[Issue #6] Added allow-unauthenticated flag support (#9)

* added allow-unauthenticated flag support * add option for false and updated readme
oliver006 · Jul 10, 2020 · 9a6b9fb · 9a6b9fb
1 parent 1299809
commit 9a6b9fb
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 21 deletions.
diff --git a/README.md b/README.md
@@ -8,10 +8,10 @@
 ### Overview
 
 The plugin supports deploying, listing, calling, and deleting of multiple functions at once.
-See below for an example drone.yml configuration that deploys several functions 
+See below for an example drone.yml configuration that deploys several functions
 to GCP Cloud Functions and later deletes two of them.
 A service account is needed for authentication to GCP and should be provided
-as json string via drone secrets. In the configuration below, the json of 
+as json string via drone secrets. In the configuration below, the json of
 the service account key file is stored in the drone secret called `token`.
 
 #### Deploying Cloud Functions
@@ -48,6 +48,7 @@ steps:
         - TransferFileToGCS:
           - trigger: http
             memory: 2048MB
+            allow_unauthenticated: true
             environment:
               - ENV_VAR: env_var_value_123
         - HandleEvents:
@@ -85,10 +86,12 @@ The plugin supports several types of Google Cloud Function triggers:
 
 See the output of `gcloud functions deploy --help` for more information regarding the setup of triggers.
 
+When deploying a function, there is the option to deploy as a public function. This can be configured by setting `allow_unauthenticated` to `true`. This adds the --allow-unauthenticated flag described [here](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--allow-unauthenticated) to the deploy command. Any values besides `true` and `false` will cause an error.
+
 By default, the plugin will use the GCP project ID of the service account provided but you can override it
 by setting the `project` parameter.
 
-The runtime can be set on a per-function basis or for all functions at once. In the example above, the runtime 
+The runtime can be set on a per-function basis or for all functions at once. In the example above, the runtime
 is set to `go111` for all functions and then overwritten with `python37` for just `ProcessEmails`.
 This will result in the plugin deploying three functions, two in Golang and one in Python. \
 If no runtime setting is provided at all, the plugin will fail.

diff --git a/main.go b/main.go
@@ -19,13 +19,14 @@ type Function struct {
 	TriggerEvent    string `json:"trigger_event"`
 	TriggerResource string `json:"trigger_resource"`
 
-	EntryPoint string `json:"entrypoint"`
-	Memory     string `json:"memory"`
-	Region     string `json:"region"`
-	Retry      string `json:"retry"`
-	Runtime    string `json:"runtime"`
-	Source     string `json:"source"`
-	Timeout    string `json:"timeout"`
+	AllowUnauthenticated string `json:"allow_unauthenticated"`
+	EntryPoint           string `json:"entrypoint"`
+	Memory               string `json:"memory"`
+	Region               string `json:"region"`
+	Retry                string `json:"retry"`
+	Runtime              string `json:"runtime"`
+	Source               string `json:"source"`
+	Timeout              string `json:"timeout"`
 
 	Environment []map[string]string `json:"environment"`
 
@@ -85,6 +86,11 @@ func isValidFunctionForDeploy(f Function) bool {
 		return false
 	}
 
+	if f.AllowUnauthenticated != "" && f.AllowUnauthenticated != "true" && f.AllowUnauthenticated != "false" {
+		log.Printf("Invalid value for the allow unauthenticated flag for function %s", f.Name)
+		return false
+	}
+
 	if f.Trigger == "http" {
 		return true
 	}
@@ -264,6 +270,9 @@ func CreateExecutionPlan(cfg *Config) (Plan, error) {
 				args = append(args, "--trigger-event", f.TriggerEvent, "--trigger-resource="+f.TriggerResource)
 			}
 
