace string) (bool, error
 		return false, err
 	}
 
-	value, found := labels["openfaas"]
+	if value, found := labels[pkg.NamespaceLabel]; found && value == "true" {
-
+		return true, nil
-	if found {
-		if value == "true" {
-			return true, nil
-		}
 	}
 
 	return false, nil

pkg/provider/handlers/utils_test.go

@@ -15,7 +15,7 @@ func Test_getRequestNamespace(t *testing.T) {
 		requestNamespace  string
 		expectedNamespace string
 	}{
-		{name: "RequestNamespace is not provided", requestNamespace: "", expectedNamespace: faasd.FunctionNamespace},
+		{name: "RequestNamespace is not provided", requestNamespace: "", expectedNamespace: faasd.DefaultFunctionNamespace},
 		{name: "RequestNamespace is provided", requestNamespace: "user-namespace", expectedNamespace: "user-namespace"},
 	}
 
@@ -36,7 +36,7 @@ func Test_getNamespaceSecretMountPath(t *testing.T) {
 		requestNamespace   string
 		expectedSecretPath string
 	}{
-		{name: "Default Namespace is provided", requestNamespace: faasd.FunctionNamespace, expectedSecretPath: "/var/openfaas/secrets/" + faasd.FunctionNamespace},
+		{name: "Default Namespace is provided", requestNamespace: faasd.DefaultFunctionNamespace, expectedSecretPath: "/var/openfaas/secrets/" + faasd.DefaultFunctionNamespace},
 		{name: "User Namespace is provided", requestNamespace: "user-namespace", expectedSecretPath: "/var/openfaas/secrets/user-namespace"},
 	}