Support web-secure option on action create

[rabbah]

Is your feature request related to a problem? Please describe. Add --web-secure option to allow a web action to be secured by some API key. The wsk CLI description of this flag:

      --web-secure SECRET
      secure the web action. where SECRET is true, false, or any string. 
      Only valid when the ACTION is a web action

Describe the solution you'd like Allow action create/update to accept this flag. A prototype implementation for reference https://github.com/adobe/aio-cli-plugin-runtime/compare/master...rabbah:websec?expand=1.

Describe alternatives you've considered ~A clear and concise description of any alternative solutions or features you've considered.~

Additional context ~Add any other context or screenshots about the feature request here.~

[meryllblanchet]

Thanks for the feature request, @rabbah !

Let me loop in @sarahxxu and @mcorlan for their feedback.

[aiojbot]

JIRA issue created: https://jira.corp.adobe.com/browse/ACNA-1015

[sarahxxu]

Yep looks good to me! @meryllblanchet perhaps we can even leverage this flag in our app plugin?

[meryllblanchet]

Nice catch @sarahxxu!

@Himavanth, would this need any change to our https://github.com/adobe/aio-lib-runtime/blob/master/src/deploy-actions.js?

[Himavanth]

No changes required in app plugin. --web-secure here causes an annotation require-whisk-auth to be added to the action on creation. In case of app plugin, it reads the annotations in manifest and adds those at deployment.

[rabbah]

This is fixed by #220 (now merged).

[meryllblanchet]

Thanks @rabbah , closing this issue accordingly.