From 7de5bdacfe58433883448d24bff9f31ba2e17dc7 Mon Sep 17 00:00:00 2001 From: bbernays Date: Tue, 21 Jun 2022 04:14:16 -0500 Subject: [PATCH] fix(deps): Upgrade AWS ECR SDK (#1079) --- client/client.go | 2 +- docs/tables/aws_ecr_repositories.md | 12 ++-- docs/tables/aws_ecr_repository_images.md | 7 +- go.mod | 8 +-- go.sum | 13 ++-- resources/provider/provider.go | 2 +- resources/services/ecr/repositories.go | 38 +++++----- resources/services/ecr/repositories.hcl | 72 +++++++++++++++++++ .../services/ecr/repositories_mock_test.go | 2 +- 9 files changed, 119 insertions(+), 37 deletions(-) create mode 100644 resources/services/ecr/repositories.hcl diff --git a/client/client.go b/client/client.go index a4dede4d6..24c400088 100644 --- a/client/client.go +++ b/client/client.go @@ -450,7 +450,7 @@ func configureAwsClient(ctx context.Context, logger hclog.Logger, awsConfig *Con err, diag.USER, diag.WithSummary("No credentials available"), - diag.WithDetails("Coundn't find any credentials in environment variables or configuration files."), + diag.WithDetails("Couldn't find any credentials in environment variables or configuration files."), ) } diff --git a/docs/tables/aws_ecr_repositories.md b/docs/tables/aws_ecr_repositories.md index 5bf7f3371..be43acf63 100644 --- a/docs/tables/aws_ecr_repositories.md +++ b/docs/tables/aws_ecr_repositories.md @@ -7,11 +7,11 @@ An object representing a repository. |account_id|text|The AWS Account ID of the resource.| |region|text|The AWS Region of the resource.| |created_at|timestamp without time zone|The date and time, in JavaScript date format, when the repository was created.| -|encryption_configuration_encryption_type|text|The encryption type to use.| -|encryption_configuration_kms_key|text|If you use the KMS encryption type, specify the CMK to use for encryption.| -|image_scanning_configuration_scan_on_push|boolean|The setting that determines whether images are scanned after being pushed to a repository.| +|encryption_configuration_encryption_type|text|The encryption type to use| +|encryption_configuration_kms_key|text|If you use the KMS encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified| +|image_scanning_configuration_scan_on_push|boolean|The setting that determines whether images are scanned after being pushed to a repository| |image_tag_mutability|text|The tag mutability setting for the repository.| -|registry_id|text|The AWS account ID associated with the registry that contains the repository.| -|arn|text|The Amazon Resource Name (ARN) that identifies the repository.| +|registry_id|text|The Amazon Web Services account ID associated with the registry that contains the repository.| +|arn|text|The Amazon Resource Name (ARN) that identifies the repository| |name|text|The name of the repository.| -|uri|text|The URI for the repository.| +|uri|text|The URI for the repository| diff --git a/docs/tables/aws_ecr_repository_images.md b/docs/tables/aws_ecr_repository_images.md index 76213dc27..130f9501a 100644 --- a/docs/tables/aws_ecr_repository_images.md +++ b/docs/tables/aws_ecr_repository_images.md @@ -6,7 +6,7 @@ An object that describes an image returned by a DescribeImages operation. | ------------- | ------------- | ----- | |repository_cq_id|uuid|Unique CloudQuery ID of aws_ecr_repositories table (FK)| |account_id|text|The AWS Account ID of the resource.| -|region|text|| +|region|text|The AWS Region of the resource.| |artifact_media_type|text|The artifact media type of the image.| |image_digest|text|The sha256 digest of the image manifest.