Add the option to add HTTP PROXY when communicating with AWS

lib/providers/aws.js

@@ -1,16 +1,32 @@
 'use strict'
 
 const AWS = require('aws-sdk')
+const url = require('url')
+const HttpsProxyAgent = require('https-proxy-agent')
 
 const defaultOptions = {
   apiVersion: '2014-11-06',
   region: process.env.AWS_DEFAULT_REGION || 'us-east-1'
 }
 
 module.exports = function (options) {
+
+  // Use HTTPS Proxy (Optional) 
+  const proxy = process.env.proxy ||
+    process.env.HTTP_PROXY ||
+    process.env.http_proxy ||
+    process.env.HTTPS_PROXY ||
+    process.env.https_proxy;
+
+  if (proxy) {
+    const proxyOptions = url.parse(proxy);
+    proxyOptions.secureEndpoint = true;
+    AWS.config.httpOptions.agent = new HttpsProxyAgent(proxyOptions);
+  }
+
   const ssm = new AWS.SSM(Object.assign({}, defaultOptions, options))
 
-  function getSecret (parameterNames) {
+  function getSecret(parameterNames) {
     const names = Array.isArray(parameterNames) ? parameterNames : [parameterNames]
     const params = {
       Names: names,
@@ -25,7 +41,7 @@ module.exports = function (options) {
     })
   }
 
-  function setSecret (name, value, description = 'Created with Serverless Secrets', isEncrypted = true, keyId) {
+  function setSecret(name, value, description = 'Created with Serverless Secrets', isEncrypted = true, keyId) {
     const params = {
       Name: name,
       Value: value,
@@ -39,13 +55,13 @@ module.exports = function (options) {
     return ssm.putParameter(params).promise()
   }
 
-  function deleteSecret (name) {
+  function deleteSecret(name) {
     return ssm.deleteParameter({
       Name: name
     }).promise()
   }
 
-  function listSecrets () {
+  function listSecrets() {
     return new Promise((resolve, reject) => {
       const secretKeys = []
       ssm.describeParameters({}).eachPage((err, data, done) => {
@@ -76,4 +92,4 @@ module.exports = function (options) {
     deleteSecret,
     listSecrets
   }
-}
+}

lib/providers/aws.tests.js

@@ -5,8 +5,26 @@ const td = require('testdouble')
 
 let AWS, awsProvider
 
+test.cb('constructor: Http or Https proxy is set', t => {
+  let proxyArray = ['HTTP_PROXY', 'http_proxy', 'HTTPS_PROXY', 'https_proxy']
+  proxyArray.forEach(param => {
+    delete process.env[param]
+  })
+
+  AWS = require('aws-sdk');
+  proxyArray.forEach((proxyParam) => {
+    process.env[proxyParam] = "http://localhost:8080"
+    awsProvider = require('./aws')()
+    t.is(AWS.config.httpOptions.agent.options.host, 'localhost:8080')
+    t.is(AWS.config.httpOptions.agent.options.secureEndpoint, true)
+    AWS.config.httpOptions.agent = null;
+    delete process.env[proxyParam]
+  })
+  t.end()
+})
+
 test.beforeEach('create provider', t => {
-  function SSM () {}
+  function SSM() {}
   SSM.prototype.getParameters = () => {}
   SSM.prototype.putParameter = () => {}
 
@@ -21,15 +39,15 @@ test.afterEach.always('cleanup', t => {
 
 test.cb('getSecret: happy path', t => {
   td.when(AWS.SSM.prototype.getParameters(td.matchers.anything()))
-    .thenReturn({ promise: () => Promise.resolve({
-      Parameters: [
-        {
+    .thenReturn({
+      promise: () => Promise.resolve({
+        Parameters: [{
           Name: 'test_parameter',
           Type: 'String',
           Value: 'test_secret'
-        }
-      ]
-    }) })
+        }]
+      })
+    })
 
   awsProvider.getSecret('test_parameter').then(data => {
     t.is(data.test_parameter, 'test_secret')
@@ -39,20 +57,21 @@ test.cb('getSecret: happy path', t => {
 
 test.cb('getSecret: happy path array', t => {
   td.when(AWS.SSM.prototype.getParameters(td.matchers.anything()))
-    .thenReturn({ promise: () => Promise.resolve({
-      Parameters: [
-        {
-          Name: 'test_parameter',
-          Type: 'String',
-          Value: 'test_secret'
-        },
-        {
-          Name: 'test_parameter2',
-          Type: 'String',
-          Value: 'test_secret2'
-        }
-      ]
-    }) })
+    .thenReturn({
+      promise: () => Promise.resolve({
+        Parameters: [{
+            Name: 'test_parameter',
+            Type: 'String',
+            Value: 'test_secret'
+          },
+          {
+            Name: 'test_parameter2',
+            Type: 'String',
+            Value: 'test_secret2'
+          }
+        ]
+      })
+    })
 
   awsProvider.getSecret(['test_parameter', 'test_parameter2']).then(data => {
     t.is(data.test_parameter, 'test_secret')
@@ -62,8 +81,14 @@ test.cb('getSecret: happy path array', t => {
 })
 
 test.cb('getSecret: requests decryption', t => {
-  td.when(AWS.SSM.prototype.getParameters(td.matchers.contains({ WithDecryption: true })))
-    .thenReturn({ promise: () => Promise.resolve({ Parameters: [] }) })
+  td.when(AWS.SSM.prototype.getParameters(td.matchers.contains({
+      WithDecryption: true
+    })))
+    .thenReturn({
+      promise: () => Promise.resolve({
+        Parameters: []
+      })
+    })
 
   awsProvider.getSecret([]).then(() => {
     t.pass()
@@ -74,7 +99,9 @@ test.cb('getSecret: requests decryption', t => {
 test.cb('getSecret: error bubbles up', t => {
   const error = {}
   td.when(AWS.SSM.prototype.getParameters(td.matchers.anything()))
-    .thenReturn({ promise: () => Promise.reject(error) })
+    .thenReturn({
+      promise: () => Promise.reject(error)
+    })
 
   awsProvider.getSecret().catch(() => {
     t.pass()
@@ -90,7 +117,9 @@ test('setSecret: happy path', t => {
     Type: 'String',
     KeyId: 'myKmsKey',
     Overwrite: true
-  })).thenReturn({ promise: () => Promise.resolve() })
+  })).thenReturn({
+    promise: () => Promise.resolve()
+  })
 
   awsProvider.setSecret('name', 'value', 'description', false, 'myKmsKey')
 
@@ -100,10 +129,12 @@ test('setSecret: happy path', t => {
 test.cb('setSecret: error bubbles up', t => {
   const error = {}
   td.when(AWS.SSM.prototype.putParameter(td.matchers.anything()))
-    .thenReturn({ promise: () => Promise.reject(error) })
+    .thenReturn({
+      promise: () => Promise.reject(error)
+    })
 
   awsProvider.setSecret([]).catch(() => {
     t.pass()
     t.end()
   })
-})
+})