+			if f.AllowUnauthenticated == "true" {
+				args = append(args, "--allow-unauthenticated")
+			}
 			if f.Source != "" {
 				args = append(args, "--source", f.Source)
 			}

diff --git a/main_test.go b/main_test.go
@@ -35,6 +35,8 @@ var (
 func TestParseFunctionsForDeploy(t *testing.T) {
 	for _, tst := range []string{
 		"[{\"TransferFile\":[{\"trigger\":\"http\"}]}]",
+		"[{\"TransferFilePublic\":[{\"trigger\":\"http\",\"allow_unauthenticated\":\"true\"}]}]",
+		"[{\"TransferFilePrivate\":[{\"trigger\":\"http\",\"allow_unauthenticated\":\"false\"}]}]",
 		"[{\"TransferFile\":[{\"trigger\":\"http\",\"memory\":\"2048MB\"}]}]",
 		"[{\"HeyNow123\":[{\"trigger\":\"bucket\",\"trigger_resource\":\"gs://my-bucket\",\"memory\":\"512MB\"}]}]",
 		"[{\"Func654\":[{\"trigger\":\"topic\",\"trigger_resource\":\"topic/my-bucket\",\"memory\":\"512MB\"}]}]",
@@ -69,6 +71,7 @@ func TestParseFunctionsForDelete(t *testing.T) {
 func TestParseFunctionsforDeploy(t *testing.T) {
 	for _, tst := range []string{
 		"[{\"TransferFile\":[{\"t\":\"http\"}]}]",
+		"[{\"AllowNothing\":[{\"trigger\":\"http\",\"allow_unauthenticated\":\"maybe\"}]}]",
 		"[{\"HeyNow123\":[{\"trigger\":\"bucket\",\"trigger_resource\":\"\",\"memory\":\"512MB\"}]}]",
 		"[{\"FuncNew\":[{\"trigger\":\"event\",\"trigger_event\":\"\",\"trigger_resource\":\"gs://bucket321\"}]}]",
 	} {
@@ -221,11 +224,12 @@ func TestExecutePlan(t *testing.T) {
 				Action: "deploy",
 				Functions: Functions{
 					{
-						Name:    "ProcessEvents",
-						Runtime: "go111",
-						Trigger: "http",
-						Memory:  "512MB",
-						Timeout: "20s",
+						Name:                 "ProcessEvents",
+						Runtime:              "go111",
+						Trigger:              "http",
+						Memory:               "512MB",
+						Timeout:              "20s",
+						AllowUnauthenticated: "true",
 					},
 					{
 						Name:            "ProcessPubSub",
@@ -256,7 +260,7 @@ func TestExecutePlan(t *testing.T) {
 			},
 			expectedToBeOk: true,
 			expectedPlan: [][]string{
-				{"--quiet", "functions", "deploy", "--project", pId, "--verbosity", "info", "ProcessEvents", "--runtime", "go111", "--trigger-http", "--memory", "512MB", "--timeout", "20s"},
+				{"--quiet", "functions", "deploy", "--project", pId, "--verbosity", "info", "ProcessEvents", "--runtime", "go111", "--trigger-http", "--allow-unauthenticated", "--memory", "512MB", "--timeout", "20s"},
 				{"--quiet", "functions", "deploy", "--project", pId, "--verbosity", "info", "ProcessPubSub", "--runtime", "python37", "--trigger-topic", "topic/emails/filtered", "--memory", "2048MB", "--timeout", "20s"},
 				{"--quiet", "functions", "deploy", "--project", pId, "--verbosity", "info", "ProcessNews", "--runtime", "go111", "--trigger-bucket", "gs://bucket/files/cool", "--source", "src/", "--region", "us-east1", "--retry", "3"},
 				{"--quiet", "functions", "deploy", "--project", pId, "--verbosity", "info", "ProcessMoreEvents", "--runtime", "go111", "--trigger-event", "my.event", "--trigger-resource=my.trigger.resource", "--entry-point", "FuncEntryPoint"},
@@ -288,11 +292,12 @@ func TestExecutePlan(t *testing.T) {
 				Action: "deploy",
 				Functions: Functions{
 					{
-						Name:        "ProcessEvents",
-						Runtime:     "go111",
-						Trigger:     "http",
-						Memory:      "512MB",
-						Environment: []map[string]string{{"K": "V"}},
+						Name:                 "ProcessEvents",
+						Runtime:              "go111",
+						Trigger:              "http",
+						Memory:               "512MB",
+						AllowUnauthenticated: "false",
+						Environment:          []map[string]string{{"K": "V"}},
 					},
 				},
 			},