Skip to content

Commit 48bab68

Browse files
ewildeewilde
authored
Adds secret support (#14)
Also: 1. Fix bug with updating a function 2. Fix bug listing more than 10 functions 3. Add log support for functions 4. Proxy invoke function using service discovery hostname Resolves #1 Signed-off-by: Edward Wilde <[email protected]>
1 parent 346fc27 commit 48bab68

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

42 files changed

+42167
-244
lines changed

.gitignore

+1
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
11
.idea
22
examples/hellogoworld2/
33
dist
4+
faas-fargate

Dockerfile

+1-1
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ COPY . .
1111

1212
RUN curl -sL https://github.com/alexellis/license-check/releases/download/0.2.2/license-check > /usr/bin/license-check \
1313
&& chmod +x /usr/bin/license-check
14-
RUN license-check -path ./ --verbose=false "Edward Wilde" "OpenFaaS Project"
14+
RUN license-check -path ./ --verbose=false "Edward Wilde" "OpenFaaS Project" "Alex Ellis"
1515
RUN goimports -l -d $(find . -type f -name '*.go' -not -path "./vendor/*") \
1616
&& VERSION=$(git describe --all --exact-match `git rev-parse HEAD` | grep tags | sed 's/tags\///') \
1717
&& GIT_COMMIT_SHA=$(git rev-list -1 HEAD) \

Gopkg.lock

+4-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

README.md

+1
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ All configuration is managed using environment variables
3737
| `read_timeout` | HTTP timeout for reading the payload from the client caller (in seconds). | `8` | no |
3838
| `image_pull_policy` | Image pull policy for deployed functions (`Always`, `IfNotPresent`, `Never`) | `Always` | no |
3939
| `LOG_LEVEL` | Logging level either: `trace, debug, info, warn, error, fatal, panic`. | `info` | no |
40+
| `AWS_DEFAULT_REGION` | AWS region faas-fargate is running in. | `us-east-1` | no |
4041

4142
## Overview
4243
![diagram of the openfaas on fargate architecture](./docs/architecture.png "Openfaas for fargate overview")

aws/api.go

+43-1
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,38 @@
11
package aws
22

3-
import "github.com/aws/aws-sdk-go/service/ecs"
3+
import (
4+
"os"
5+
6+
"github.com/aws/aws-sdk-go/aws"
7+
"github.com/aws/aws-sdk-go/aws/session"
8+
"github.com/aws/aws-sdk-go/service/cloudwatchlogs"
9+
"github.com/aws/aws-sdk-go/service/ec2"
10+
"github.com/aws/aws-sdk-go/service/ecs"
11+
"github.com/aws/aws-sdk-go/service/iam"
12+
"github.com/aws/aws-sdk-go/service/secretsmanager"
13+
"github.com/aws/aws-sdk-go/service/servicediscovery"
14+
)
15+
16+
var (
17+
cloudwatchClient *cloudwatchlogs.CloudWatchLogs
18+
ecsClient *ecs.ECS
19+
ec2Client *ec2.EC2
20+
iamClient *iam.IAM
21+
secretsClient *secretsmanager.SecretsManager
22+
discoveryClient *servicediscovery.ServiceDiscovery
23+
)
24+
25+
func init() {
26+
session := session.Must(session.NewSession())
27+
logLevel := awsLogLevel()
28+
29+
cloudwatchClient = cloudwatchlogs.New(session, aws.NewConfig().WithLogLevel(logLevel))
30+
ecsClient = ecs.New(session, aws.NewConfig().WithLogLevel(logLevel))
31+
ec2Client = ec2.New(session, aws.NewConfig().WithLogLevel(logLevel))
32+
iamClient = iam.New(session, aws.NewConfig().WithLogLevel(logLevel))
33+
secretsClient = secretsmanager.New(session, aws.NewConfig().WithLogLevel(logLevel))
34+
discoveryClient = servicediscovery.New(session, aws.NewConfig().WithLogLevel(logLevel))
35+
}
436

537
// KeyValuePairGetValue searches the array of values and returns the matching name or nil if none are found.
638
func KeyValuePairGetValue(name string, values []*ecs.KeyValuePair) (*string, bool) {
@@ -12,3 +44,13 @@ func KeyValuePairGetValue(name string, values []*ecs.KeyValuePair) (*string, boo
1244

1345
return nil, false
1446
}
47+
48+
func awsLogLevel() aws.LogLevelType {
49+
lvl := os.Getenv("LOG_LEVEL")
50+
51+
if lvl == "trace" {
52+
return aws.LogDebugWithRequestErrors
53+
}
54+
55+
return aws.LogOff
56+
}

aws/autonaming.go

+19-19
Original file line numberDiff line numberDiff line change
@@ -14,18 +14,18 @@ import (
1414
log "github.com/sirupsen/logrus"
1515
)
1616

