Draft
Conversation
… coverage Synchronous client backed by requests.Session, covering the full OpenFaaS REST API: system info, namespaces, functions (deploy/update/scale/delete), secrets, and streaming logs. - requests.Session transport with FAAS_DEBUG hook-based logging - requests.auth.AuthBase auth classes: BasicAuth, TokenAuth, ClientCredentialsAuth - OpenFaaS IAM: ServiceAccountTokenSource, ClientCredentialsTokenSource, exchange_id_token, MemoryTokenCache, get_function_token() - Pydantic v2 models for all request and response types - Tests use requests-mock Signed-off-by: Han Verstraete (OpenFaaS Ltd) <han@openfaas.com>
- Add _parse_function_name_namespace helper to extract name/namespace from /function/<name>.<ns> and /async-function/<name>.<ns> paths - Add _FunctionAuth(requests.auth.AuthBase) compound auth that applies gateway auth then overrides Authorization with a per-function Bearer token - Add Client.invoke_function() supporting bytes/str payload, custom method/headers/query params, async invocation, callback URL, and use_function_auth for IAM-scoped per-function token exchange - Add echo handler and 18 new tests covering all invoke_function params - Update README with invoke_function API reference section Signed-off-by: Han Verstraete (OpenFaaS Ltd) <han@openfaas.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Implements the initial Python SDK for OpenFaaS.
Provides synchronous (
Client) and asynchronous (AsyncClient) clients backed byhttpx, covering the core OpenFaaS REST API:Pydantic v2 models are used for all request and response types.
FAAS_DEBUG=1enables request/response logging with auth headers redacted.Authentication
All standard OpenFaaS auth strategies are included:
BasicAuth— HTTP BasicTokenAuth— OpenFaaS IAM token exchange (RFC 8693); caches and auto-refreshes the gateway JWT with a 10-second expiry buffer matching the Go SDKServiceAccountTokenSource— Reads a Kubernetes projected service account token from disk, re-read on every call so token rotation is transparentClientCredentialsTokenSource— Fetches tokens from an external IdP via OAuth 2.0client_credentials, with internal cachingClientCredentialsAuth— DirectClientAuthwrapper around anyTokenSourceMemoryTokenCache— Thread-safe in-memory cache for per-function scoped tokens (used byget_function_token())TokenAuthalso implements theTokenSourceprotocol, enabling automatic wiring asfunction_token_sourcefor per-function scoped token exchange.Tests
92 tests covering models, all client endpoints, all auth strategies, token exchange (sync + async), and the memory token cache.
Motivation and Context