Skip to content

Commit

Permalink
feat: add support for HTTP(s) proxy
Browse files Browse the repository at this point in the history
  • Loading branch information
@arjraman
arjraman committed Mar 29, 2023
1 parent 62f4f87 commit 454a99d
Show file tree
Hide file tree
Showing 7 changed files with 2,258 additions and 220 deletions.
35 changes: 33 additions & 2 deletions README.md
View file
Expand Up @@ -7,8 +7,16 @@ Logs in the local Docker client to one or more Amazon ECR Private registries or
<!-- toc -->

- [Example of Usage](#examples-of-usage)
- [Credentials and Region](#credentials-and-region)
- [Building and pushing an image](#building-and-pushing-an-image)
- [Using an image as a service](#using-an-image-as-a-service)
- [Credentials](#credentials)
- [AWS credentials](#aws-credentials)
- [Docker credentials](#docker-credentials)
- [Self-Hosted Runners](#self-hosted-runners)
- [Proxy configuration](#proxy-configuration)
- [Permissions](#permissions)
- [ECR Private](#ecr-private)
- [ECR Public](#ecr-public)
- [Troubleshooting](#troubleshooting)
- [License Summary](#license-summary)
- [Security Disclosures](#security-disclosures)
Expand Down Expand Up @@ -164,7 +172,7 @@ jobs:

See [action.yml](action.yml) for the full documentation for this action's inputs and outputs.

## Credentials and Region
## Credentials

### AWS Credentials

Expand Down Expand Up @@ -204,6 +212,29 @@ If using ECR Public:

To push Helm charts, you can also login through Docker. By default, Helm can authenticate with the same credentials that you use for Docker.

## Self-Hosted Runners

### Proxy Configuration

If you run in self-hosted environments and/or in secured environments where you need to use a specific proxy, you can set it in the action manually.

Additionally, this action will always consider an already configured proxy in the environment.

Proxy configured via action input:
```yaml
uses: aws-actions/[email protected]

This comment has been minimized.

Sign in to view

Copy link
@dashalary

dashalary May 2, 2023

Contributor

Is logins a typo? Should it be aws-actions/[email protected] instead?
with:
http-proxy: "http://companydomain.com:3128"
````

Proxy configured via an environment variable:
```shell
# Your environment configuration
HTTP_PROXY="http://companydomain.com:3128"
```

The action will read the underlying proxy configuration from the environment, and you don't need to configure it in the action.

## Permissions

### ECR Private
Expand Down
4 changes: 4 additions & 0 deletions action.yml
View file
Expand Up @@ -24,6 +24,10 @@ inputs:
Options: [private, public]
required: false
default: private
http-proxy:
description: >-
Proxy to use for the AWS SDK agent.
required: false
outputs:
registry:
description: >-
Expand Down
2,056 changes: 1,959 additions & 97 deletions dist/index.js
View file

Large diffs are not rendered by default.

32 changes: 29 additions & 3 deletions index.js
View file
@@ -1,14 +1,16 @@
const core = require('@actions/core');
const exec = require('@actions/exec');
const aws = require('aws-sdk');
const proxy = require('https-proxy-agent');

const ECR_LOGIN_GITHUB_ACTION_USER_AGENT = 'amazon-ecr-login-for-github-actions';
const ECR_PUBLIC_REGISTRY_URI = 'public.ecr.aws';

const INPUTS = {
skipLogout: 'skip-logout',
registries: 'registries',
registryType: 'registry-type'
registryType: 'registry-type',
httpProxy: 'http-proxy'
};

const OUTPUTS = {
Expand All @@ -27,8 +29,24 @@ const REGISTRY_TYPES = {
};


function replaceSpecialCharacters(registryUri) {
return registryUri.replace(/[^a-zA-Z0-9_]+/g, '_');
function configureProxy(httpProxy) {
const proxyFromEnv = process.env.HTTP_PROXY || process.env.http_proxy;

if (httpProxy || proxyFromEnv) {
let proxyToSet;

if (httpProxy){
core.info(`Setting proxy from action input: ${httpProxy}`);
proxyToSet = httpProxy;
} else {
core.info(`Setting proxy from environment: ${proxyFromEnv}`);
proxyToSet = proxyFromEnv;
}

aws.config.update({
httpOptions: { agent: proxy(proxyToSet) }
});
}
}

async function getEcrAuthTokenWrapper(authTokenRequest) {
Expand Down Expand Up @@ -70,11 +88,16 @@ async function getEcrPublicAuthTokenWrapper(authTokenRequest) {
};
}

function replaceSpecialCharacters(registryUri) {
return registryUri.replace(/[^a-zA-Z0-9_]+/g, '_');
}

async function run() {
// Get inputs
const skipLogout = core.getInput(INPUTS.skipLogout, { required: false }).toLowerCase() === 'true';
const registries = core.getInput(INPUTS.registries, { required: false });
const registryType = core.getInput(INPUTS.registryType, { required: false }).toLowerCase() || REGISTRY_TYPES.private;
const httpProxy = core.getInput(INPUTS.httpProxy, { required: false });

const registryUriState = [];

Expand All @@ -83,6 +106,9 @@ async function run() {
throw new Error(`Invalid input for '${INPUTS.registryType}', possible options are [${REGISTRY_TYPES.private}, ${REGISTRY_TYPES.public}]`);
}

// Configures proxy
configureProxy(httpProxy);

// Get the ECR/ECR Public authorization token(s)
const authTokenRequest = {};
if (registryType === REGISTRY_TYPES.private && registries) {
Expand Down

0 comments on commit 454a99d

Please sign in to comment.