Skip to content

[WIP] Implement --access-key flag and serverless keys commands #1783

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
vrindavinod-do wants to merge 14 commits into
base: main
Choose a base branch
from
Open

[WIP] Implement --access-key flag and serverless keys commands #1783

vrindavinod-do wants to merge 14 commits into from

Conversation

@vrindavinod-do
Copy link

@vrindavinod-do vrindavinod-do commented Oct 24, 2025
edited
Loading

Adding the auth-key flag implementation:

1. Our access-key implementation

doctl serverless connect my-namespace --access-key "dof_v1_abc123:secretkey"
→ Validates access-key (OpenWhisk)
→ Stores in credentials.json: {"currentHost": "api.host", "currentNamespace": "my-namespace", "credentials": {"api.host": {"my-namespace": {"api_key": "dof_v1_abc123:secretkey"}}}}

2. All other commands automatically work

doctl serverless functions list
→ CheckServerlessStatus() ✅ (finds credentials.json)
→ ReadCredentials() ✅ (gets YOUR access-key)
→ initWhisk() ✅ (creates OpenWhisk client with YOUR access-key)
→ API calls succeed ✅

doctl serverless deploy ./my-function
→ Same credential flow ✅
→ Deploy uses YOUR access-key ✅

New commands:
doctl serverless key create --name "my-key" # Create new access key
doctl serverless key list # List all keys
doctl serverless key revoke

@vrindavinod-do vrindavinod-do changed the title [WIP] Adding Access Auth Key [WIP] Implement --auth-key flag Oct 24, 2025
logwolvy
logwolvy reviewed Nov 10, 2025
View reviewed changes
Copy link

@logwolvy logwolvy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is that all for the access key new arch to work?
Also, any way to test this?

@vrindavinod-do
Copy link
Author

vrindavinod-do commented Nov 12, 2025
edited
Loading

Is that all for the access key new arch to work? Also, any way to test this?

I've implemented [doctl serverless connect --access-key] which stores the credentials. All other serverless commands (deploy, functions, etc.) automatically use the stored credentials. Is this the intended scope, or do you need direct auth-key support on every individual serverless command? like: doctl serverless deploy --access-key "uuid:key" ./my-function?

To test, I see that can make doctl point to stage2 or your local address

@vrindavinod-do vrindavinod-do changed the title [WIP] Implement --auth-key flag [WIP] Implement --access-key flag Nov 12, 2025
vrindavinod-do
vrindavinod-do commented Nov 13, 2025
View reviewed changes
sanpj2292
sanpj2292 reviewed Nov 18, 2025
View reviewed changes
logwolvy
logwolvy reviewed Nov 18, 2025
View reviewed changes
Copy link

@logwolvy logwolvy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will there be a separate PR for access key CRUD ops?

DO-rrao
DO-rrao reviewed Nov 19, 2025
View reviewed changes
Copy link
Contributor

@DO-rrao DO-rrao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As discussed with @vrindavinod-do , will be reviewing this PR with the access keys changes.

@vrindavinod-do vrindavinod-do changed the title [WIP] Implement --access-key flag [WIP] Implement --access-key flag and serverless keys commands Nov 19, 2025
@vrindavinod-do
Added serverless key commands tests
ea332ba
@vrindavinod-do
Fix gofmt formatting issues
e238809 
- Ran gofmt on all source files
- Ensured all tests pass
- Code is now properly formatted
@vrindavinod-do
Apply gofmt interface{} -> any rule to keys_test.go
0edafeb 
- Replaced map[string]interface{} with map[string]any
- Applied Go 1.18+ preferred syntax for interface types
- All tests continue to pass
- Resolves gofmt_check CI failure
@vrindavinod-do
handling secrets
d1c9d30
logwolvy
logwolvy reviewed Nov 21, 2025
View reviewed changes
logwolvy
logwolvy reviewed Nov 25, 2025
View reviewed changes
Copy link

@logwolvy logwolvy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What will be the behaviour for other commands (deploy, fn list...) after deprecation of legacy keys, if no access keys were added by the user via doctl connect cmd?

@vrindavinod-do
Copy link
Author

vrindavinod-do commented Nov 25, 2025

What will be the behaviour for other commands (deploy, fn list...) after deprecation of legacy keys, if no access keys were added by the user via doctl connect cmd?

if users haven't added access keys via the new [doctl serverless connect --access-key] command, all serverless operations will fail with:
Error: serverless support is not connected to a functions namespace (use doctl serverless connect)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sanpj2292 sanpj2292 sanpj2292 left review comments

@DO-rrao DO-rrao DO-rrao left review comments

+1 more reviewer

@logwolvy logwolvy logwolvy approved these changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

DO NOT MERGE

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@vrindavinod-do @sanpj2292 @logwolvy @DO-rrao