ecr

README.md

@@ -63,6 +63,13 @@ ECR Opertaion for setting lifecycle policy to untagged repositories
 awsctl set ecrregistrypolicy -r eu-west-2 --retention 7
 ```
 
+ECR Repository configuration to scanOnPush repository for vulnerabilities
+
+```bash
+awsctl set ecrscanonpush --region eu-west-1 --scan true  --yes
+awsctl set ecrscanonpush --region all --scan true  --yes
+```
+
 For any missing action please open an issue for a feature request.
 
 ### Contributing

cmd/awsctl/cmd/set.go

@@ -26,7 +26,7 @@ var setCmd = &cobra.Command{
 func init() {
 	rootCmd.AddCommand(setCmd)
 	setCmd.AddCommand(cmdCloudwatch)
-	setCmd.AddCommand(setEcrRegistryPolicy)
+	setCmd.AddCommand(setEcrRegistryPolicyCmd)
 	setCmd.AddCommand(setEcrScanOnPushcmd)
 	setCmd.PersistentFlags().BoolP("yes", "y", false, "Specify --yes to execute")
 	setCmd.PersistentFlags().Int("retention", 14, "Retention in days")

cmd/awsctl/cmd/set_ecr_registry_policy.go

@@ -9,7 +9,7 @@ import (
 	"github.com/spf13/cobra"
 )
 
-var setEcrRegistryPolicy = &cobra.Command{
+var setEcrRegistryPolicyCmd = &cobra.Command{
 	Use:   "ecrregistrypolicy",
 	Short: "Set ECR Registry policy to untagged images",
 	Run: func(cmd *cobra.Command, args []string) {

pkg/helper/ecr.go

@@ -103,3 +103,21 @@ func SetEcrRepoImageScanOnPush(repositoryName string, region string, scanOnPush
 		log.Printf("scanOnPush for repository %v was set to %v", repositoryName, scanOnPush)
 	}
 }
+
+// EcrDeleteOldImageBuildsAndKeep delete old images and keep only n last images
+func EcrDeleteOldImageBuildsAndKeep(repositoryName string, region string, imagesToKeep int) {
+	awsSession, _ := InitAwsSession(region)
+	svc := ecr.New(awsSession)
+	input := &ecr.ListImagesInput{
+		RepositoryName: aws.String(repositoryName),
+	}
+	images, err := svc.ListImages(input)
+	if err != nil {
+		log.Printf("Error: %v", err)
+		return
+	}
+	// for _, i := range images {
+	// 	fmt.Println(i)
+	// }
+	fmt.Println(images)
+}