You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The plugin Amazon ECR Scan on Push is using ECR:describe-repositories.imageScanningConfiguration.scanOnPush to determine if Scan on Push is enabled in a repository. Nevertheless, repository level scan on push setting was deprecated in favor of Registry level scan on push filters.
'imageScanningConfiguration.scanOnPush' shouldn`t be used anymore to test if scan on push is enabled. Although at the repository level scanOnPush = False, at the registry level scanning might enabled and including repositories due to the values in the filters.
A new logic should be built based on the scan filters at the registry level.
'batch-get-repository-scanning-configuration.appliedScanFilters' would return the filters applied. One possible test is to verify if a wildcard "*" is used, which would include all repositories in the registry. Another logic would be applying the filter to the repository names to determine the ones excluded.
The text was updated successfully, but these errors were encountered:
The plugin Amazon ECR Scan on Push is using ECR:describe-repositories.imageScanningConfiguration.scanOnPush to determine if Scan on Push is enabled in a repository. Nevertheless, repository level scan on push setting was deprecated in favor of Registry level scan on push filters.
'imageScanningConfiguration.scanOnPush' shouldn`t be used anymore to test if scan on push is enabled. Although at the repository level scanOnPush = False, at the registry level scanning might enabled and including repositories due to the values in the filters.
A new logic should be built based on the scan filters at the registry level.
'batch-get-repository-scanning-configuration.appliedScanFilters' would return the filters applied. One possible test is to verify if a wildcard "*" is used, which would include all repositories in the registry. Another logic would be applying the filter to the repository names to determine the ones excluded.
The text was updated successfully, but these errors were encountered: