This repo contains a collection of serverless functions written in GO that can be deployed to services like Openfaas, Google Cloud Functions and Google Cloud Run.
If you want to try OpenFaas locally have a look at https://github.com/efbar/hashicorp-labs.
Table of Contents
- More Serverless
Makefile can help you to perform functions building and deploying.
Run the following for some explanation:
make helpFor building and deploying automation you need to install:
- docker
- gcloud
- make
- awk
For OpenFaas you need for sure faas-cli and you have to set some variables like:
export OPENFAAS_URL=http://faasd-gateway:8080You also need to change the image path for every function (needed for docker pushing) in stack.yml. You will have to let openfaas login to your image registry correctly. More at OpenFaas documentation https://docs.openfaas.com
With this command you will build and deploy to OpenFaas:
make faasup func=<function_name>You can delete the function from Openfaas with:
make faasdelete func=<function_name>You can deploy on GCP Cloud Functions once you have setup a project with all the mandatory services enabled (Cloud Functions and Cloud Build for example).
Then you have to choose a function and do:
make buildgcf func=<function_name> project_id=<project_id> region=<region>where <function> is the choosen function, <project_id> is the GCP project id and <region> is the region for your Cloud Function container.
Optionally can be added some environment variables with env_vars=<VAR1=value1,VAR2=value2>.
The functions can be deployed to Google Cloud Run.
This automated part needs faas-cli installed.
Before start, you have to docker login to the GCP registry where the containers will be pull from (us.gcr.io, gcr.io, etc..).
Then:
make buildgcr func=<function> project_id=<project_id> registry=<registry> region=<region>where <function> is the choosen function, <project_id> is the GCP project id, <registry> is GCP registry where you have just logged in and <region> is the region for your Cloud Run container.
Optionally can be added some environment variables with env_vars=<VAR1=value1,VAR2=value2>.
Go tested version: v1.16.1
Every folder contains everything to deploy a function. This list will be updated constantly.
- description: stop and start every VM, downscales or scales up (to 3 instances) every managed regional instance group in a GCP project in a "toggle" way
- request: project id and region via env variable (look
env_vars) - response: list of which machine or instance group has been modified
- env_vars: in
stack.yml, under functionenvironmentkey, setPROJECT_IDandREGIONwhere deploy the function - secrets: in
stack.yml, under functionsecretskey set<secret_name>secret representing the json key file of the service account which has all the permissions you need to call the function (that you have to create withfaas-cli secret create<secret_name>--from-file=/path/to/file/sa-key.json)
- description: same as
gcloud compute instances listcommand. Optionally, it can send the output as a message to a Slack Channel. - request: Json body to pass to function can have these values:.
For sending Slack message
{ "projectId": "functest-307416", // project id where VMs reside, mandatory "region": "us-central1", // region where VMs reside, mandatory "jsonKeyPath": "/path/to/key.json", "slackToken": "xoxp-123456789012-123456789012-123456789012-1234567890121234567890127asd5ff", "slackChannel": "C123TESTCH1", "slackEmoji": ":fidget_spinner:" }Content-Typeheader must be set totext/plain.Content-Typeheader can betext/plainorapplication/json. - response: list every VM in the GCP project defined in
PROJECT_ID. - env_vars: n
stack.yml, under functionenvironmentkey, setGOOGLE_APPLICATION_CREDENTIALSif needed, otherwise usejsonKeyPathvalue in json request body. - secrets: in
stack.yml, under functionsecretskey set<secret_name>secret representing the json key file of the service account which has all the permissions you need to call the function (that you have to create withfaas-cli secret create<secret_name>--from-file=/path/to/file/sa-key.json)
- description: same as
gsutil mbcommand. Optionally, it can send the response as a message to a Slack Channel. - request: Json body to pass to function can have these values:
Json key file is read from
{ "name": "my-bucket", // bucket name, MANDATORY "location": "us", // default us "locationType": "regional", "storageClass": "Standard", // default Standard "uniformBucketLevelAccess": false, // bool, default false "versioningEnabled": false, // bool, default false "labels": { "testkey": "testvalue" }, "jsonKeyPath": "/path/to/key.json", "slackToken" : "", "slackChannel" : "", "slackEmoji" : "" }GOOGLE_APPLICATION_CREDENTIALSfirst, then fromjsonKeyPath, otherwise it gets IAM permissions from attached service account. For sending Slack message (after bucket is created)slackTokenandslackChannelmust be present.- response: In case of 200, with
application/jsonheader boddy will have name, project, gs Uri and Cloud console URI, withtext/plaina confirmation message.
- response: In case of 200, with
- env_vars: in
stack.yml, under functionenvironmentkey, setPROJECT_IDandGOOGLE_APPLICATION_CREDENTIALSif needed, where deploy the function (those are mandatory). - secrets: in
stack.yml, under functionsecretskey set<secret_name>secret representing the json key file of the service account which has all the permissions you need to call the function (that you have to create withfaas-cli secret create<secret_name>--from-file=/path/to/file/sa-key.json)
- description: same as
gsutil cpcommand, but it will do it for every object inside the bucket. Useful to copy objects between buckets. Optionally, it can send the response as a message to a Slack Channel. - request: Json body to pass to function can have these values:
Json key file is read from
{ "srcBucket": "my-bucket", // bucket name to copy object from, MANDATORY "dstBucket": "my-project-id", // bucket name to copy object to, MANDATORY "jsonKeyPath": "/path/to/key.json", "slackToken" : "", "slackChannel" : "", "slackEmoji" : "" }GOOGLE_APPLICATION_CREDENTIALSfirst, then fromjsonKeyPath, otherwise it gets IAM permissions from attached service account. For sending Slack message (after bucket is created)slackTokenandslackChannelmust be present.- response: In case of 200, with
application/jsonheader the body will have name and project id, withtext/plainthere will be a confirmation message.
