Skip to content
This repository was archived by the owner on Nov 1, 2025. It is now read-only.

Commit 856db34

Browse files
dan-vdan-v
committed
updates to dockerfile/entrypoint: use existing environment variables provided by cobra library, allow direct interaction with run cli by default, add support for using docker secrets, only override ssh port env variable and set to docker specific default 2222
1 parent cb69729 commit 856db34

File tree

2 files changed

+31
-16
lines changed

2 files changed

+31
-16
lines changed

Dockerfile

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,14 +8,15 @@ RUN cd /src && make linux
88
FROM alpine:latest
99
COPY --from=build-env /src/build/linux/x86-64/awslambdaproxy /app/
1010

11-
ENV AWS_ACCESS_KEY_ID= \
12-
AWS_SECRET_ACCESS_KEY= \
13-
AWS_REGIONS=us-west-2 \
14-
AWS_LAMBDA_MEMORY=128 \
15-
SSH_PORT=2222 \
16-
PROXY_LISTENERS="admin:awslambdaproxy@:8080" \
17-
PROXY_FREQUENCY_REFRESH="14m20s" \
18-
DEBUG_PROXY=false
11+
ENV AWS_ACCESS_KEY_ID=
12+
ENV AWS_SECRET_ACCESS_KEY=
13+
ENV REGIONS=
14+
ENV FREQUENCY=
15+
ENV MEMORY=
16+
ENV SSH_USER=
17+
ENV SSH_PORT=2222
18+
ENV LISTENER=
19+
ENV DEBUG_PROXY=
1920

2021
WORKDIR /app
2122

docker/entrypoint.sh

Lines changed: 22 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
#!/bin/bash
22

33
if [ "$1" == "setup" ]; then
4+
# ask for credentials to setup as this should be a different key with elevated permissions
45
read -p 'Enter AWS_ACCESS_KEY_ID: ' AWS_ACCESS_KEY_ID
56
read -sp 'Enter AWS_SECRET_ACCESS_KEY: ' AWS_SECRET_ACCESS_KEY
67
export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
@@ -9,14 +10,27 @@ if [ "$1" == "setup" ]; then
910
exit 0
1011
fi
1112

12-
mkdir /tmp/etc
13-
mkdir /tmp/etc/ssh
14-
ssh-keygen -A -f /tmp
15-
/usr/sbin/sshd
13+
# if docker secret has been provided for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY use it
14+
if [[ -f /run/secrets/AWS_ACCESS_KEY_ID && -f /run/secrets/AWS_SECRET_ACCESS_KEY ]];
15+
then
16+
export AWS_ACCESS_KEY_ID=$(cat /run/secrets/AWS_ACCESS_KEY_ID)
17+
export AWS_SECRET_ACCESS_KEY=$(cat /run/secrets/AWS_SECRET_ACCESS_KEY)
18+
fi
1619

17-
if [[ "${DEBUG_PROXY}" == 'true' ]]; then
18-
DEBUG_PROXY="--debug-proxy"
20+
# if still don't have keys, exit with error
21+
if [ -z "${AWS_ACCESS_KEY_ID}" ]; then
22+
echo "Need to provide AWS_ACCESS_KEY_ID as secret or environment variable"
23+
exit 1
24+
fi
25+
if [ -z "${AWS_SECRET_ACCESS_KEY}" ]; then
26+
echo "Need to provide AWS_SECRET_ACCESS_KEY as secret or environment variable"
27+
exit 1
1928
fi
2029

21-
/app/awslambdaproxy run -r ${AWS_REGIONS} --ssh-port ${SSH_PORT} -l ${PROXY_LISTENERS} \
22-
-f ${PROXY_FREQUENCY_REFRESH} -m ${AWS_LAMBDA_MEMORY} ${DEBUG_PROXY}
30+
# setup ssh
31+
mkdir -p /tmp/etc/ssh
32+
ssh-keygen -A -f /tmp
33+
/usr/sbin/sshd
34+
35+
# run by default and pass any supplied arguments
36+
/app/awslambdaproxy run $@

0 commit comments

Comments
 (0)