Publish Oracle Function for Reading and Writing Object Storage Files through OCI API Gateway

0

The objective for this article is to show you how to get to the point where two routes are available on an API Gateway on Oracle Cloud Infrastructure that allow easy writing to a file on Object Storage and easy retrieval of such as file. Writing files is obviously useful in many situations – I for one will use it for my own highly tailored logging & debugging of serverless function execution.

image

All code referred to in this article is available on GitHub: https://github.com/lucasjellema/oci-cloud-native-explorations/tree/master/file-writer.

As a starting point I assume a number of things:

  • OCI Tenancy with a user with appropriate privileges for creating functions, creating objects in a storage bucket and managing an API Gateway
  • an existing OCI Storage Cloud Bucket
  • a functioning Fn development environment associated with a compartment into which functions can be deployed
  • an API Gateway with privileges to access functions in the compartment into which we will deploy the File Writer function

Steps:

1. Create new Fn function with Node runtime

fn init –runtime node file-writer

2. Add two NPM libraries – for making signed HTTP requests

npm install http-signature jssha –save

These libraries are required to sign the HTTP Request to the OCI REST API with the user’s private key

3. Apply small fix to http-signature in order to support passphrase protected private key (if your private key file is not passphrase protected, you may skip this step)

add this line in node-modules/http-signature/lib/signer.js – line 293 in function signRequest

assert.optionalString(options.passphrase, ‘options.passphrase’);

in the same file and function, change line

key = sshpk.parsePrivateKey(options.key);

into:

key = sshpk.parsePrivateKey(options.key, ‘auto’, options);

4. Copy the .pem file with the User’s Private Key to the application root folder

This private key is required for signing the HTTP Request.

5. Create a configuration file that contains all environment specific and confidential settings

This file contains Tenancy and User details, compartment name and reference to the private key file and optionally the passphrase for a passphrase protected private key.

Note: in a production implementation, most of the values in this configuration file should be provided through configuration settings on the Function.

5. Create fileWriter.js – a standalone Node application that we will call from the func.js generated by Fn

This Node application is independent of the Fn framework. It will be invoked from func.js to provide the implementation of the function but can also be ran on its own. This application reads the configuration file to load all environment specific settings as well as all confidential information. It uses ociRequestor.js to perform the request signing – a generic operation that can be reused for calls to other OCI APIs. 

image

6. Test invoke fileWriter.js – and verify it creates files on OCI Object Storage

image

node fileWriter ‘{“bucket”:”fn-bucket”,”fileName”:”created_through_Node-app.txt”, “contents”:{“My Contents”:”Special contents, nice words, good plans”}}’

image

Note: the PUT operation on OCI Object Storage will create a file if it does not yet exist or overwrite it if it does.

7. Implement func.js – connect the request it handles to fileWriter.js

image

8. Deploy and Test invoke function through Fn

image

SNAGHTML43ce99b2

image

SNAGHTML43d2b94c

9. Configure a Route in an API Deployment on API Gateway to create a Public Endpoint for Writing a File on Object Storage

I set the path to /persist for the new route. It supports both PUT and POST methods. And it triggers the file-writer function:

image

Press Next and press Save Changes. Wait for the API Gateway API Deployment to redeploy.

Copy the endpoint of the API Gateway for use in the next step:

image

10. Invoke the new endpoint on API Gateway (to have a file created on Object Storage)

For example in Postman:

image

Here we see that the Postman call to the API Gateway endpoint has produced another file in the target bucket on Object Storage – with the content I passed in the body object.

image

Resources

All code referred to in this article is available on GitHub: https://github.com/lucasjellema/oci-cloud-native-explorations/tree/master/file-writer.

I have made use of two of my own earlier articles on accessing OCI Object Storage from Node applications and on Oracle Functions that Write Files on Object Storage.

Fix for http-signature to work with passphrase

GitHub Repo OCI-Rest-APIs-nodejs by Christopher Beck with foundation for invoking many OCI REST APIs from NodeJS – I have used crucial elements from this example

OCI Object Storage Service Documentation

Signing Requests to OCI REST APIs in Node

About Author

Lucas Jellema, active in IT (and with Oracle) since 1994. Oracle ACE Director and Oracle Developer Champion. Solution architect and developer on diverse areas including SQL, JavaScript, Kubernetes & Docker, Machine Learning, Java, SOA and microservices, events in various shapes and forms and many other things. Author of the Oracle Press book Oracle SOA Suite 12c Handbook. Frequent presenter on user groups and community events and conferences such as JavaOne, Oracle Code, CodeOne, NLJUG JFall and Oracle OpenWorld.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.