feat: add support for HTTPS proxy for AWS S3 requests in Techdocs

Signed-off-by: Jos Craw <me.joscraw@gmail.com>
2023-02-22 21:52:03 +13:00
parent 522ca3c8d2
commit ea2bbef1b1
7 changed files with 29 additions and 1 deletions
@@ -0,0 +1,6 @@
+---
+'@techdocs/cli': minor
+'@backstage/plugin-techdocs-node': minor
+---
+
+Added support for an HTTPS proxy for techdocs AWS S3 requests
@@ -77,6 +77,7 @@ Options:
  --azureAccountKey <AZURE ACCOUNT KEY>
  --awsRoleArn <AWS ROLE ARN>
  --awsEndpoint <AWS ENDPOINT>
+  --awsProxy <HTTPS Proxy>
  --awsS3sse <AWS SSE>
  --awsS3ForcePathStyle
  --awsBucketRootPath <AWS BUCKET ROOT PATH>
@@ -173,6 +173,10 @@ export function registerCommands(program: Command) {
      '--awsEndpoint <AWS ENDPOINT>',
      'Optional AWS endpoint to send requests to.',
    )
+    .option(
+      '--awsProxy <HTTPS Proxy>',
+      'Optional Proxy to use for AWS requests.',
+    )
    .option('--awsS3sse <AWS SSE>', 'Optional AWS S3 Server Side Encryption.')
    .option(
      '--awsS3ForcePathStyle',
@@ -94,6 +94,7 @@ export class PublisherConfig {
        ...(opts.awsEndpoint && { endpoint: opts.awsEndpoint }),
        ...(opts.awsS3ForcePathStyle && { s3ForcePathStyle: true }),
        ...(opts.awsS3sse && { sse: opts.awsS3sse }),
+        ...(opts.awsProxy && { httpsProxy: opts.awsProxy }),
      },
    };
  }
@@ -42,6 +42,7 @@
    "@aws-sdk/client-s3": "^3.208.0",
    "@aws-sdk/credential-providers": "^3.208.0",
    "@aws-sdk/lib-storage": "^3.208.0",
+    "@aws-sdk/node-http-handler": "^3.208.0",
    "@aws-sdk/types": "^3.208.0",
    "@azure/identity": "^2.1.0",
    "@azure/storage-blob": "^12.5.0",
@@ -58,6 +59,7 @@
    "express": "^4.17.1",
    "fs-extra": "10.1.0",
    "git-url-parse": "^13.0.0",
+    "hpagent": "^1.2.0",
    "js-yaml": "^4.0.0",
    "json5": "^2.1.3",
    "mime-types": "^2.1.27",
@@ -32,8 +32,10 @@ import {
  S3Client,
 } from '@aws-sdk/client-s3';
 import { fromTemporaryCredentials } from '@aws-sdk/credential-providers';
+import { NodeHttpHandler } from '@aws-sdk/node-http-handler';
 import { Upload } from '@aws-sdk/lib-storage';
 import { AwsCredentialIdentityProvider } from '@aws-sdk/types';
+import { HttpsProxyAgent } from 'hpagent';
 import express from 'express';
 import fs from 'fs-extra';
 import JSON5 from 'json5';
@@ -150,6 +152,11 @@ export class AwsS3Publish implements PublisherBase {
      'techdocs.publisher.awsS3.endpoint',
    );

+    // AWS HTTPS proxy is an optional config. If missing, no proxy is used
+    const httpsProxy = config.getOptionalString(
+      'techdocs.publisher.awsS3.httpsProxy',
+    );
+
    // AWS forcePathStyle is an optional config. If missing, it defaults to false. Needs to be enabled for cases
    // where endpoint url points to locally hosted S3 compatible storage like Localstack
    const forcePathStyle = config.getOptionalBoolean(
@@ -162,6 +169,11 @@ export class AwsS3Publish implements PublisherBase {
      ...(region && { region }),
      ...(endpoint && { endpoint }),
      ...(forcePathStyle && { forcePathStyle }),
+      ...(httpsProxy && {
+        requestHandler: new NodeHttpHandler({
+          httpsAgent: new HttpsProxyAgent({ proxy: httpsProxy }),
+        }),
+      }),
    });

    const legacyPathCasing =
@@ -1211,7 +1211,7 @@ __metadata:
  languageName: node
  linkType: hard

-"@aws-sdk/node-http-handler@npm:3.272.0":
+"@aws-sdk/node-http-handler@npm:3.272.0, @aws-sdk/node-http-handler@npm:^3.208.0":
  version: 3.272.0
  resolution: "@aws-sdk/node-http-handler@npm:3.272.0"
  dependencies:
@@ -8516,6 +8516,7 @@ __metadata:
    "@aws-sdk/client-s3": ^3.208.0
    "@aws-sdk/credential-providers": ^3.208.0
    "@aws-sdk/lib-storage": ^3.208.0
+    "@aws-sdk/node-http-handler": ^3.208.0
    "@aws-sdk/types": ^3.208.0
    "@azure/identity": ^2.1.0
    "@azure/storage-blob": ^12.5.0
@@ -8540,6 +8541,7 @@ __metadata:
    express: ^4.17.1
    fs-extra: 10.1.0
    git-url-parse: ^13.0.0
+    hpagent: ^1.2.0
    js-yaml: ^4.0.0
    json5: ^2.1.3
    mime-types: ^2.1.27