17-
const namespace = "openfaas.local"
17+
const dnsNamespace = "openfaas.local"
1818

1919
var once = &sync.Once{}
2020
var namespaceID *string
2121

22-
func deleteServiceRegistration(discovery *servicediscovery.ServiceDiscovery, serviceName string, vpcID string) error {
23-
namespaceID, err := ensureDNSNamespaceExists(discovery, vpcID)
22+
func deleteServiceRegistration(serviceName string, vpcID string) error {
23+
namespaceID, err := ensureDNSNamespaceExists(vpcID)
2424
if err != nil {
2525
return fmt.Errorf("error ensuring dns namespace existing. %v", err)
2626
}
2727

28-
listResults, err := discovery.ListServices(&servicediscovery.ListServicesInput{
28+
listResults, err := discoveryClient.ListServices(&servicediscovery.ListServicesInput{
2929
Filters: []*servicediscovery.ServiceFilter{
3030
{
3131
Name: aws.String("NAMESPACE_ID"),
@@ -49,7 +49,7 @@ func deleteServiceRegistration(discovery *servicediscovery.ServiceDiscovery, ser
4949
}
5050

5151
log.Infof("Listing service instances for %s", serviceID)
52-
instances, err := discovery.ListInstances(&servicediscovery.ListInstancesInput{
52+
instances, err := discoveryClient.ListInstances(&servicediscovery.ListInstancesInput{
5353
ServiceId: aws.String(serviceID),
5454
})
5555
if err != nil {
@@ -60,7 +60,7 @@ func deleteServiceRegistration(discovery *servicediscovery.ServiceDiscovery, ser
6060
for _, v := range instances.Instances {
6161
log.Infof("De-registering instance %s for service %s", aws.StringValue(v.Id), serviceID)
6262

63-
_, err = discovery.DeregisterInstance(&servicediscovery.DeregisterInstanceInput{
63+
_, err = discoveryClient.DeregisterInstance(&servicediscovery.DeregisterInstanceInput{
6464
ServiceId: aws.String(serviceID),
6565
InstanceId: v.Id,
6666
})
@@ -75,7 +75,7 @@ func deleteServiceRegistration(discovery *servicediscovery.ServiceDiscovery, ser
7575
eb.MaxElapsedTime = time.Second * 30
7676

7777
err = backoff.Retry(func() error {
78-
_, err := discovery.DeleteService(&servicediscovery.DeleteServiceInput{
78+
_, err := discoveryClient.DeleteService(&servicediscovery.DeleteServiceInput{
7979
Id: aws.String(serviceID),
8080
})
8181

@@ -95,15 +95,15 @@ func deleteServiceRegistration(discovery *servicediscovery.ServiceDiscovery, ser
9595
return nil
9696
}
9797

98-
func ensureServiceRegistrationExists(discovery *servicediscovery.ServiceDiscovery, serviceName string, vpcID string) (string, error) {
98+
func ensureServiceRegistrationExists(serviceName string, vpcID string) (string, error) {
9999

100-
namespaceID, err := ensureDNSNamespaceExists(discovery, vpcID)
100+
namespaceID, err := ensureDNSNamespaceExists(vpcID)
101101
if err != nil {
102102
log.Errorln("error ensuring dns namespace existing. ", err)
103103
return "", err
104104
}
105105

106-
listResults, err := discovery.ListServices(&servicediscovery.ListServicesInput{
106+
listResults, err := discoveryClient.ListServices(&servicediscovery.ListServicesInput{
107107
Filters: []*servicediscovery.ServiceFilter{
108108
{
109109
Name: aws.String("NAMESPACE_ID"),
@@ -129,7 +129,7 @@ func ensureServiceRegistrationExists(discovery *servicediscovery.ServiceDiscover
129129

130130
if serviceArn == "" {
131131
requestID := uuid.NewV4()
132-
createResult, err := discovery.CreateService(&servicediscovery.CreateServiceInput{
132+
createResult, err := discoveryClient.CreateService(&servicediscovery.CreateServiceInput{
133133
Name: aws.String(serviceName),
134134
CreatorRequestId: aws.String(requestID.String()),
135135
Description: aws.String(fmt.Sprintf("Openfaas auto-naming service for %s", serviceName)),
@@ -158,20 +158,20 @@ func ensureServiceRegistrationExists(discovery *servicediscovery.ServiceDiscover
158158
return serviceArn, nil
159159
}
160160

