Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws-ecr to support onImageScanCompleted() #4818

Closed
1 task
pahud opened this issue Nov 2, 2019 · 4 comments · Fixed by #4819
Closed
1 task

aws-ecr to support onImageScanCompleted() #4818

pahud opened this issue Nov 2, 2019 · 4 comments · Fixed by #4819
Labels
feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged.

Comments

@pahud
Copy link
Contributor

pahud commented Nov 2, 2019

Amazon ECR has announced the image scanning support and aws-ecr should add onImageScanCompleted() to trigger the event target from cloudwatch events.

Use Case

To build a pipeline on image push, scanning on push and notification on scan completed.

More details and demos here:

https://twitter.com/pahudnet/status/1189556289312935937
and
https://twitter.com/pahudnet/status/1189723775937343488

Proposed Solution

Add onImagePushCompleted in RepositoryBase.

Other

  • [v] 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change

This is a 🚀 Feature Request
@pahud pahud added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Nov 2, 2019
@pahud pahud mentioned this issue Nov 2, 2019
Merged
@mergify mergify bot closed this as completed in #4819 Nov 4, 2019
mergify bot pushed a commit that referenced this issue Nov 4, 2019
@pahud @mergify
feat(aws-ecr): add onImageScanCompleted() support (#4819)
5bdd9bb 
* feat(aws-ecr): add onImageScanCompleted() support(fix #4818)

* fix detail validation in the eventPattern payload.

* fix awslint errors

* - minor update the repository.ts w/o touching the rule.ts
@cmckni3
Copy link
Contributor

cmckni3 commented Nov 12, 2019

Does adding the onImageScanCompleted event to a repository enable scan on push?

@pahud
Copy link
Contributor Author

pahud commented Nov 12, 2019

@cmckni3 Unfortunately, no. Because cloudformation doesn't support it now. At this moment you need to manually enable it after repository creation and all scan completed events will be captured. I am thinking maybe we can create a ecr.enableScanOnPush() with custom-resource implementation then we don't need to wait for the cloudformation native support.

@cmckni3
Copy link
Contributor

cmckni3 commented Nov 12, 2019

That would be awesome.

I enabled scan on push via the console.

Thanks!

@cmckni3
Copy link
Contributor

cmckni3 commented Feb 26, 2020

sweet, I ended up using a custom resource.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(aws-ecr): add onImageScanCompleted() support
2 participants
@pahud @cmckni3