Initialize aws client with proxies

For the system configured with aws ecr, if its OAM network is behind a proxy, aws client should be configured with the same proxy in order to request the registry credentials. Change-Id: I49158a476c94c2b44561432d433b283ac76a423d Partial-Bug: 1853024 Signed-off-by: Angie Wang <angie.wang@windriver.com>
2019-11-18 16:01:33 -05:00
parent 95215216c7
commit 084f86fe06
3 changed files with 42 additions and 8 deletions
--- a/playbookconfig/src/playbooks/roles/common/push-docker-images/files/get_registry_auth.py
+++ b/playbookconfig/src/playbooks/roles/common/push-docker-images/files/get_registry_auth.py
@@ -6,23 +6,54 @@
 #

 import boto3
+from botocore.config import Config
 import re
 import sys
+import os
+
+
+def set_advanced_config_for_botocore_client():
+    """ This function is to set advanced configuration
+        for botocore client
+
+    supported configuration:
+        proxies(optional): A dictionary of proxy servers
+            to use by protocal or endpoint.
+            e.g.:
+            {'http': 'http://128.224.150.2:3128',
+            'https': 'http://128.224.150.2:3129'}
+
+    """
+    config = None
+    http_proxy = os.environ.get('AWS_HTTP_PROXY', 'undef')
+    https_proxy = os.environ.get('AWS_HTTPS_PROXY', 'undef')
+
+    proxies_dict = {}
+    if http_proxy != 'undef':
+        proxies_dict.update({'http': http_proxy})
+    if https_proxy != 'undef':
+        proxies_dict.update({'https': https_proxy})
+
+    if proxies_dict:
+        config = Config(proxies=proxies_dict)
+    return config


 def get_aws_ecr_registry_credentials(registry, username, password):
-    region = re.compile("[0-9]*.dkr.ecr.(.*).amazonaws.com.*").match(registry)
-    if region:
-        ecr_region = region.groups()[0]
-    else:
-        ecr_region = 'us-west-2'
-
    try:
+        region = re.compile("[0-9]*.dkr.ecr.(.*).amazonaws.com.*").match(registry)
+        if region:
+            ecr_region = region.groups()[0]
+        else:
+            ecr_region = 'us-west-2'
+
+        config = set_advanced_config_for_botocore_client()
        client = boto3.client(
            'ecr',
            region_name=ecr_region,
            aws_access_key_id=username,
-            aws_secret_access_key=password)
+            aws_secret_access_key=password,
+            config=config)

        response = client.get_authorization_token()
        token = response['authorizationData'][0]['authorizationToken']
--- a/playbookconfig/src/playbooks/roles/common/push-docker-images/tasks/get_aws_ecr_credentials.yml
+++ b/playbookconfig/src/playbooks/roles/common/push-docker-images/tasks/get_aws_ecr_credentials.yml
@@ -11,6 +11,9 @@
  - name: Get the {{ registry.name }} credentials
    script: get_registry_auth.py {{ registry.value.url }} {{ registry.value.username }} {{ registry.value.password }}
    register: registry_auth_output
+    environment:
+      AWS_HTTP_PROXY: "{{ docker_http_proxy }}"
+      AWS_HTTPS_PROXY: "{{ docker_https_proxy }}"

  - set_fact:
      registry_auth: "{{ registry_auth_output.stdout }}"