OpenFaaS Cloud - GitOps for your functions with native GitHub integrations
Announcement from Cisco's DevNet Create in Mountain View
OpenFaaS Cloud uses serverless functions to provide a closed-loop CI/CD system for functions built and hosted on your public GitHub repositories. Just push your OpenFaaS functions to your public repo and within seconds you'll get a notificaiton with your HTTPS endpoint direcly on GitHub.
OpenFaaS Cloud packages, builds and deploys functions using OpenFaaS. Moby's BuildKit is used to build images and push to a local Docker registry instance.
Features:
- Applies GitOps principles - GitHub is the single source of truth
- To build and deploy a new version of a function - just push to your GitHub repo
- Subscription to OpenFaaS Cloud is done via a single click using a GitHub App
- Secured through HMAC - the public facing function "gh-push" uses HMAC to verify the origin of events
- HTTPS endpoint and build notifications for your commits
Read my introducing OpenFaaS Cloud blog post for an overview of the idea with examples, screenshots and background on the project.
- Quick deployment on Docker Swarm
- GitHub Status API integration for commits
- Kubernetes deployment YAML/helm (in progress)
- Automatic secure HTTPS endpoints
- Free, private-trial with CUSTOMER list
- HMAC with GitHub App for security
- Rate limiting for functions
- CI/CD for OpenFaaS Cloud
- Builds with BuildKit
- UI: Overview user functions via of-cloud-fns repo
- Make build logs available publicly
- Gateway deployments/promotions - i.e. only upon GitHub tag or "release"
- Make detailed logs available to show build / unit test failures
- Unprivileged builds with BuildKit (help wanted)
- Isolation between functions
- Support for private repos (help wanted)
- Integration with on-prem GitLab/BitBucket (help wanted)
OpenFaaS Cloud is built using OpenFaaS Golang functions to interact with GitHub and build/deploy your functions just seconds after your git push.
- Function: gh-push
Receives events from the GitHub app and checks the origin via HMAC
- Function: git-tar
Clones the git repo and checks out the SHA then uses the OpenFaaS CLI to shrinkwrap a tarball to be build with Docker
- Function: buildshiprun
Submits the tar to the of-builder then configures an OpenFaaS deployment based upon stack.yml found in the Git repo. Finally starts a rolling deployment of the function.
Calls garbage-collect
- Function: garbage-collect
Function cleans up functions which were removed or renamed within the repo for the given user.
- Service: of-builder
A builder daemon which exposes the GRPC of-buildkit service via HTTP.
- Service: of-buildkit
The buildkit GRPC daemon which builds the image and pushes it to the internal registry. The image is tagged with the SHA of the Git commit event.
- Service: Docker open-source registry
A private, local registry is deployed inside the cluster.
Conceptual diagram of how OpenFaaS Cloud integrates with GitHub
You can set up and host your own OpenFaaS Cloud or contact [email protected] for instructions on how to participate in a public trial of a fully-hosted service.
Read the development guide to find out more about the functions and to start hacking on OpenFaaS Cloud.