Avoid providing memory limit if not set explicitly

Signed-off-by: Nitishkumar Singh <nitishkumarsingh71@gmail.com>
Bump gateway version 0.21.3
2025-06-19 04:26:34 +00:00 · 2022-01-25 16:17:30 +00:00 · 2022-01-25 16:12:12 +00:00 · 2022-01-21 09:12:27 +00:00 · 2022-01-19 18:13:05 +00:00 · 2022-01-19 18:05:56 +00:00
16 changed files with 226 additions and 103 deletions
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@ -1,3 +1,7 @@
 ## Due diligence
 Before you for help or support, make sure that you've [consulted the faasd manual "Serverless For Everyone Else"](https://openfaas.gumroad.com/l/serverless-for-everyone-else).
 <!--- Provide a general summary of the issue in the Title above -->
 ## Expected Behaviour
--- a/cloud-config.txt
+++ b/cloud-config.txt
@ -10,17 +10,7 @@ packages:
 - git
 runcmd:
- curl -sLSf https://github.com/containerd/containerd/releases/download/v1.5.4/containerd-1.5.4-linux-amd64.tar.gz > /tmp/containerd.tar.gz && tar -xvf /tmp/containerd.tar.gz -C /usr/local/bin/ --strip-components=1
+- curl -sfL https://raw.githubusercontent.com/openfaas/faasd/master/hack/install.sh | sh -s -
 - curl -SLfs https://raw.githubusercontent.com/containerd/containerd/v1.5.4/containerd.service | tee /etc/systemd/system/containerd.service
 - systemctl daemon-reload && systemctl start containerd
 - systemctl enable containerd
 - /sbin/sysctl -w net.ipv4.conf.all.forwarding=1
 - mkdir -p /opt/cni/bin
 - curl -sSL https://github.com/containernetworking/plugins/releases/download/v0.8.5/cni-plugins-linux-amd64-v0.8.5.tgz | tar -xz -C /opt/cni/bin
 - mkdir -p /go/src/github.com/openfaas/
 - cd /go/src/github.com/openfaas/ && git clone --depth 1 --branch 0.13.0 https://github.com/openfaas/faasd
 - curl -fSLs "https://github.com/openfaas/faasd/releases/download/0.13.0/faasd" --output "/usr/local/bin/faasd" && chmod a+x "/usr/local/bin/faasd"
 - cd /go/src/github.com/openfaas/faasd/ && /usr/local/bin/faasd install
 - systemctl status -l containerd --no-pager
 - journalctl -u faasd-provider --no-pager
 - systemctl status -l faasd-provider --no-pager
--- a/cmd/provider.go
+++ b/cmd/provider.go
@ -103,7 +103,7 @@ func makeProviderCmd() *cobra.Command {
 			HealthHandler:        func(w http.ResponseWriter, r *http.Request) {},
 			InfoHandler:          handlers.MakeInfoHandler(Version, GitCommit),
 			ListNamespaceHandler: handlers.MakeNamespacesLister(client),
-			SecretHandler:        handlers.MakeSecretHandler(client, baseUserSecretsPath),
+			SecretHandler:        handlers.MakeSecretHandler(client.NamespaceService(), baseUserSecretsPath),
 			LogHandler:           logs.NewLogHandlerFunc(faasdlogs.New(), config.ReadTimeout),
 		}
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -56,7 +56,7 @@ services:
       - "127.0.0.1:9090:9090"
  gateway:
-    image: ghcr.io/openfaas/gateway:0.21.0
+    image: ghcr.io/openfaas/gateway:0.21.3
    environment:
      - basic_auth=true
      - functions_provider_url=http://faasd-provider:8081/
--- a/docs/MULTIPASS.md
+++ b/docs/MULTIPASS.md
@ -31,21 +31,22 @@ It took me about 2-3 minutes to run through everything after installing multipas
    curl -sSLO https://raw.githubusercontent.com/openfaas/faasd/master/cloud-config.txt
    ```
-* Update the SSH key to match your own, edit `cloud-config.txt`:
+* Boot the VM 
-Replace the 2nd line with the contents of `~/.ssh/id_rsa.pub`:
+    The `cloud-config.txt` contains an ssh key to allow your local machine to access the VM. However, this must be updated with your local ssh key. 