161-
func ensureDNSNamespaceExists(discovery *servicediscovery.ServiceDiscovery, vpcID string) (id *string, err error) {
161+
func ensureDNSNamespaceExists(vpcID string) (id *string, err error) {
162162
once.Do(func() {
163163
var found bool
164164

165-
id, found, err = findNamespace(discovery)
165+
id, found, err = findNamespace()
166166
if err != nil {
167167
log.Errorln("error finding private dns name. ", err)
168168
return
169169
}
170170

171171
if !found {
172172
requestID := uuid.NewV4()
173-
_, err = discovery.CreatePrivateDnsNamespace(&servicediscovery.CreatePrivateDnsNamespaceInput{
174-
Name: aws.String(namespace),
173+
_, err = discoveryClient.CreatePrivateDnsNamespace(&servicediscovery.CreatePrivateDnsNamespaceInput{
174+
Name: aws.String(dnsNamespace),
175175
CreatorRequestId: aws.String(requestID.String()),
176176
Description: aws.String("Openfaas private DNS namespace"),
177177
Vpc: aws.String(vpcID),
@@ -182,7 +182,7 @@ func ensureDNSNamespaceExists(discovery *servicediscovery.ServiceDiscovery, vpcI
182182
return
183183
}
184184

185-
id, found, err = findNamespace(discovery)
185+
id, found, err = findNamespace()
186186
if err != nil {
187187
log.Errorln("error finding private dns name. ", err)
188188
return
@@ -200,9 +200,9 @@ func ensureDNSNamespaceExists(discovery *servicediscovery.ServiceDiscovery, vpcI
200200
return namespaceID, err
201201
}
202202

203-
func findNamespace(discovery *servicediscovery.ServiceDiscovery) (*string, bool, error) {
203+
func findNamespace() (*string, bool, error) {
204204
var listResult *servicediscovery.ListNamespacesOutput
205-
listResult, err := discovery.ListNamespaces(&servicediscovery.ListNamespacesInput{})
205+
listResult, err := discoveryClient.ListNamespaces(&servicediscovery.ListNamespacesInput{})
206206
if err != nil {
207207
log.Errorln("error listing namespaces. ", err)
208208
return nil, false, err
@@ -211,7 +211,7 @@ func findNamespace(discovery *servicediscovery.ServiceDiscovery) (*string, bool,
211211
found := false
212212
var id *string
213213
for _, item := range listResult.Namespaces {
214-
if aws.StringValue(item.Name) == namespace {
214+
if aws.StringValue(item.Name) == dnsNamespace {
215215
id = item.Id
216216
found = true
217217
break

aws/cloudwatch.go

+58
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
package aws
2+
3+
import (
4+
"fmt"
5+
6+
"github.com/aws/aws-sdk-go/aws/awserr"
7+
8+
"github.com/aws/aws-sdk-go/aws"
9+
"github.com/aws/aws-sdk-go/service/cloudwatchlogs"
10+
)
11+
12+
func buildLogPolicyStatement(
13+
builder *PolicyBuilder,
14+
name string) error {
15+
16+
builder.AddStatement(
17+
[]string{
18+
"logs:CreateLogStream",
19+
"logs:PutLogEvents",
20+
},
21+
[]string{
22+
fmt.Sprintf("arn:aws:logs:*:%s:*", name),
23+
})
24+
25+
return nil
26+
}
27+
28+
func createLogGroup(functionName string) (string, error) {
29+
name := ServiceNameFromFunctionName(functionName)
30+
_, err := cloudwatchClient.CreateLogGroup(&cloudwatchlogs.CreateLogGroupInput{
31+
LogGroupName: aws.String(name),
32+
})
33+
34+
if err != nil {
35+
if awsErr, ok := err.(awserr.Error); ok {
36+
if awsErr.Code() == cloudwatchlogs.ErrCodeResourceAlreadyExistsException {
37+
return name, nil
38+
}
39+
}
40+
41+
return "", fmt.Errorf("error creating log group for %s. %v", functionName, err)
42+
}
43+
44+
return name, nil
45+
}
46+
47+
func deleteLogGroup(functionName string) error {
48+
name := ServiceNameFromFunctionName(functionName)
49+
_, err := cloudwatchClient.DeleteLogGroup(&cloudwatchlogs.DeleteLogGroupInput{
50+
LogGroupName: aws.String(name),
51+
})
52+
53+
if err != nil {
54+
return fmt.Errorf("error deleting log group for %s. %v", functionName, err)
55+
}
56+
57+
return nil
58+
}

0 commit comments

Comments
 (0)