function-mesh icon indicating copy to clipboard operation
function-mesh copied to clipboard

Published 20 hours ago verified publisher icon streamnative

[Waiting] ]Use init container to download packages and functions

Open jiangpengcheng opened this issue 2 years ago • 2 comments

Fixes #400

Wait for function-mesh-worker-service support oauth2, leave any comment you want

Motivation

Use an init container to download packages/functions from pulsar: https://github.com/streamnative/function-mesh/pull/390#issuecomment-1155933847

Modifications

Attach an init container and empty volume if JarLocation/PyLocation/GoLocation is specified

Verifying this change

  • [ ] Make sure that the change passes the CI checks.

  • [ ] This change added tests and can be verified as follows:

    • Added unit test for generating init container and volume when one of JarLocation/PyLocation/GoLocation is specified
    • Require integration tests for end-to-end deployment with one of JarLocation/PyLocation/GoLocation specified

Documentation

  • [x] doc-required

    need docs for dev

jiangpengcheng avatar Jun 28 '22 01:06 jiangpengcheng

pulsarctl need some additional steps for oauth2: pulsarcl oauth2 activate and pulsarctl context set, which require some extra parameters like: --issuer-endpoint, --client-id, --audience

there are two ways to achieve this:

  1. adding another field like oauth2 in the PulsarMessaging struct and do oauth2 activate and context set in the init container

  2. make pulsarctl parse those parameters from the auth JSON file, and do oauth2 activate automatically when auth plugin is OAuth2(I don't know why pulsarctl doesn't do this like pulsar-admin, so not sure whether it's possible)

I prefer the 2nd way, do you have any opinions? @streamnative/serverless

jiangpengcheng avatar Jul 08 '22 02:07 jiangpengcheng

for the compatibility issue, I tested that we can pass undefined fields when creating k8s resources, like with FM v0.4.0, which doesn't define the spec.pulsar.oauth2Config field yet, we can still apply the below config:

  pulsar:
    pulsarConfig: "test-pulsar"
    authSecret: "test-auth"
    tlsSecret: "test-tls"
    oauth2Config:
      audience: "test"
      clientId: "test"
      issuerUrl: "aaa.com"
      keySecretName: "test-secret"
      keySecretKey: "credential.json"

the controller works well and just ignores the undefined oauth2Config.

so for compatibility, we can support passing the oauth2Config in function-mesh-worker-service first, and then merge this pr(let's say it will be released in v0.5.0), finally, we can bump function-mesh to v0.5.0 without any error.

related issue: https://github.com/streamnative/function-mesh-worker-service/issues/334

jiangpengcheng avatar Aug 04 '22 01:08 jiangpengcheng

@streamnative/serverless this is ready to review and can be merged after this: https://github.com/streamnative/function-mesh-worker-service/pull/400

jiangpengcheng avatar Sep 20 '22 07:09 jiangpengcheng

The doc is updated for this feature through this doc PR. Therefore, remove the doc-required label and add the doc-added label.

Huanli-Meng avatar Nov 07 '22 02:11 Huanli-Meng