Skip to content

Commit

Permalink
fix(ecr): setting imageScanningConfiguration to false does nothing on…
Browse files Browse the repository at this point in the history 
… existing repository (#18078)

fixes #18077 


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
@peterwoodworth
peterwoodworth committed Mar 18, 2022
1 parent 8c7a4ac commit 78bc870
Show file tree
Hide file tree
Showing 10 changed files with 58 additions and 7 deletions.
15 changes: 13 additions & 2 deletions packages/@aws-cdk/aws-batch/test/integ.batch.expected.json
View file
Expand Up @@ -1665,6 +1665,11 @@
},
"batchjobrepo4C508C51": {
"Type": "AWS::ECR::Repository",
"Properties": {
"ImageScanningConfiguration": {
"ScanOnPush": false
}
},
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
Expand Down Expand Up @@ -1725,8 +1730,14 @@
"Privileged": false,
"ReadonlyRootFilesystem": false,
"ResourceRequirements": [
{ "Type": "VCPU", "Value": "1" },
{ "Type": "MEMORY", "Value": "4" }
{
"Type": "VCPU",
"Value": "1"
},
{
"Type": "MEMORY",
"Value": "4"
}
]
},
"PlatformCapabilities": [
Expand Down
5 changes: 5 additions & 0 deletions packages/@aws-cdk/aws-codebuild/test/integ.ecr.lit.expected.json
View file
Expand Up @@ -2,6 +2,11 @@
"Resources": {
"MyRepoF4F48043": {
"Type": "AWS::ECR::Repository",
"Properties": {
"ImageScanningConfiguration": {
"ScanOnPush": false
}
},
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
Expand Down
5 changes: 5 additions & 0 deletions packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json
View file
Expand Up @@ -356,6 +356,11 @@
},
"MyEcrRepo767466D0": {
"Type": "AWS::ECR::Repository",
"Properties": {
"ImageScanningConfiguration": {
"ScanOnPush": false
}
},
"UpdateReplacePolicy": "Delete",
"DeletionPolicy": "Delete"
},
Expand Down
5 changes: 5 additions & 0 deletions packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecs-deploy.expected.json
View file
Expand Up @@ -201,6 +201,11 @@
},
"EcrRepoBB83A592": {
"Type": "AWS::ECR::Repository",
"Properties": {
"ImageScanningConfiguration": {
"ScanOnPush": false
}
},
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
Expand Down
5 changes: 5 additions & 0 deletions ...ws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecs-separate-source.lit.expected.json
View file
Expand Up @@ -3,6 +3,11 @@
"Resources": {
"EcsDeployRepositoryE7A569C0": {
"Type": "AWS::ECR::Repository",
"Properties": {
"ImageScanningConfiguration": {
"ScanOnPush": false
}
},
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
Expand Down
4 changes: 1 addition & 3 deletions packages/@aws-cdk/aws-ecr/lib/repository.ts
View file
Expand Up @@ -508,9 +508,7 @@ export class Repository extends RepositoryBase {
// It says "Text", but they actually mean "Object".
repositoryPolicyText: Lazy.any({ produce: () => this.policyDocument }),
lifecyclePolicy: Lazy.any({ produce: () => this.renderLifecyclePolicy() }),
imageScanningConfiguration: !props.imageScanOnPush ? undefined : {
scanOnPush: true,
},
imageScanningConfiguration: props.imageScanOnPush ? { scanOnPush: true } : { scanOnPush: false },
imageTagMutability: props.imageTagMutability || undefined,
encryptionConfiguration: this.parseEncryption(props),
});
Expand Down
3 changes: 3 additions & 0 deletions packages/@aws-cdk/aws-ecr/test/integ.basic.expected.json
View file
Expand Up @@ -3,6 +3,9 @@
"Repo02AC86CF": {
"Type": "AWS::ECR::Repository",
"Properties": {
"ImageScanningConfiguration": {
"ScanOnPush": false
},
"LifecyclePolicy": {
"LifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"selection\":{\"tagStatus\":\"any\",\"countType\":\"imageCountMoreThan\",\"countNumber\":5},\"action\":{\"type\":\"expire\"}}]}"
}
Expand Down
5 changes: 5 additions & 0 deletions packages/@aws-cdk/aws-ecr/test/repository.test.ts
View file
Expand Up @@ -20,6 +20,11 @@ describe('repository', () => {
Resources: {
Repo02AC86CF: {
Type: 'AWS::ECR::Repository',
Properties: {
ImageScanningConfiguration: {
ScanOnPush: false,
},
},
DeletionPolicy: 'Retain',
UpdateReplacePolicy: 'Retain',
},
Expand Down
9 changes: 8 additions & 1 deletion packages/@aws-cdk/aws-ecs/test/ec2/ec2-task-definition.test.ts
View file
Expand Up @@ -465,6 +465,9 @@ describe('ec2 task definition', () => {

// THEN
Template.fromStack(stack).hasResourceProperties('AWS::ECR::Repository', {
ImageScanningConfiguration: {
ScanOnPush: false,
},
LifecyclePolicy: {
// eslint-disable-next-line max-len
LifecyclePolicyText: '{"rules":[{"rulePriority":10,"selection":{"tagStatus":"tagged","tagPrefixList":["abc"],"countType":"imageCountMoreThan","countNumber":1},"action":{"type":"expire"}}]}',
Expand Down Expand Up @@ -687,7 +690,11 @@ describe('ec2 task definition', () => {
});

// THEN
Template.fromStack(stack).hasResourceProperties('AWS::ECR::Repository', {});
Template.fromStack(stack).hasResourceProperties('AWS::ECR::Repository', {
ImageScanningConfiguration: {
ScanOnPush: false,
},
});


});
Expand Down
9 changes: 8 additions & 1 deletion packages/@aws-cdk/aws-ecs/test/external/external-task-definition.test.ts
View file
Expand Up @@ -356,6 +356,9 @@ describe('external task definition', () => {

// THEN
Template.fromStack(stack).hasResourceProperties('AWS::ECR::Repository', {
ImageScanningConfiguration: {
ScanOnPush: false,
},
LifecyclePolicy: {
// eslint-disable-next-line max-len
LifecyclePolicyText: '{"rules":[{"rulePriority":10,"selection":{"tagStatus":"tagged","tagPrefixList":["abc"],"countType":"imageCountMoreThan","countNumber":1},"action":{"type":"expire"}}]}',
Expand Down Expand Up @@ -587,7 +590,11 @@ describe('external task definition', () => {
});

// THEN
Template.fromStack(stack).hasResourceProperties('AWS::ECR::Repository', {});
Template.fromStack(stack).hasResourceProperties('AWS::ECR::Repository', {
ImageScanningConfiguration: {
ScanOnPush: false,
},
});


});
Expand Down

0 comments on commit 78bc870

Please sign in to comment.