Add CORS support (#1008)

cmd/kubeless/trigger/http/create.go

@@ -18,13 +18,12 @@ package http
 
 import (
 	"fmt"
-
-	"github.com/sirupsen/logrus"
-	"github.com/spf13/cobra"
-
 	httpApi "github.com/kubeless/http-trigger/pkg/apis/kubeless/v1beta1"
 	httpUtils "github.com/kubeless/http-trigger/pkg/utils"
 	kubelessUtils "github.com/kubeless/kubeless/pkg/utils"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -38,7 +37,6 @@ var createCmd = &cobra.Command{
 			logrus.Fatal("Need exactly one argument - http trigger name")
 		}
 		triggerName := args[0]
-
 		ns, err := cmd.Flags().GetString("namespace")
 		if err != nil {
 			logrus.Fatal(err)
@@ -101,6 +99,12 @@ var createCmd = &cobra.Command{
 		}
 		httpTrigger.Spec.TLSAcme = enableTLSAcme
 
+		corsEnabled, err := cmd.Flags().GetBool("cors-enable")
+		if err != nil {
+			logrus.Fatal(err)
+		}
+		httpTrigger.Spec.CorsEnable = corsEnabled
+
 		tlsSecret, err := cmd.Flags().GetString("tls-secret")
 		if err != nil {
 			logrus.Fatal(err)
@@ -179,5 +183,6 @@ func init() {
 	createCmd.Flags().StringP("tls-secret", "", "", "Specify an existing secret that contains a TLS private key and certificate to secure ingress")
 	createCmd.Flags().Bool("dryrun", false, "Output JSON manifest of the function without creating it")
 	createCmd.Flags().StringP("output", "o", "yaml", "Output format")
+	createCmd.Flags().BoolP("cors-enable", "", false, "If true then cors will be enabled on Http Trigger")
 	createCmd.MarkFlagRequired("function-name")
 }

docs/http-triggers.md

@@ -83,6 +83,7 @@ Usage:
 
 Flags:
       --basic-auth-secret string   Specify an existing secret name for basic authentication
+      --cors-enable                If true then cors will be enabled on Http Trigger
       --enableTLSAcme              If true, routing rule will be configured for use with kube-lego
       --function-name string       Name of the function to be associated with trigger
       --gateway string             Specify a valid gateway for the Ingress. Supported: nginx, traefik, kong (default "nginx")
@@ -228,6 +229,32 @@ hello world
 
 It is not yet supported to create an HTTP trigger with basic authentication using Kong as backend but the steps to do it manually are pretty simple. It is possible to do so using Kong plugins. In the [next section](#enable-kong-security-plugins) we explain how to enable any of the available Kong plugins and in particular we explain how to enable the basic-auth plugin.
 
+## Enable CORS
+
+It's possible to enable CORS requests at the HTTPTrigger level. To do so use the --cors-enable flag when deploying
+the HTTPTrigger or add the field cors-enable: true to the YAML manifest.
+
+## Add arbitrary annotations
+
+It is also possible to add any annotation to the resulting Ingress object if you add those to the HTTPTrigger. For example:
+
+```
+apiVersion: kubeless.io/v1beta1
+kind: HTTPTrigger
+metadata:
+ name: cors-trigger
+ annotations:
+  nginx.ingress.kubernetes.io/enable-cors: "true"
+  nginx.ingress.kubernetes.io/cors-allow-methods: "GET"
+spec:
+ function-name: get-python
+ host-name: example.com
+ path: echo
+```
+
+The above will create an Ingress object with the annotations nginx.ingress.kubernetes.io/enable-cors: "true"
+and nginx.ingress.kubernetes.io/cors-allow-methods: "GET".
+
 ## Enable Kong Security plugins
 
 Kong has available several free [plugins](https://konghq.com/plugins/) that can be used along with the Kong Ingress controller for securing the access to Kubeless functions. In particular, the list of security plugins that can be used is:

script/start-test-environment.sh

@@ -15,7 +15,7 @@ if ! minikube status | grep -q "minikube: $"; then
   exit 1
 fi
 
-minikube start --extra-config=apiserver.Authorization.Mode=RBAC --insecure-registry 0.0.0.0/0
+minikube start --extra-config=apiserver.authorization-mode=RBAC --insecure-registry 0.0.0.0/0
 eval $(minikube docker-env)
 
 CONTEXT=$(kubectl config current-context)