    This command will update the key with your local public key value and start the VM.
    ```sh
    sed "s/ssh-rsa.*/$(cat $HOME/.ssh/id_*.pub)/" cloud-config.txt | multipass launch --name faasd --cloud-init -
    ```
    This can also be done manually, just replace the 2nd line of the `cloud-config.txt` with the coPntents of your public ssh key, usually either `~/.ssh/id_rsa.pub` or `~/.ssh/id_ed25519.pub`
    ```
    ssh_authorized_keys:
      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8Q/aUYUr3P1XKVucnO9mlWxOjJm+K01lHJR90MkHC9zbfTqlp8P7C3J26zKAuzHXOeF+VFxETRr6YedQKW9zp5oP7sN+F2gr/pO7GV3VmOqHMV7uKfyUQfq7H1aVzLfCcI7FwN2Zekv3yB7kj35pbsMa1Za58aF6oHRctZU6UWgXXbRxP+B04DoVU7jTstQ4GMoOCaqYhgPHyjEAS3DW0kkPW6HzsvJHkxvVcVlZ/wNJa1Ie/yGpzOzWIN0Ol0t2QT/RSWOhfzO1A2P0XbPuZ04NmriBonO9zR7T1fMNmmtTuK7WazKjQT3inmYRAqU6pe8wfX8WIWNV7OowUjUsv alex@alexr.local
    ```
 * Boot the VM
 ```sh
 multipass launch --cloud-init cloud-config.txt  --name faasd
 ```
 * Get the VM's IP and connect with `ssh`
    ```sh
--- a/pkg/provider/handlers/delete.go
+++ b/pkg/provider/handlers/delete.go
@ -43,7 +43,7 @@ func MakeDeleteHandler(client *containerd.Client, cni gocni.CNI) func(w http.Res
 		lookupNamespace := getRequestNamespace(readNamespaceFromQuery(r))
 		// Check if namespace exists, and it has the openfaas label
-		valid, err := validNamespace(client, lookupNamespace)
+		valid, err := validNamespace(client.NamespaceService(), lookupNamespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
--- a/pkg/provider/handlers/deploy.go
+++ b/pkg/provider/handlers/deploy.go
@ -54,7 +54,7 @@ func MakeDeployHandler(client *containerd.Client, cni gocni.CNI, secretMountPath
 		namespace := getRequestNamespace(req.Namespace)
 		// Check if namespace exists, and it has the openfaas label
-		valid, err := validNamespace(client, namespace)
+		valid, err := validNamespace(client.NamespaceService(), namespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
--- a/pkg/provider/handlers/functions.go
+++ b/pkg/provider/handlers/functions.go
@ -37,7 +37,7 @@ type Function struct {
 func ListFunctions(client *containerd.Client, namespace string) (map[string]*Function, error) {
 	// Check if namespace exists, and it has the openfaas label
-	valid, err := validNamespace(client, namespace)
+	valid, err := validNamespace(client.NamespaceService(), namespace)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/provider/handlers/read.go
+++ b/pkg/provider/handlers/read.go
@ -2,10 +2,11 @@ package handlers
 import (
 	"encoding/json"
 	"k8s.io/apimachinery/pkg/api/resource"
 	"log"
 	"net/http"
 	"k8s.io/apimachinery/pkg/api/resource"
 	"github.com/containerd/containerd"
 	"github.com/openfaas/faas-provider/types"
 )
@ -16,7 +17,7 @@ func MakeReadHandler(client *containerd.Client) func(w http.ResponseWriter, r *h
 		lookupNamespace := getRequestNamespace(readNamespaceFromQuery(r))
 		// Check if namespace exists, and it has the openfaas label
-		valid, err := validNamespace(client, lookupNamespace)
+		valid, err := validNamespace(client.NamespaceService(), lookupNamespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
@ -39,7 +40,7 @@ func MakeReadHandler(client *containerd.Client) func(w http.ResponseWriter, r *h
 			annotations := &fn.annotations
 			labels := &fn.labels
 			memory := resource.NewQuantity(fn.memoryLimit, resource.BinarySI)
-			res = append(res, types.FunctionStatus{
+			status := types.FunctionStatus{
 				Name:        fn.name,
 				Image:       fn.image,
 				Replicas:    uint64(fn.replicas),
@ -49,9 +50,17 @@ func MakeReadHandler(client *containerd.Client) func(w http.ResponseWriter, r *h
