Not sure how this got reverted / affected, but was wrong. The
name "faas-containerd" is gone and not in use.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
The use of containerd and CNI functions has been refactored to reuse
the same codebase.
Added all network functionality to own directory and package. Removed
netlink and weave library in favor of using CNI plugin result files.
Rename containers handler to functions to clear-up functionality.
Signed-off-by: Carlos de Paula <me@carlosedp.com>
This appeared to prevent the provider's secret code from
creating files in its working directory. The patch makes all
code use the same permission.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
Adds secrets support and binding of secrets at runtime to
functions. Files are written in plain-text to a 0644 permission
folder which can only be read by root and the containers
requesting the secret through the OpenFaaS API.
Tested by deploying an alpine function using "cat" as its
fprocess.
Happy to revisit at a later date and look into encryption at
rest. This should be on-par with using Kubernetes in its
default unencrypted state.
Fixes: #29
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
This patch completes part of the work in #20 by porting the code
for faas-containerd in-tree. When tested, I was able to deploy
and then remove figlet from the store on `x86_64`.
In a follow-up PR, duplication will be removed where possible
and consolidated with updated documentation.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
