Revert "Migrate ECR Client to AWS SDK Go V2 (aws#4512)" (aws#4539)

This reverts commit b90cd31.

Author: prateekchaudhry

agent/dockerclient/dockerapi/docker_client_test.go

@@ -36,15 +36,17 @@ import (
 	mock_sdkclient "github.com/aws/amazon-ecs-agent/agent/dockerclient/sdkclient/mocks"
 	mock_sdkclientfactory "github.com/aws/amazon-ecs-agent/agent/dockerclient/sdkclientfactory/mocks"
 	mock_ecr "github.com/aws/amazon-ecs-agent/agent/ecr/mocks"
+	ecrapi "github.com/aws/amazon-ecs-agent/agent/ecr/model/ecr"
 	apicontainerstatus "github.com/aws/amazon-ecs-agent/ecs-agent/api/container/status"
 	apierrors "github.com/aws/amazon-ecs-agent/ecs-agent/api/errors"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/credentials"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/ec2"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/utils/retry"
 	mock_ttime "github.com/aws/amazon-ecs-agent/ecs-agent/utils/ttime/mocks"
+	"github.com/opencontainers/go-digest"
+	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 
-	"github.com/aws/aws-sdk-go-v2/aws"
-	ecr_types "github.com/aws/aws-sdk-go-v2/service/ecr/types"
+	"github.com/aws/aws-sdk-go/aws"
 	"github.com/docker/docker/api/types"
 	dockercontainer "github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/events"
@@ -54,8 +56,6 @@ import (
 	"github.com/docker/docker/api/types/volume"
 	"github.com/docker/go-connections/nat"
 	"github.com/golang/mock/gomock"
-	"github.com/opencontainers/go-digest"
-	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -282,7 +282,7 @@ func TestPullImageECRSuccess(t *testing.T) {
 
 	ecrClientFactory.EXPECT().GetClient(authData.ECRAuthData).Return(ecrClient, nil)
 	ecrClient.EXPECT().GetAuthorizationToken(registryID).Return(
-		&ecr_types.AuthorizationData{
+		&ecrapi.AuthorizationData{
 			ProxyEndpoint:      aws.String("https://" + imageEndpoint),
 			AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 		}, nil)
@@ -1020,7 +1020,7 @@ func TestContainerEvents(t *testing.T) {
 		anEvent := <-dockerEvents
 		assert.True(t, anEvent.DockerID == "cid30" || anEvent.DockerID == "cid31", "Wrong container id: "+anEvent.DockerID)
 		assert.Equal(t, anEvent.Status, apicontainerstatus.ContainerStopped, "Should be stopped")
-		assert.Equal(t, aws.ToInt(anEvent.ExitCode), 20, "Incorrect exit code")
+		assert.Equal(t, aws.IntValue(anEvent.ExitCode), 20, "Incorrect exit code")
 	}
 
 	containerWithHealthInfo := types.ContainerJSON{
@@ -1771,7 +1771,7 @@ func TestECRAuthCacheWithoutExecutionRole(t *testing.T) {
 
 	ecrClientFactory.EXPECT().GetClient(authData.ECRAuthData).Return(ecrClient, nil).Times(1)
 	ecrClient.EXPECT().GetAuthorizationToken(registryID).Return(
-		&ecr_types.AuthorizationData{
+		&ecrapi.AuthorizationData{
 			ProxyEndpoint:      aws.String("https://" + imageEndpoint),
 			AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 			ExpiresAt:          aws.Time(time.Now().Add(10 * time.Hour)),
@@ -1827,7 +1827,7 @@ func TestECRAuthCacheForDifferentRegistry(t *testing.T) {
 
