You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openwhisk.apache.org by OpenWhisk Team Slack <ra...@apache.org> on 2019/03/17 07:24:21 UTC
[slack-digest] [2019-03-16] #general
2019-03-16 13:05:43 UTC - Perry Dykes: @Rodric Rabbah @Carlos Santana Thanks for feedback, I have a working http web action method based on Node.js working for test, in fact, the code is very simple to read an xml data stream as suggested for testing:
```
function main(args) {
decoded = new Buffer(args.__ow_body, 'base64').toString('utf-8')
// console.log("incoming text block", decoded);
return {
body: decoded,
headers: {
"Content-type" : "application/json"
},
"statusCode" : 200
};
}
```
Two questions to you or others.
a) I am able to call the function, and per the docs can provide or not require the authentication token. I have tested, the action HTTP POST .http method work(ed). However, some time layer say an hour or two, or this morning when calling the actions direct endpoint. I receive this:
```
{
"code": "7244652a790dc6dcbd00bda91ade0c2d",
"error": "Authentication is possible but has failed or not yet been provided."
}
```
b) Secondly, the api gateway when enabed has trouble with code when sent to action (using curl -v shows it uploads the xml just fine), but the mapping from the api gateway to the http action fails out:
```
> POST /9374cde5-255f-41b2-ba73-dba0d0ce4eab/api/v1/mvs/cisco_test HTTP/1.1
> Host: 0d9d6615.eu-de.apiconnect.appdomain.cloud
> User-Agent: curl/7.54.0
> Content-Type: application
> Accept: application/json
> Content-Length: 22078
> Expect: 100-continue
>
< HTTP/1.1 100 Continue
* We are completely uploaded and fine
< HTTP/1.1 500 Internal Server Error
< Server: openresty/1.13.6.1
< Date: Sat, 16 Mar 2019 06:04:22 GMT
< Content-Type: application/json
< Content-Length: 84
< Connection: keep-alive
< X-Request-Id: bVO6mGnQ7aEEWNhxMN9eprkYr6DhMSWR
<
{"code":500, "message":"Oops. Something went wrong. Check your URI and try again."}
• Connection #0 to host 0d9d6615.eu-de.apiconnect.appdomain.cloud left intact
```
Thoughts on some basic misunderstandings here?
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552741543302200?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 13:12:26 UTC - Carlos Santana: Inspect the apigateway swagger config, you can export with “ibmcloud fn api get <basepath>”
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552741946303800?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 13:13:43 UTC - Carlos Santana: Does invoking directly to the webaction url “ibmcloud fn action get <action> —url” works ? If it works then is a missconfig on the apigateway
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552742023305600?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 13:36:38 UTC - Perry Dykes: Ok, had to let my build finish on same system, for my test action work to evaluate usefulness of CF:
ibmcloud cloud-functions action get /IBMSystemsSupport_dev/tss_mvs/CiscoTestXMLFeed
```
{
"namespace": "IBMSystemsSupport_dev/tss_mvs",
"name": "CiscoTestXMLFeed",
"version": "0.0.1",
"exec": {
"kind": "nodejs:10",
"binary": false
},
"annotations": [
{
"key": "web-export",
"value": true
},
{
"key": "raw-http",
"value": true
},
{
"key": "final",
"value": true
},
{
"key": "require-whisk-auth",
"value": "34a99224-6054-489f-b3f2-d6bc2eeecf63"
},
{
"key": "exec",
"value": "nodejs:10"
}
],
"limits": {
"timeout": 60000,
"memory": 256,
"logs": 10
},
"publish": false
}
```
When I add the -url I get "supplied authentication is invalid, event though using my API key i use for all other IBM cloud interactions.
Looking to see how to set the xml data file in the cli, one sec. No GET operation defined, I can make one, but working with XML post via api gateway to CF was my main problem area.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552743398305800?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 13:46:03 UTC - Perry Dykes: I typically rely on the UI at this point, if there is something the UI can't do, but the cli can or does differently, maybe that is my issue. Key thing is the auth seems to "go away" after a while on the base actions .http support. I tried recreating the whole action and then it worked again, and then this morning, get the auth issue. API Gateway integration then is an issue. I will add a GET operation, that could help debug some of this vs. having to worry about POST/xml, thanks, good idea.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552743963306100?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 13:47:08 UTC - Perry Dykes: have to run just now
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552744028306400?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 14:23:17 UTC - Carlos Santana: If the webaction works invoking directly via .htto and you suspect is problem with apigateway service or intermittent then don’t hesitate to open a support ticket
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552746197308300?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 16:47:35 UTC - Perry Dykes: I can try the support issue tact, but basic question, why would an .http/default action entry uri come back with an authentication error as shown? In latest docs, clearly states web action can be used without authentication, yet, sometime after I create an action, enable the webaction/http handling, I get that error. It seems to be a time issue. Anyway, love this stuff and the architecture, just wrestling how to apply and transform based to our cloud foundry pathways.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552754855308500?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 16:48:27 UTC - Carlos Santana: oh look closely in the annotations
```
{
"key": "require-whisk-auth",
"value": "34a99224-6054-489f-b3f2-d6bc2eeecf63"
},
```
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552754907308700?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 16:49:01 UTC - Carlos Santana: The web action is public if that annotation is not present `require-whisk-auth` when is present the url needs to be call with a header containing the value
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552754941308900?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 16:49:31 UTC - Carlos Santana: is the same if you created the action with `wsk action update foo foo.js --web true --web-secure true`
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552754971309100?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 16:49:40 UTC - Carlos Santana: when using apigateway that the default
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552754980309300?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 16:50:15 UTC - Carlos Santana: apigateway will call the webaction with that value, but who ever calls the apigateway doesn't have to provide a value, basically is the contract between the apigateway and the webaction url
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552755015309500?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 16:51:23 UTC - Carlos Santana: docs <https://github.com/apache/incubator-openwhisk/blob/master/docs/webactions.md#securing-web-actions>
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552755083309700?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 18:36:13 UTC - Perry Dykes: Ah, so when I test to see why the api gateway does not seem to call the http method (by enabling it), basically i'm securing the action so direct calls non-auth function is deactivated. The UI setup process establishes that at API gateway config setup.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552761373309900?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 19:12:03 UTC - Carlos Santana: Yep
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552763523310400?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 19:22:04 UTC - Perry Dykes: thanks to @Rodric Rabbah and @Carlos Santana you guys are awesome!
+1 : Rodric Rabbah
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552764124310600?thread_ts=1552594832.292400&cid=C3TPCAQG1
----
2019-03-16 19:25:46 UTC - Carlos Santana: No, you @Perry Dykes are the awesome one :i_love_you_hand_sign::skin-tone-2:
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1552764346311500?thread_ts=1552594832.292400&cid=C3TPCAQG1
----