Environment variable https_proxy is not used

[svasek]

Behaviour

Login to AWS ECR doesn't work if action is running behind http(s) proxy.

Steps to reproduce this issue

1. Run self-hosted runner in network environment with blocked internet connection which needs use http_proxy
2. Set Environment variables http_proxy and https_proxy to correct proxy server
3. Let login-action to login to (private) ECR
4. Error: connect ETIMEDOUT 52.119.173.252:443

Expected behaviour

AWS ECR auth token should be retrieved with AWS SDK.

Actual behaviour

##[debug]Save intra-action state isPost = true
::save-state name=registry::***.dkr.ecr.us-west-2.amazonaws.com
##[debug]Save intra-action state registry = ***.dkr.ecr.us-west-2.amazonaws.com
::save-state name=logout::true
##[debug]Save intra-action state logout = true
Retrieving registries data through AWS SDK...
##[debug]Requesting AWS ECR auth token for ***
AWS ECR detected with us-west-2 region
Error: connect ETIMEDOUT 52.119.173.252:443
##[debug]Node Action run completed with exit code 1
##[debug]Finishing: Login to AWS ECR

Configuration

• Repository URL (if public): private
• Build URL (if public): private

      - name: Configure AWS Credentials
        if: github.event_name != 'pull_request'
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: us-west-2

      - name: Login to AWS ECR
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v1
        with:
          registry: ${{ env.ECR_REPO }}

[crazy-max]

@svasek Is the uses: aws-actions/configure-aws-credentials@v1 step working?

[svasek]

@svasek Is the uses: aws-actions/configure-aws-credentials@v1 step working?

I'm not sure as I've added it because it didn't work.

[crazy-max]

I'm not sure as I've added it because it didn't work.

Doesn't look like it aws-actions/configure-aws-credentials#222

[crazy-max]

Looking at their docs it should be capitalize HTTP_PROXY, HTTPS_PROXY I think or maybe we need this kind of pkg: https://github.com/awslabs/aws-sdk-v3-js-proxy#readme. I will open a PR to check this out.

[svasek]

• The workflow fails in step Login to AWS ECR
• It doesn't work even when I set environment variables capitalised
• It doesn't work even when I use directly docker/login-action w/o aws-actions/configure-aws-credentials

[svasek]

Unfortunately it doesn't even when I tried it run directly:

      - name: Login to AWS ECR
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v1
        with:
          registry: ${{ env.ECR_REPO }}
          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        env:
          NO_PROXY: ${{ env.NO_PROXY }}
          HTTP_PROXY: ${{ env.PROXYURL }}
          HTTPS_PROXY: ${{ env.PROXYURL }} 

Log output:

Run actions/docker-login-action@v1
::save-state name=isPost::true
##[debug]Save intra-action state isPost = true
::save-state name=registry::***.dkr.ecr.us-west-2.amazonaws.com
##[debug]Save intra-action state registry = ***.dkr.ecr.us-west-2.amazonaws.com
::save-state name=logout::true
##[debug]Save intra-action state logout = true
Retrieving registries data through AWS SDK...
##[debug]Requesting AWS ECR auth token for ***
AWS ECR detected with us-west-2 region
Error: connect ETIMEDOUT 54.240.253.186:443
##[debug]Node Action run completed with exit code 1
##[debug]Finishing: Login to AWS ECR

[svasek]

Hi @crazy-max, is there any update on this?

[crazy-max]

@svasek Oh sorry I completely forgot that one. Will setup smth this week!

[crazy-max]

@svasek Can you try with:

      - name: Login to AWS ECR
        if: github.event_name != 'pull_request'
        uses: crazy-max/docker-login-action@aws-sdk-proxy
        with:
          registry: ${{ env.ECR_REPO }}
          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        env:
          HTTP_PROXY: ${{ env.HTTP_PROXY_URL }}
          HTTPS_PROXY: ${{ env.HTTPS_PROXY_URL }} 

[svasek]

Hi @crazy-max,
🎉 Congratulation! I can confirm it works like a charm in both scenarios.
So, It works even with the aws-actions/configure-aws-credentials.

It's also not necessary to set additional env for the step if proxy is set in the runner global environment.
Thank you very much. Good job!

► Run crazy-max/docker-login-action@aws-sdk-proxy
::save-state name=isPost::true
##[debug]Save intra-action state isPost = true
::save-state name=registry::***.dkr.ecr.us-west-2.amazonaws.com
##[debug]Save intra-action state registry = ***.dkr.ecr.us-west-2.amazonaws.com
::save-state name=logout::true
##[debug]Save intra-action state logout = true
Retrieving registries data through AWS SDK...
##[debug]Requesting AWS ECR auth token for ***
##[debug]Using http proxy http://proxy-us-aws.***.***:3128
##[debug]Using https proxy http://proxy-us-aws.***.***:3128
AWS ECR detected with us-west-2 region
(node:910) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
Logging into https://***.dkr.ecr.us-west-2.amazonaws.com...
Login Succeeded!
##[debug]Node Action run completed with exit code 0
##[debug]Finishing: Login to AWS ECR