 	ecrClientFactory.EXPECT().GetClient(authData.ECRAuthData).Return(ecrClient, nil).Times(1)
 	ecrClient.EXPECT().GetAuthorizationToken(registryID).Return(
-		&ecr_types.AuthorizationData{
+		&ecrapi.AuthorizationData{
 			ProxyEndpoint:      aws.String("https://" + imageEndpoint),
 			AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 			ExpiresAt:          aws.Time(time.Now().Add(10 * time.Hour)),
@@ -1846,7 +1846,7 @@ func TestECRAuthCacheForDifferentRegistry(t *testing.T) {
 	authData.ECRAuthData.RegistryID = "another"
 	ecrClientFactory.EXPECT().GetClient(authData.ECRAuthData).Return(ecrClient, nil).Times(1)
 	ecrClient.EXPECT().GetAuthorizationToken("another").Return(
-		&ecr_types.AuthorizationData{
+		&ecrapi.AuthorizationData{
 			ProxyEndpoint:      aws.String("https://" + imageEndpoint),
 			AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 			ExpiresAt:          aws.Time(time.Now().Add(10 * time.Hour)),
@@ -1886,7 +1886,7 @@ func TestECRAuthCacheWithSameExecutionRole(t *testing.T) {
 
 	ecrClientFactory.EXPECT().GetClient(authData.ECRAuthData).Return(ecrClient, nil).Times(1)
 	ecrClient.EXPECT().GetAuthorizationToken(registryID).Return(
-		&ecr_types.AuthorizationData{
+		&ecrapi.AuthorizationData{
 			ProxyEndpoint:      aws.String("https://" + imageEndpoint),
 			AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 			ExpiresAt:          aws.Time(time.Now().Add(10 * time.Hour)),
@@ -1941,7 +1941,7 @@ func TestECRAuthCacheWithDifferentExecutionRole(t *testing.T) {
 
 	ecrClientFactory.EXPECT().GetClient(authData.ECRAuthData).Return(ecrClient, nil).Times(1)
 	ecrClient.EXPECT().GetAuthorizationToken(registryID).Return(
-		&ecr_types.AuthorizationData{
+		&ecrapi.AuthorizationData{
 			ProxyEndpoint:      aws.String("https://" + imageEndpoint),
 			AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 			ExpiresAt:          aws.Time(time.Now().Add(10 * time.Hour)),
@@ -1962,7 +1962,7 @@ func TestECRAuthCacheWithDifferentExecutionRole(t *testing.T) {
 	})
 	ecrClientFactory.EXPECT().GetClient(authData.ECRAuthData).Return(ecrClient, nil).Times(1)
 	ecrClient.EXPECT().GetAuthorizationToken(registryID).Return(
-		&ecr_types.AuthorizationData{
+		&ecrapi.AuthorizationData{
 			ProxyEndpoint:      aws.String("https://" + imageEndpoint),
 			AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 			ExpiresAt:          aws.Time(time.Now().Add(10 * time.Hour)),

agent/dockerclient/dockerauth/ecr.go

@@ -21,14 +21,13 @@ import (
 
 	apicontainer "github.com/aws/amazon-ecs-agent/agent/api/container"
 	"github.com/aws/amazon-ecs-agent/agent/ecr"
+	ecrapi "github.com/aws/amazon-ecs-agent/agent/ecr/model/ecr"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/async"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/credentials"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/logger"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/logger/field"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/utils/retry"
-
-	"github.com/aws/aws-sdk-go-v2/aws"
-	"github.com/aws/aws-sdk-go-v2/service/ecr/types"
+	"github.com/aws/aws-sdk-go/aws"
 	log "github.com/cihub/seelog"
 	"github.com/docker/docker/api/types/registry"
 )
@@ -116,7 +115,7 @@ func (authProvider *ecrAuthProvider) getAuthConfigFromCache(key cacheKey) *regis
 		return nil
 	}
 
-	cachedToken, ok := token.(*types.AuthorizationData)
+	cachedToken, ok := token.(*ecrapi.AuthorizationData)
 	if !ok {
 		log.Warnf("Reading ECR credentials from cache failed")
 		return nil
@@ -164,7 +163,7 @@ func (authProvider *ecrAuthProvider) getAuthConfigFromECR(image string, key cach
 
 	// Verify the auth data has the correct format for ECR
 	if ecrAuthData.ProxyEndpoint != nil &&
-		strings.HasPrefix(proxyEndpointScheme+image, aws.ToString(ecrAuthData.ProxyEndpoint)) &&
+		strings.HasPrefix(proxyEndpointScheme+image, aws.StringValue(ecrAuthData.ProxyEndpoint)) &&
 		ecrAuthData.AuthorizationToken != nil {
 
