Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add image scanning configuration to image_builder_image resource #34049

Merged
merged 8 commits into from
Oct 23, 2023
Merged

Add image scanning configuration to image_builder_image resource #34049

merged 8 commits into from
Oct 23, 2023

Conversation

DanielRieske
Copy link
Contributor

Description

This PR adds the image_scanning_configuration field to the aws_imagebuilder_image resource and data source.
This field enables Amazon Inspector to identify software vulnerabilities in your container images.

Relations

Closes #33213

References

Output from Acceptance Testing

terraform-provider-aws git:(f/add-image-scanning-configuration-image-builder) make testacc TESTARGS='-run=TestAccImageBuilderImage_containerRecipeARN\|TestAccImageBuilderImage_outputResources_containers\|TestAccImageBuilderImage_imageScanningConfiguration' PKG=imagebuilder
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/imagebuilder/... -v -count 1 -parallel 20  -run=TestAccImageBuilderImage_containerRecipeARN\|TestAccImageBuilderImage_outputResources_containers\|TestAccImageBuilderImage_imageScanningConfiguration -timeout 360m
=== RUN   TestAccImageBuilderImage_containerRecipeARN
=== PAUSE TestAccImageBuilderImage_containerRecipeARN
=== RUN   TestAccImageBuilderImage_imageScanningConfiguration
=== PAUSE TestAccImageBuilderImage_imageScanningConfiguration
=== RUN   TestAccImageBuilderImage_outputResources_containers
=== PAUSE TestAccImageBuilderImage_outputResources_containers
=== CONT  TestAccImageBuilderImage_containerRecipeARN
=== CONT  TestAccImageBuilderImage_outputResources_containers
=== CONT  TestAccImageBuilderImage_imageScanningConfiguration
--- PASS: TestAccImageBuilderImage_containerRecipeARN (507.65s)
--- PASS: TestAccImageBuilderImage_outputResources_containers (509.02s)
--- PASS: TestAccImageBuilderImage_imageScanningConfiguration (632.88s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/imagebuilder       635.010s
terraform-provider-aws git:(f/add-image-scanning-configuration-image-builder) ✗ make testacc TESTS=TestAccImageBuilderImageDataSource_ PKG=imagebuilder
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/imagebuilder/... -v -count 1 -parallel 20 -run='TestAccImageBuilderImageDataSource_'  -timeout 360m
=== RUN   TestAccImageBuilderImageDataSource_ARN_aws
=== PAUSE TestAccImageBuilderImageDataSource_ARN_aws
=== RUN   TestAccImageBuilderImageDataSource_ARN_self
=== PAUSE TestAccImageBuilderImageDataSource_ARN_self
=== RUN   TestAccImageBuilderImageDataSource_ARN_containerRecipe
=== PAUSE TestAccImageBuilderImageDataSource_ARN_containerRecipe
=== CONT  TestAccImageBuilderImageDataSource_ARN_aws
=== CONT  TestAccImageBuilderImageDataSource_ARN_containerRecipe
=== CONT  TestAccImageBuilderImageDataSource_ARN_self
--- PASS: TestAccImageBuilderImageDataSource_ARN_aws (11.55s)
--- PASS: TestAccImageBuilderImageDataSource_ARN_containerRecipe (692.51s)
--- PASS: TestAccImageBuilderImageDataSource_ARN_self (970.25s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/imagebuilder       972.397s

@github-actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/L Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/imagebuilder Issues and PRs that pertain to the imagebuilder service. and removed size/L Managed by automation to categorize the size of a PR. labels Oct 21, 2023
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Oct 21, 2023
@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label Oct 23, 2023
ewbankkit
ewbankkit approved these changes Oct 23, 2023
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccImageBuilderImage_\|TestAccImageBuilderImageDataSource_' PKG=imagebuilder ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/imagebuilder/... -v -count 1 -parallel 2  -run=TestAccImageBuilderImage_\|TestAccImageBuilderImageDataSource_ -timeout 360m
=== RUN   TestAccImageBuilderImageDataSource_ARN_aws
=== PAUSE TestAccImageBuilderImageDataSource_ARN_aws
=== RUN   TestAccImageBuilderImageDataSource_ARN_self
=== PAUSE TestAccImageBuilderImageDataSource_ARN_self
=== RUN   TestAccImageBuilderImageDataSource_ARN_containerRecipe
=== PAUSE TestAccImageBuilderImageDataSource_ARN_containerRecipe
=== RUN   TestAccImageBuilderImage_basic
=== PAUSE TestAccImageBuilderImage_basic
=== RUN   TestAccImageBuilderImage_disappears
=== PAUSE TestAccImageBuilderImage_disappears
=== RUN   TestAccImageBuilderImage_distributionARN
=== PAUSE TestAccImageBuilderImage_distributionARN
=== RUN   TestAccImageBuilderImage_enhancedImageMetadataEnabled
=== PAUSE TestAccImageBuilderImage_enhancedImageMetadataEnabled
=== RUN   TestAccImageBuilderImage_ImageTests_imageTestsEnabled
=== PAUSE TestAccImageBuilderImage_ImageTests_imageTestsEnabled
=== RUN   TestAccImageBuilderImage_ImageTests_timeoutMinutes
=== PAUSE TestAccImageBuilderImage_ImageTests_timeoutMinutes
=== RUN   TestAccImageBuilderImage_tags
=== PAUSE TestAccImageBuilderImage_tags
=== RUN   TestAccImageBuilderImage_containerRecipeARN
=== PAUSE TestAccImageBuilderImage_containerRecipeARN
=== RUN   TestAccImageBuilderImage_imageScanningConfiguration
=== PAUSE TestAccImageBuilderImage_imageScanningConfiguration
=== RUN   TestAccImageBuilderImage_outputResources_containers
=== PAUSE TestAccImageBuilderImage_outputResources_containers
=== CONT  TestAccImageBuilderImageDataSource_ARN_aws
=== CONT  TestAccImageBuilderImage_ImageTests_imageTestsEnabled
--- PASS: TestAccImageBuilderImageDataSource_ARN_aws (24.09s)
=== CONT  TestAccImageBuilderImage_outputResources_containers
--- PASS: TestAccImageBuilderImage_outputResources_containers (552.77s)
=== CONT  TestAccImageBuilderImage_imageScanningConfiguration
    acctest.go:1448: skipping test for aws/us-west-2: Error running apply: exit status 1
        