 				Secrets:     fn.secrets,
 				EnvVars:     fn.envVars,
 				EnvProcess:  fn.envProcess,
 				Limits:      &types.FunctionResources{Memory: memory.String()},
 				CreatedAt:   fn.createdAt,
-			})
+			}
 			// Do not remove below memory check for 0
 			// Memory limit should not be included in status until set explicitly
 			limit := &types.FunctionResources{Memory: memory.String()}
 			if limit.Memory != "0" {
 				status.Limits = limit
 			}
 			res = append(res, status)
 		}
 		body, _ := json.Marshal(res)
--- a/pkg/provider/handlers/replicas.go
+++ b/pkg/provider/handlers/replicas.go
@ -17,7 +17,7 @@ func MakeReplicaReaderHandler(client *containerd.Client) func(w http.ResponseWri
 		lookupNamespace := getRequestNamespace(readNamespaceFromQuery(r))
 		// Check if namespace exists, and it has the openfaas label
-		valid, err := validNamespace(client, lookupNamespace)
+		valid, err := validNamespace(client.NamespaceService(), lookupNamespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
--- a/pkg/provider/handlers/scale.go
+++ b/pkg/provider/handlers/scale.go
@ -42,7 +42,7 @@ func MakeReplicaUpdateHandler(client *containerd.Client, cni gocni.CNI) func(w h
 		namespace := getRequestNamespace(readNamespaceFromQuery(r))
 		// Check if namespace exists, and it has the openfaas label
-		valid, err := validNamespace(client, namespace)
+		valid, err := validNamespace(client.NamespaceService(), namespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
--- a/pkg/provider/handlers/secret.go
+++ b/pkg/provider/handlers/secret.go
@ -10,14 +10,14 @@ import (
 	"path"
 	"strings"
 	"github.com/containerd/containerd"
 	"github.com/openfaas/faas-provider/types"
 	provider "github.com/openfaas/faasd/pkg/provider"
 )
 const secretFilePermission = 0644
 const secretDirPermission = 0755
-func MakeSecretHandler(c *containerd.Client, mountPath string) func(w http.ResponseWriter, r *http.Request) {
+func MakeSecretHandler(store provider.Labeller, mountPath string) func(w http.ResponseWriter, r *http.Request) {
 	err := os.MkdirAll(mountPath, secretFilePermission)
 	if err != nil {
@ -31,13 +31,13 @@ func MakeSecretHandler(c *containerd.Client, mountPath string) func(w http.Respo
 		switch r.Method {
 		case http.MethodGet:
-			listSecrets(c, w, r, mountPath)
+			listSecrets(store, w, r, mountPath)
 		case http.MethodPost:
-			createSecret(c, w, r, mountPath)
+			createSecret(w, r, mountPath)
 		case http.MethodPut:
-			createSecret(c, w, r, mountPath)
+			createSecret(w, r, mountPath)
 		case http.MethodDelete:
-			deleteSecret(c, w, r, mountPath)
+			deleteSecret(w, r, mountPath)
 		default:
 			w.WriteHeader(http.StatusBadRequest)
 			return
@ -46,11 +46,11 @@ func MakeSecretHandler(c *containerd.Client, mountPath string) func(w http.Respo
 	}
 }
-func listSecrets(c *containerd.Client, w http.ResponseWriter, r *http.Request, mountPath string) {
+func listSecrets(store provider.Labeller, w http.ResponseWriter, r *http.Request, mountPath string) {
 	lookupNamespace := getRequestNamespace(readNamespaceFromQuery(r))
 	// Check if namespace exists, and it has the openfaas label
-	valid, err := validNamespace(c, lookupNamespace)
+	valid, err := validNamespace(store, lookupNamespace)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
@ -63,8 +63,15 @@ func listSecrets(c *containerd.Client, w http.ResponseWriter, r *http.Request, m
 	mountPath = getNamespaceSecretMountPath(mountPath, lookupNamespace)
-	files, err := ioutil.ReadDir(mountPath)
+	files, err := os.ReadDir(mountPath)
 	if os.IsNotExist(err) {
 		bytesOut, _ := json.Marshal([]types.Secret{})
 		w.Write(bytesOut)
 		return
 	}
