3

I am looking for a recommendation how to do this.

From the docs:

https://cloud.ibm.com/docs/openwhisk?topic=cloud-functions-creating-docker-actions#creating-and-invoking-a-docker-action

You can use actions to call images from public registries only, such as an image that is publicly available on Docker Hub. Private registries are not supported.

How to store database credentials, api keys etc... when the Docker image must be publicly available on Docker Hub?

vlatkorun
  • 127
  • 1
  • 15
  • Move them out to the environment? If they're baked into your containers it's harder to rotate them, anyway. – jonrsharpe May 02 '19 at 21:46
  • Can you be more specific? I have a web enabled action, written in php, that needs to talk to database and rabbitmq, send emails using sendgrid. – vlatkorun May 02 '19 at 22:26

1 Answers1

2

Use default parameters to store credentials on actions. These parameters are stored securely by the platform and merged with request parameters during invocations.

Default parameters can be set by the CLI using the -p parameter when creating or updating actions.

ibmcloud wsk action create my_action -p name value ...
James Thomas
  • 4,303
  • 1
  • 20
  • 26