Support HTTPS_PROXY (or HTTP_PROXY) env vars for specifying a pro…

…xy to route traffic through. Note that this will only work with a TLS passthrough proxy anyway; since the TLS connections will fail cert validation otherwise.
hellofresh · Oct 27, 2020 · 25eb000 · 25eb000
1 parent 5fe271d
commit 25eb000
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 4 deletions.
diff --git a/eksrollup/lib/k8s.py b/eksrollup/lib/k8s.py
@@ -1,5 +1,6 @@
 from kubernetes import client, config
 from kubernetes.client.rest import ApiException
+import os
 import subprocess
 import time
 import sys
@@ -16,6 +17,11 @@ def ensure_config_loaded():
         except config.ConfigException:
             raise Exception("Could not configure kubernetes python client")
 
+    proxy_url = os.getenv('HTTPS_PROXY', os.getenv('HTTP_PROXY', None))
+    if proxy_url:
+        logger.info(f"Setting proxy: {proxy_url}")
+        client.Configuration._default.proxy = proxy_url
+
 
 def get_k8s_nodes(exclude_node_label_keys=app_config["EXCLUDE_NODE_LABEL_KEYS"]):
     """

diff --git a/requirements-tests.txt b/requirements-tests.txt
@@ -2,6 +2,4 @@ moto==1.3.13
 python-box~=3.4.0
 flake8~=3.7.7
 nose2~=0.9.1
-kubernetes~=10.0.1
-python-dotenv~=0.10.2
 twine
diff --git a/tests/fixtures/example-kube-config.yaml b/tests/fixtures/example-kube-config.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Config
+current-context: example-context
+clusters:
+  - cluster:
+      server: https://localhost:8080
+    name: local-cluster
+contexts:
+  - context:
+      cluster: local-cluster
+      namespace: default
+      user: user
+    name: example-context
+users:
+  - name: user
+    user: {}
diff --git a/tests/test_k8s.py b/tests/test_k8s.py
@@ -1,10 +1,11 @@
 import os
 import unittest
 import json
-from eksrollup.lib.k8s import k8s_nodes_count, k8s_nodes_ready, get_node_by_instance_id
+from eksrollup.lib.k8s import k8s_nodes_count, k8s_nodes_ready, get_node_by_instance_id, ensure_config_loaded
 from unittest.mock import patch
 from box import Box
-
+from kubernetes.client import ApiClient
+from kubernetes.config import kube_config
 
 class TestK8S(unittest.TestCase):
 
@@ -17,6 +18,22 @@ def setUp(self):
         with open(f"{current_dir}/fixtures/k8s_response_unhealthy.json", "r") as file:
             self.k8s_response_mock_unhealthy = json.load(file)
 
+        kube_config.KUBE_CONFIG_DEFAULT_LOCATION = f"{current_dir}/fixtures/example-kube-config.yaml"
+
+    def test_ensure_config_loaded_proxy_default(self):
+        ensure_config_loaded()
+        self.assertEqual(None, ApiClient().configuration.proxy)
+
+    def test_ensure_config_loaded_proxy_prefers_https(self):
+        with patch.dict(os.environ, {'HTTPS_PROXY': 'http://localhost:12345', 'HTTP_PROXY': 'http://localhost:6789'}):
+            ensure_config_loaded()
+            self.assertEqual('http://localhost:12345', ApiClient().configuration.proxy)
+
+    def test_ensure_config_loaded_proxy_fallback_to_http(self):
+        with patch.dict(os.environ, {'HTTP_PROXY': 'http://localhost:12345'}):
+            ensure_config_loaded()
+            self.assertEqual('http://localhost:12345', ApiClient().configuration.proxy)
+
     def test_k8s_node_count(self):
         with patch('eksrollup.lib.k8s.get_k8s_nodes') as get_k8s_nodes_mock:
             get_k8s_nodes_mock.return_value = self.k8s_response_mock['items']