 		// Cache the new token
@@ -174,27 +173,27 @@ func (authProvider *ecrAuthProvider) getAuthConfigFromECR(image string, key cach
 	return registry.AuthConfig{}, fmt.Errorf("ecr auth: AuthorizationData is malformed for %s", image)
 }
 
-func extractToken(authData *types.AuthorizationData) (registry.AuthConfig, error) {
-	decodedToken, err := base64.StdEncoding.DecodeString(aws.ToString(authData.AuthorizationToken))
+func extractToken(authData *ecrapi.AuthorizationData) (registry.AuthConfig, error) {
+	decodedToken, err := base64.StdEncoding.DecodeString(aws.StringValue(authData.AuthorizationToken))
 	if err != nil {
 		return registry.AuthConfig{}, err
 	}
 	parts := strings.SplitN(string(decodedToken), ":", 2)
 	return registry.AuthConfig{
 		Username:      parts[0],
 		Password:      parts[1],
-		ServerAddress: aws.ToString(authData.ProxyEndpoint),
+		ServerAddress: aws.StringValue(authData.ProxyEndpoint),
 	}, nil
 }
 
 // IsTokenValid checks the token is still within it's expiration window. We early expire to allow
 // for timing in calls and add jitter to avoid refreshing all of the tokens at once.
-func (authProvider *ecrAuthProvider) IsTokenValid(authData *types.AuthorizationData) bool {
+func (authProvider *ecrAuthProvider) IsTokenValid(authData *ecrapi.AuthorizationData) bool {
 	if authData == nil || authData.ExpiresAt == nil {
 		return false
 	}
 
-	refreshTime := aws.ToTime(authData.ExpiresAt).
+	refreshTime := aws.TimeValue(authData.ExpiresAt).
 		Add(-1 * retry.AddJitter(MinimumJitterDuration, MinimumJitterDuration))
 
 	return time.Now().Before(refreshTime)

agent/dockerclient/dockerauth/ecr_test.go

@@ -25,12 +25,11 @@ import (
 
 	apicontainer "github.com/aws/amazon-ecs-agent/agent/api/container"
 	mock_ecr "github.com/aws/amazon-ecs-agent/agent/ecr/mocks"
+	ecrapi "github.com/aws/amazon-ecs-agent/agent/ecr/model/ecr"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/async"
 	mock_async "github.com/aws/amazon-ecs-agent/ecs-agent/async/mocks"
 	"github.com/aws/amazon-ecs-agent/ecs-agent/credentials"
-
-	"github.com/aws/aws-sdk-go-v2/aws"
-	"github.com/aws/aws-sdk-go-v2/service/ecr/types"
+	"github.com/aws/aws-sdk-go/aws"
 	"github.com/docker/docker/api/types/registry"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
@@ -79,7 +78,7 @@ func TestGetAuthConfigSuccess(t *testing.T) {
 	}
 
 	factory.EXPECT().GetClient(authData).Return(client, nil)
-	client.EXPECT().GetAuthorizationToken(authData.RegistryID).Return(&types.AuthorizationData{
+	client.EXPECT().GetAuthorizationToken(authData.RegistryID).Return(&ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + proxyEndpoint),
 		AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 	}, nil)
@@ -116,7 +115,7 @@ func TestGetAuthConfigNoMatchAuthorizationToken(t *testing.T) {
 	}
 
 	factory.EXPECT().GetClient(authData).Return(client, nil)
-	client.EXPECT().GetAuthorizationToken(authData.RegistryID).Return(&types.AuthorizationData{
+	client.EXPECT().GetAuthorizationToken(authData.RegistryID).Return(&ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + "notproxy"),
 		AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 	}, nil)
@@ -151,7 +150,7 @@ func TestGetAuthConfigBadBase64(t *testing.T) {
 	}
 
 	factory.EXPECT().GetClient(authData).Return(client, nil)
-	client.EXPECT().GetAuthorizationToken(authData.RegistryID).Return(&types.AuthorizationData{
+	client.EXPECT().GetAuthorizationToken(authData.RegistryID).Return(&ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + "notproxy"),
 		AuthorizationToken: aws.String((username + ":" + password)),
 	}, nil)
@@ -254,7 +253,7 @@ func TestIsTokenValid(t *testing.T) {
 	}
 