 	if err != nil {
 		fmt.Printf("Error Occured: %s \n", err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@ -78,7 +85,7 @@ func listSecrets(c *containerd.Client, w http.ResponseWriter, r *http.Request, m
 	w.Write(bytesOut)
 }
-func createSecret(c *containerd.Client, w http.ResponseWriter, r *http.Request, mountPath string) {
+func createSecret(w http.ResponseWriter, r *http.Request, mountPath string) {
 	secret, err := parseSecret(r)
 	if err != nil {
 		log.Printf("[secret] error %s", err.Error())
@ -118,7 +125,7 @@ func createSecret(c *containerd.Client, w http.ResponseWriter, r *http.Request,
 	}
 }
-func deleteSecret(c *containerd.Client, w http.ResponseWriter, r *http.Request, mountPath string) {
+func deleteSecret(w http.ResponseWriter, r *http.Request, mountPath string) {
 	secret, err := parseSecret(r)
 	if err != nil {
 		log.Printf("[secret] error %s", err.Error())
--- a/pkg/provider/handlers/secret_test.go
+++ b/pkg/provider/handlers/secret_test.go
@ -1,6 +1,9 @@
 package handlers
 import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
 	"os"
@ -10,6 +13,8 @@ import (
 	"testing"
 	"github.com/openfaas/faas-provider/types"
 	"github.com/openfaas/faasd/pkg"
 	provider "github.com/openfaas/faasd/pkg/provider"
 )
 func Test_parseSecret(t *testing.T) {
@ -161,3 +166,87 @@ func TestSecretCreation(t *testing.T) {
 		})
 	}
 }
 func TestListSecrets(t *testing.T) {
 	mountPath, err := os.MkdirTemp("", "test_secret_creation")
 	if err != nil {
 		t.Fatalf("unexpected error while creating temp directory: %s", err)
 	}
 	defer os.RemoveAll(mountPath)
 	cases := []struct {
 		name       string
 		verb       string
 		namespace  string
 		labels     map[string]string
 		status     int
 		secretPath string
 		secret     string
 		err        string
 		expected   []types.Secret
 	}{
 		{
 			name:       "Get empty secret list for default namespace having no secret",
 			verb:       http.MethodGet,
 			status:     http.StatusOK,
 			secretPath: "/test-fn/foo",
 			secret:     "bar",
 			expected:   make([]types.Secret, 0),
 		},
 		{
 			name:       "Get empty secret list for non-default namespace having no secret",
 			verb:       http.MethodGet,
 			status:     http.StatusOK,
 			secretPath: "/test-fn/foo",
 			secret:     "bar",
 			expected:   make([]types.Secret, 0),
 			namespace:  "other-ns",
 			labels: map[string]string{
 				pkg.NamespaceLabel: "true",
 			},
 		},
 	}
 	for _, tc := range cases {
 		t.Run(tc.name, func(t *testing.T) {
 			labelStore := provider.NewFakeLabeller(tc.labels)
 			handler := MakeSecretHandler(labelStore, mountPath)
 			path := "http://example.com/foo"
 			if len(tc.namespace) > 0 {
 				path = path + fmt.Sprintf("?namespace=%s", tc.namespace)
 			}
 			req := httptest.NewRequest(tc.verb, path, nil)
 			w := httptest.NewRecorder()
 			handler(w, req)
 			resp := w.Result()
 			if resp.StatusCode != tc.status {
 				t.Fatalf("want status: %d, but got: %d", tc.status, resp.StatusCode)
 			}
 			if resp.StatusCode != http.StatusOK && w.Body.String() != tc.err {
 				t.Fatalf("want error message: %q, but got %q", tc.err, w.Body.String())
 			}
 			body, err := ioutil.ReadAll(resp.Body)
 			if err != nil {
 				t.Fatalf("can't read response of list %v", err)
 			}
 			var res []types.Secret
 			err = json.Unmarshal(body, &res)
 			if err != nil {
 				t.Fatalf("unable to unmarshal %q, error: %v", string(body), err)
 			}
 			if !reflect.DeepEqual(res, tc.expected) {
 				t.Fatalf("want response: %v, but got: %v", tc.expected, res)
 			}
 		})
 	}
 }
--- a/pkg/provider/handlers/update.go
+++ b/pkg/provider/handlers/update.go
