From 76e29ed455674361ca99e5c896d4499e1ba787ec Mon Sep 17 00:00:00 2001
From: Rudi Chiarito <rudi@clarifai.com>
Date: Mon, 25 Jan 2016 19:23:47 -0500
Subject: [PATCH] Register ECR credential plugin only when an AWS cloud
 instance is created

---
 pkg/cloudprovider/providers/aws/aws.go        |  9 +++++++++
 pkg/credentialprovider/aws/aws_credentials.go | 10 +++++-----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/pkg/cloudprovider/providers/aws/aws.go b/pkg/cloudprovider/providers/aws/aws.go
index d2114e54c1f..1cabf4f52a7 100644
--- a/pkg/cloudprovider/providers/aws/aws.go
+++ b/pkg/cloudprovider/providers/aws/aws.go
@@ -42,6 +42,7 @@ import (
 
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/credentialprovider/aws"
 	"k8s.io/kubernetes/pkg/util/sets"
 
 	"github.com/golang/glog"
@@ -64,6 +65,9 @@ const MaxReadThenCreateRetries = 30
 // need hardcoded defaults.
 const DefaultVolumeType = "gp2"
 
+// Used to call aws_credentials.Init() just once
+var once sync.Once
+
 // Abstraction over AWS, to allow mocking/other implementations
 type AWSServices interface {
 	Compute(region string) (EC2, error)
@@ -591,6 +595,11 @@ func newAWSCloud(config io.Reader, awsServices AWSServices) (*AWSCloud, error) {
 		glog.Infof("AWS cloud - no tag filtering")
 	}
 
+	// Register handler for ECR credentials
+	once.Do(func() {
+		aws_credentials.Init()
+	})
+
 	return awsCloud, nil
 }
 
diff --git a/pkg/credentialprovider/aws/aws_credentials.go b/pkg/credentialprovider/aws/aws_credentials.go
index dd349a58f44..395c438edb7 100644
--- a/pkg/credentialprovider/aws/aws_credentials.go
+++ b/pkg/credentialprovider/aws/aws_credentials.go
@@ -27,7 +27,6 @@ import (
 	"github.com/aws/aws-sdk-go/service/ecr"
 	"github.com/golang/glog"
 	"k8s.io/kubernetes/pkg/cloudprovider"
-	aws_cloud "k8s.io/kubernetes/pkg/cloudprovider/providers/aws"
 	"k8s.io/kubernetes/pkg/credentialprovider"
 )
 
@@ -66,9 +65,10 @@ type ecrProvider struct {
 	getter tokenGetter
 }
 
-// init registers the various means by which ECR credentials may
-// be resolved.
-func init() {
+// Not using the package init() function: this module should be initialized only
+// if using the AWS cloud provider. This way, we avoid timeouts waiting for a
+// non-existent provider.
+func Init() {
 	credentialprovider.RegisterCredentialProvider("aws-ecr-key",
 		&credentialprovider.CachingDockerConfigProvider{
 			Provider: &ecrProvider{},
@@ -82,7 +82,7 @@ func init() {
 // TODO: figure how to enable it manually for deployments that are not on AWS but still
 // use ECR somehow?
 func (p *ecrProvider) Enabled() bool {
-	provider, err := cloudprovider.GetCloudProvider(aws_cloud.ProviderName, nil)
+	provider, err := cloudprovider.GetCloudProvider("aws", nil)
 	if err != nil {
 		glog.Errorf("while initializing AWS cloud provider %v", err)
 		return false