 	for _, testCase := range testAuthTimes {
-		testAuthData := &types.AuthorizationData{
+		testAuthData := &ecrapi.AuthorizationData{
 			ProxyEndpoint:      aws.String(testProxyEndpoint),
 			AuthorizationToken: aws.String(testToken),
 			ExpiresAt:          aws.Time(time.Now().Add(testCase.expireIn)),
@@ -301,7 +300,7 @@ func TestAuthorizationTokenCacheMiss(t *testing.T) {
 		endpointOverride: authData.EndpointOverride,
 	}
 
-	dockerAuthData := &types.AuthorizationData{
+	dockerAuthData := &ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + proxyEndpoint),
 		AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 	}
@@ -331,7 +330,7 @@ func TestAuthorizationTokenCacheHit(t *testing.T) {
 	password := "test_passwd"
 
 	proxyEndpoint := "proxy"
-	testAuthData := &types.AuthorizationData{
+	testAuthData := &ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + proxyEndpoint),
 		AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 		ExpiresAt:          aws.Time(time.Now().Add(12 * time.Hour)),
@@ -373,7 +372,7 @@ func TestAuthorizationTokenCacheWithCredentialsHit(t *testing.T) {
 	password := "test_passwd"
 
 	proxyEndpoint := "proxy"
-	testAuthData := &types.AuthorizationData{
+	testAuthData := &ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + proxyEndpoint),
 		AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 		ExpiresAt:          aws.Time(time.Now().Add(12 * time.Hour)),
@@ -420,7 +419,7 @@ func TestAuthorizationTokenCacheHitExpired(t *testing.T) {
 	password := "test_passwd"
 
 	proxyEndpoint := "proxy"
-	testAuthData := &types.AuthorizationData{
+	testAuthData := &ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + proxyEndpoint),
 		AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 		ExpiresAt:          aws.Time(time.Now()),
@@ -445,7 +444,7 @@ func TestAuthorizationTokenCacheHitExpired(t *testing.T) {
 		endpointOverride: authData.EndpointOverride,
 	}
 
-	dockerAuthData := &types.AuthorizationData{
+	dockerAuthData := &ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + proxyEndpoint),
 		AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 	}
@@ -477,7 +476,7 @@ func TestExtractECRTokenError(t *testing.T) {
 	password := "test_passwd"
 
 	proxyEndpoint := "proxy"
-	testAuthData := &types.AuthorizationData{
+	testAuthData := &ecrapi.AuthorizationData{
 		ProxyEndpoint: aws.String(proxyEndpointScheme + proxyEndpoint),
 		// This will makes the extract fail
 		AuthorizationToken: aws.String("-"),
@@ -503,7 +502,7 @@ func TestExtractECRTokenError(t *testing.T) {
 		endpointOverride: authData.EndpointOverride,
 	}
 
-	dockerAuthData := &types.AuthorizationData{
+	dockerAuthData := &ecrapi.AuthorizationData{
 		ProxyEndpoint:      aws.String(proxyEndpointScheme + proxyEndpoint),
 		AuthorizationToken: aws.String(base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
 	}

agent/ecr/client.go

@@ -14,12 +14,11 @@
 package ecr
 
 import (
-	"context"
 	"fmt"
 	"time"
 
-	ecrservice "github.com/aws/aws-sdk-go-v2/service/ecr"
-	"github.com/aws/aws-sdk-go-v2/service/ecr/types"
+	ecrapi "github.com/aws/amazon-ecs-agent/agent/ecr/model/ecr"
+	"github.com/aws/aws-sdk-go/aws"
 	log "github.com/cihub/seelog"
 )
 
@@ -30,14 +29,14 @@ const (
 
 // ECRClient wrapper interface for mocking
 type ECRClient interface {
-	GetAuthorizationToken(registryId string) (*types.AuthorizationData, error)
+	GetAuthorizationToken(registryId string) (*ecrapi.AuthorizationData, error)
 }
 
