Register ECR credential plugin only when an AWS cloud instance is created
This commit is contained in:
Rudi Chiarito
parent
1e68e719c3
commit
76e29ed455
@ -42,6 +42,7 @@ import (
|
|||||||
|
|
||||||
"k8s.io/kubernetes/pkg/api"
|
"k8s.io/kubernetes/pkg/api"
|
||||||
"k8s.io/kubernetes/pkg/cloudprovider"
|
"k8s.io/kubernetes/pkg/cloudprovider"
|
||||||
|
"k8s.io/kubernetes/pkg/credentialprovider/aws"
|
||||||
"k8s.io/kubernetes/pkg/util/sets"
|
"k8s.io/kubernetes/pkg/util/sets"
|
||||||
|
|
||||||
"github.com/golang/glog"
|
"github.com/golang/glog"
|
||||||
@ -64,6 +65,9 @@ const MaxReadThenCreateRetries = 30
|
|||||||
// need hardcoded defaults.
|
// need hardcoded defaults.
|
||||||
const DefaultVolumeType = "gp2"
|
const DefaultVolumeType = "gp2"
|
||||||
|
|
||||||
|
// Used to call aws_credentials.Init() just once
|
||||||
|
var once sync.Once
|
||||||
|
|
||||||
// Abstraction over AWS, to allow mocking/other implementations
|
// Abstraction over AWS, to allow mocking/other implementations
|
||||||
type AWSServices interface {
|
type AWSServices interface {
|
||||||
Compute(region string) (EC2, error)
|
Compute(region string) (EC2, error)
|
||||||
@ -591,6 +595,11 @@ func newAWSCloud(config io.Reader, awsServices AWSServices) (*AWSCloud, error) {
|
|||||||
glog.Infof("AWS cloud - no tag filtering")
|
glog.Infof("AWS cloud - no tag filtering")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Register handler for ECR credentials
|
||||||
|
once.Do(func() {
|
||||||
|
aws_credentials.Init()
|
||||||
|
})
|
||||||
|
|
||||||
return awsCloud, nil
|
return awsCloud, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,6 @@ import (
|
|||||||
"github.com/aws/aws-sdk-go/service/ecr"
|
"github.com/aws/aws-sdk-go/service/ecr"
|
||||||
"github.com/golang/glog"
|
"github.com/golang/glog"
|
||||||
"k8s.io/kubernetes/pkg/cloudprovider"
|
"k8s.io/kubernetes/pkg/cloudprovider"
|
||||||
aws_cloud "k8s.io/kubernetes/pkg/cloudprovider/providers/aws"
|
|
||||||
"k8s.io/kubernetes/pkg/credentialprovider"
|
"k8s.io/kubernetes/pkg/credentialprovider"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -66,9 +65,10 @@ type ecrProvider struct {
|
|||||||
getter tokenGetter
|
getter tokenGetter
|
||||||
}
|
}
|
||||||
|
|
||||||
// init registers the various means by which ECR credentials may
|
// Not using the package init() function: this module should be initialized only
|
||||||
// be resolved.
|
// if using the AWS cloud provider. This way, we avoid timeouts waiting for a
|
||||||
func init() {
|
// non-existent provider.
|
||||||
|
func Init() {
|
||||||
credentialprovider.RegisterCredentialProvider("aws-ecr-key",
|
credentialprovider.RegisterCredentialProvider("aws-ecr-key",
|
||||||
&credentialprovider.CachingDockerConfigProvider{
|
&credentialprovider.CachingDockerConfigProvider{
|
||||||
Provider: &ecrProvider{},
|
Provider: &ecrProvider{},
|
||||||
@ -82,7 +82,7 @@ func init() {
|
|||||||
// TODO: figure how to enable it manually for deployments that are not on AWS but still
|
// TODO: figure how to enable it manually for deployments that are not on AWS but still
|
||||||
// use ECR somehow?
|
// use ECR somehow?
|
||||||
func (p *ecrProvider) Enabled() bool {
|
func (p *ecrProvider) Enabled() bool {
|
||||||
provider, err := cloudprovider.GetCloudProvider(aws_cloud.ProviderName, nil)
|
provider, err := cloudprovider.GetCloudProvider("aws", nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
glog.Errorf("while initializing AWS cloud provider %v", err)
|
glog.Errorf("while initializing AWS cloud provider %v", err)
|
||||||
return false
|
return false
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user