- response: In case of 200, with
- env_vars: in
stack.yml, under functionenvironmentkey, setPROJECT_IDandGOOGLE_APPLICATION_CREDENTIALSif needed, where deploy the function (those are mandatory). - secrets: in
stack.yml, under functionsecretskey set<secret_name>secret representing the json key file of the service account which has all the permissions you need to call the function (that you have to create withfaas-cli secret create<secret_name>--from-file=/path/to/file/sa-key.json)
- description: same as
gsutil rbcommand. Optionally, it can send the response as a message to a Slack Channel. - request: Json body to pass to function can have these values:
Json key file is read from
{ "name": "my-bucket", // bucket name, MANDATORY "projectId": "my-project-id", // gcp project id name, MANDATORY "jsonKeyPath": "/path/to/key.json", "slackToken" : "", "slackChannel" : "", "slackEmoji" : "" }GOOGLE_APPLICATION_CREDENTIALSfirst, then fromjsonKeyPath, otherwise it gets IAM permissions from attached service account. For sending Slack message (after bucket is created)slackTokenandslackChannelmust be present.- response: In case of 200, with
application/jsonheader the body will have name and project id, withtext/plainthere will be a confirmation message.
- response: In case of 200, with
- env_vars: in
stack.yml, under functionenvironmentkey, setPROJECT_IDandGOOGLE_APPLICATION_CREDENTIALSif needed, where deploy the function (those are mandatory). - secrets: in
stack.yml, under functionsecretskey set<secret_name>secret representing the json key file of the service account which has all the permissions you need to call the function (that you have to create withfaas-cli secret create<secret_name>--from-file=/path/to/file/sa-key.json)
- description: same as
vault statuscommand - request: body:
{"endpoint":"https://vault-endpoint.example"} - response: same as vault command, content-type could be json and text/plain
- description: same as
vault kv getcommand - request: body:
{"token":"s.4w0nd3rfu1t0k3n","endpoint":"https://vault-endpoint.example","path":"secret/data/test","data":{"foo":"bar"}},datacan be empty,pathneedsdatasubpath at the moment. - response: same as vault command, content-type could be json and text/plain
- description: same as
vault kv putcommand - request: body:
{"token":"s.4w0nd3rfu1t0k3n","endpoint":"https://vault-endpoint.example","path":"secret/data/test","data":{"foo":"bar"}},datacan not be empty,pathneedsdatasubpath at the moment. - response: same as vault command, content-type could be json and text/plain
- description: same as
vault transitcommand, it can encrypt, decrypt, rewrap, rotate and create new key. - request: body:
{"token":"s.4w0nd3rfu1t0k3n","endpoint":"https://vault-endpoint.example","path":"transit/encrypt/testkey","data":{"plaintext":"Zm9vYmFy"}},datacould be empty only ifpathis not meant for rewrap, rotate or create new key. - response: same as vault command, content-type could be json (in case of encrypt, decrypt and rewrap only) and text/plain
- description: same of
consul catalog servicescommand - request: body:
{"token":"12345678-1111-2222-3333-a6a53hfd8k1j","endpoint":"https://consul-endpoint.example"} - response: same as consul command but with
-tagoption enabled, content-type could be json and text/plain
- description: same of
consul memberscommand - request: body:
{"token":"12345678-1111-2222-3333-a6a53hfd8k1j","endpoint":"https://consul-endpoint.example"} - response: same as consul command, content-type could be json and text/plain
- description: same as
consul operator raft list-peerscommand - request: body:
{"token":"12345678-1111-2222-3333-a6a53hfd8k1j","endpoint":"https://consul-endpoint.example"} - response: same as consul command, content-type could be json and text/plain
- description: same as
nomad job statuscommand - request: body:
{"token":"12345678-1111-2222-3333-a6a53hfd8k1j","endpoint":"https://nomad-endpoint.example"} - response: same as nomad command, content-type could be json and text/plain
- description: same as
nomad node statuscommand - request: body:
{"token":"12345678-1111-2222-3333-a6a53hfd8k1j","endpoint":"https://nomad-endpoint.example"} - response: same as nomad command, content-type could be json and text/plain
- description: same as
nomad server memberscommand - request: body:
{"token":"12345678-1111-2222-3333-a6a53hfd8k1j","endpoint":"https://nomad-endpoint.example"} - response: same as nomad command, content-type could be json and text/plain
- description: send a message to a Slack channel
- request: body:
{"token":"xoxp-123456789012-123456789012-123456789012-1234567890121234567890127asd5ff","message":"Hello world","channel":"C123TESTCH1"} - response: it will logs both message sent positively or not