@ -43,7 +43,7 @@ func MakeUpdateHandler(client *containerd.Client, cni gocni.CNI, secretMountPath
 		namespace := getRequestNamespace(req.Namespace)
 		// Check if namespace exists, and it has the openfaas label
-		valid, err := validNamespace(client, namespace)
+		valid, err := validNamespace(client.NamespaceService(), namespace)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadRequest)
 			return
--- a/pkg/provider/handlers/utils.go
+++ b/pkg/provider/handlers/utils.go
@ -5,10 +5,9 @@ import (
 	"net/http"
 	"path"
 	"github.com/containerd/containerd"
 	"github.com/openfaas/faasd/pkg"
 	faasd "github.com/openfaas/faasd/pkg"
 	provider "github.com/openfaas/faasd/pkg/provider"
 )
 func getRequestNamespace(namespace string) string {
@ -30,12 +29,11 @@ func getNamespaceSecretMountPath(userSecretPath string, namespace string) string
 // validNamespace indicates whether the namespace is eligable to be
 // used for OpenFaaS functions.
-func validNamespace(client *containerd.Client, namespace string) (bool, error) {
+func validNamespace(store provider.Labeller, namespace string) (bool, error) {
 	if namespace == faasd.DefaultFunctionNamespace {
 		return true, nil
 	}
 	store := client.NamespaceService()
 	labels, err := store.Labels(context.Background(), namespace)
 	if err != nil {
 		return false, err
--- a/pkg/provider/labeller.go
+++ b/pkg/provider/labeller.go
@ -0,0 +1,25 @@
 package provider
 import "context"
 // Labeller can return labels for a namespace from containerd.
 type Labeller interface {
 	Labels(ctx context.Context, namespace string) (map[string]string, error)
 }
 //
 // FakeLabeller can be used to fake labels applied on namespace to mark
 // them valid/invalid for openfaas functions
 type FakeLabeller struct {
 	labels map[string]string
 }
 func NewFakeLabeller(labels map[string]string) Labeller {
 	return &FakeLabeller{
 		labels: labels,
 	}
 }
 func (s *FakeLabeller) Labels(ctx context.Context, namespace string) (map[string]string, error) {
 	return s.labels, nil
 }
Author	SHA1	Message	Date
Nitishkumar Singh	8ac45f5379	Avoid providing memory limit if not set explicitly Signed-off-by: Nitishkumar Singh <nitishkumarsingh71@gmail.com>	2022-01-25 16:17:30 +00:00
Nitishkumar Singh	3579061423	Bump gateway version 0.21.3 Signed-off-by: Nitishkumar Singh <nitishkumarsingh71@gmail.com>	2022-01-25 16:12:12 +00:00
Alex Ellis	761d1847bf	Update ISSUE_TEMPLATE.md	2022-01-21 09:12:27 +00:00
Alex Ellis (OpenFaaS Ltd)	8003748b73	Review feedback for Labeller Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>	2022-01-19 18:13:05 +00:00
Nitishkumar Singh	a2ea804d2c	Handled list secrets for no secret in namespaces Signed-off-by: Nitishkumar Singh <nitishkumarsingh71@gmail.com> Test case included for default and non-default Signed-off-by: Nitishkumar Singh <nitishkumarsingh71@gmail.com> Changed Fake Labeller Implementation Signed-off-by: Nitishkumar Singh <nitishkumarsingh71@gmail.com>	2022-01-19 18:05:56 +00:00
Lucas Roesler	551e6645b7	chore: improve multipass cloud-config and instructions Improve the Multipass cloud-config.txt by using the install.sh script instead of stale install instructions. This ensures that the latest release is installed and reduces the number of install instructions we need to maintain. Also, improve the instructions for using multipass by including a one-line command for setting the correct ssh key _and_ starting the VM. Finally, improve the markdown formatting by indenting the paragraph bodies of the list items. This ensures that the content is properly aligned with the bullet list. Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>	2022-01-19 12:44:47 +00:00