        Error: creating Image Builder Image: ResourceDependencyException: Resource dependency error: Amazon Inspector is not enabled for 'ecr' resources in account '429228330992'.
        
          with aws_imagebuilder_image.test,
          on terraform_plugin_test.tf line 121, in resource "aws_imagebuilder_image" "test":
         121: resource "aws_imagebuilder_image" "test" {
        
--- SKIP: TestAccImageBuilderImage_imageScanningConfiguration (28.38s)
=== CONT  TestAccImageBuilderImage_containerRecipeARN
--- PASS: TestAccImageBuilderImage_ImageTests_imageTestsEnabled (621.68s)
=== CONT  TestAccImageBuilderImage_tags
--- PASS: TestAccImageBuilderImage_containerRecipeARN (479.99s)
=== CONT  TestAccImageBuilderImage_ImageTests_timeoutMinutes
--- PASS: TestAccImageBuilderImage_tags (1099.39s)
=== CONT  TestAccImageBuilderImage_disappears
--- PASS: TestAccImageBuilderImage_ImageTests_timeoutMinutes (1020.62s)
=== CONT  TestAccImageBuilderImage_enhancedImageMetadataEnabled
--- PASS: TestAccImageBuilderImage_disappears (982.72s)
=== CONT  TestAccImageBuilderImage_distributionARN
--- PASS: TestAccImageBuilderImage_enhancedImageMetadataEnabled (901.10s)
=== CONT  TestAccImageBuilderImageDataSource_ARN_containerRecipe
    acctest.go:1448: skipping test for aws/us-west-2: Error running apply: exit status 1
        
        Error: creating Image Builder Image: ResourceDependencyException: Resource dependency error: Amazon Inspector is not enabled for 'ecr' resources in account '429228330992'.
        
          with aws_imagebuilder_image.test,
          on terraform_plugin_test.tf line 121, in resource "aws_imagebuilder_image" "test":
         121: resource "aws_imagebuilder_image" "test" {
        
--- SKIP: TestAccImageBuilderImageDataSource_ARN_containerRecipe (40.27s)
=== CONT  TestAccImageBuilderImage_basic
--- PASS: TestAccImageBuilderImage_distributionARN (997.44s)
=== CONT  TestAccImageBuilderImageDataSource_ARN_self
--- PASS: TestAccImageBuilderImage_basic (1106.46s)
--- PASS: TestAccImageBuilderImageDataSource_ARN_self (837.91s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/imagebuilder	4544.701s

After enabling Amazon Inspector:

% make testacc TESTARGS='-run=TestAccImageBuilderImage_imageScanningConfiguration' PKG=imagebuilder ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/imagebuilder/... -v -count 1 -parallel 2  -run=TestAccImageBuilderImage_imageScanningConfiguration -timeout 360m
=== RUN   TestAccImageBuilderImage_imageScanningConfiguration
=== PAUSE TestAccImageBuilderImage_imageScanningConfiguration
=== CONT  TestAccImageBuilderImage_imageScanningConfiguration
--- PASS: TestAccImageBuilderImage_imageScanningConfiguration (819.35s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/imagebuilder	824.658s

@ewbankkit ewbankkit merged commit d01d855 into hashicorp:main Oct 23, 2023
41 checks passed
@github-actions github-actions bot added this to the v5.23.0 milestone Oct 23, 2023
@github-actions
Copy link

This functionality has been released in v5.23.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions GitHub Actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 26, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. service/imagebuilder Issues and PRs that pertain to the imagebuilder service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.23.0
Development

Successfully merging this pull request may close these issues.

[Enhancement]: aws_imagebuilder_image
2 participants
@DanielRieske @ewbankkit