 // ECRSDK is an interface that specifies the subset of the AWS Go SDK's ECR
 // client that the Agent uses.  This interface is meant to allow injecting a
 // mock for testing.
 type ECRSDK interface {
-	GetAuthorizationToken(context.Context, *ecrservice.GetAuthorizationTokenInput, ...func(*ecrservice.Options)) (*ecrservice.GetAuthorizationTokenOutput, error)
+	GetAuthorizationToken(*ecrapi.GetAuthorizationTokenInput) (*ecrapi.GetAuthorizationTokenOutput, error)
 }
 
 type ecrClient struct {
@@ -52,11 +51,11 @@ func NewECRClient(sdkClient ECRSDK) ECRClient {
 }
 
 // GetAuthorizationToken calls the ecr api to get the docker auth for the specified registry
-func (client *ecrClient) GetAuthorizationToken(registryId string) (*types.AuthorizationData, error) {
+func (client *ecrClient) GetAuthorizationToken(registryId string) (*ecrapi.AuthorizationData, error) {
 	log.Debugf("Calling GetAuthorizationToken for %q", registryId)
 
-	output, err := client.sdkClient.GetAuthorizationToken(context.TODO(), &ecrservice.GetAuthorizationTokenInput{
-		RegistryIds: []string{registryId},
+	output, err := client.sdkClient.GetAuthorizationToken(&ecrapi.GetAuthorizationTokenInput{
+		RegistryIds: []*string{aws.String(registryId)},
 	})
 
 	if err != nil {
@@ -66,5 +65,5 @@ func (client *ecrClient) GetAuthorizationToken(registryId string) (*types.Author
 	if len(output.AuthorizationData) != 1 {
 		return nil, fmt.Errorf("unexpected number of results in AuthorizationData (%d)", len(output.AuthorizationData))
 	}
-	return &output.AuthorizationData[0], nil
+	return output.AuthorizationData[0], nil
 }

agent/ecr/client_test.go

@@ -18,14 +18,13 @@
 package ecr_test
 
 import (
-	"context"
 	"errors"
 	"testing"
 
 	"github.com/aws/amazon-ecs-agent/agent/ecr"
 	mock_ecr "github.com/aws/amazon-ecs-agent/agent/ecr/mocks"
-	ecrservice "github.com/aws/aws-sdk-go-v2/service/ecr"
-	"github.com/aws/aws-sdk-go-v2/service/ecr/types"
+	ecrapi "github.com/aws/amazon-ecs-agent/agent/ecr/model/ecr"
+	"github.com/aws/aws-sdk-go/aws"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
@@ -58,11 +57,10 @@ func (suite *GetAuthorizationTokenTestSuite) TeardownTest() {
 
 func (suite *GetAuthorizationTokenTestSuite) TestGetAuthorizationTokenMissingAuthData() {
 	suite.mockClient.EXPECT().GetAuthorizationToken(
-		context.TODO(),
-		&ecrservice.GetAuthorizationTokenInput{
-			RegistryIds: []string{testRegistryId},
-		}).Return(&ecrservice.GetAuthorizationTokenOutput{
-		AuthorizationData: []types.AuthorizationData{},
+		&ecrapi.GetAuthorizationTokenInput{
+			RegistryIds: []*string{aws.String(testRegistryId)},
+		}).Return(&ecrapi.GetAuthorizationTokenOutput{
+		AuthorizationData: []*ecrapi.AuthorizationData{},
 	}, nil)
 
 	authorizationData, err := suite.ecrClient.GetAuthorizationToken(testRegistryId)
@@ -72,9 +70,8 @@ func (suite *GetAuthorizationTokenTestSuite) TestGetAuthorizationTokenMissingAut
 
 func (suite *GetAuthorizationTokenTestSuite) TestGetAuthorizationTokenError() {
 	suite.mockClient.EXPECT().GetAuthorizationToken(
-		context.TODO(),
-		&ecrservice.GetAuthorizationTokenInput{
-			RegistryIds: []string{testRegistryId},
+		&ecrapi.GetAuthorizationTokenInput{
+			RegistryIds: []*string{aws.String(testRegistryId)},
 		}).Return(nil, errors.New("Nope Nope Nope"))
 
 	authorizationData, err := suite.ecrClient.GetAuthorizationToken(testRegistryId)