| |image_manifest_media_type|text|The media type of the image manifest.| @@ -16,7 +16,8 @@ An object that describes an image returned by a DescribeImages operation. |image_scan_findings_summary_vulnerability_source_updated_at|timestamp without time zone|The time when the vulnerability data was last scanned.| |image_scan_status_description|text|The description of the image scan status.| |image_scan_status|text|The current state of an image scan.| -|image_size_in_bytes|bigint|The size, in bytes, of the image in the repository.| +|image_size_in_bytes|bigint|The size, in bytes, of the image in the repository| |image_tags|text[]|The list of tags associated with this image.| -|registry_id|text|The AWS account ID associated with the registry to which this image belongs.| +|last_recorded_pull_time|timestamp without time zone|The date and time, expressed in standard JavaScript date format, when Amazon ECR recorded the last image pull| +|registry_id|text|The Amazon Web Services account ID associated with the registry to which this image belongs.| |repository_name|text|The name of the repository to which this image belongs.| diff --git a/go.mod b/go.mod index 4c1c8e17a..f9c3451bc 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/cloudquery/cq-provider-aws go 1.17 require ( - github.com/aws/aws-sdk-go-v2 v1.16.3 + github.com/aws/aws-sdk-go-v2 v1.16.5 github.com/aws/aws-sdk-go-v2/config v1.3.0 github.com/aws/aws-sdk-go-v2/credentials v1.2.1 github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.2.1 @@ -28,7 +28,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/directconnect v1.4.1 github.com/aws/aws-sdk-go-v2/service/dynamodb v1.10.0 github.com/aws/aws-sdk-go-v2/service/ec2 v1.32.1 - github.com/aws/aws-sdk-go-v2/service/ecr v1.2.0 + github.com/aws/aws-sdk-go-v2/service/ecr v1.17.6 github.com/aws/aws-sdk-go-v2/service/ecs v1.18.1 github.com/aws/aws-sdk-go-v2/service/efs v1.2.0 github.com/aws/aws-sdk-go-v2/service/eks v1.2.1 @@ -95,8 +95,8 @@ require ( github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.0.0 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.1.1 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.10 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.4 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.12 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.6 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.0.0 // indirect github.com/aws/aws-sdk-go-v2/service/athena v1.15.1 github.com/aws/aws-sdk-go-v2/service/backup v1.15.4 diff --git a/go.sum b/go.sum index bd3bec714..a752a028b 100644 --- a/go.sum +++ b/go.sum @@ -134,8 +134,9 @@ github.com/aws/aws-sdk-go-v2 v1.12.0/go.mod h1:tWhQI5N5SiMawto3uMAQJU5OUN/1ivhDD github.com/aws/aws-sdk-go-v2 v1.15.0/go.mod h1:lJYcuZZEHWNIb6ugJjbQY1fykdoobWbOS7kJYb4APoI= github.com/aws/aws-sdk-go-v2 v1.16.0/go.mod h1:lJYcuZZEHWNIb6ugJjbQY1fykdoobWbOS7kJYb4APoI= github.com/aws/aws-sdk-go-v2 v1.16.2/go.mod h1:ytwTPBG6fXTZLxxeeCCWj2/EMYp/xDUgX+OET6TLNNU= -github.com/aws/aws-sdk-go-v2 v1.16.3 h1:0W1TSJ7O6OzwuEvIXAtJGvOeQ0SGAhcpxPN2/NK5EhM= github.com/aws/aws-sdk-go-v2 v1.16.3/go.mod h1:ytwTPBG6fXTZLxxeeCCWj2/EMYp/xDUgX+OET6TLNNU= +github.com/aws/aws-sdk-go-v2 v1.16.5 h1:Ah9h1TZD9E2S1LzHpViBO3Jz9FPL5+rmflmb8hXirtI= +github.com/aws/aws-sdk-go-v2 v1.16.5/go.mod h1:Wh7MEsmEApyL5hrWzpDkba4gwAPc5/piwLVLFnCxp48= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.0.0 h1:yVUAwvJC/0WNPbyl0nA3j1L6CW1CN8wBubCRqtG7JLI= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.0.0/go.mod h1:Xn6sxgRuIDflLRJFj5Ev7UxABIkNbccFPV/p8itDReM= github.com/aws/aws-sdk-go-v2/config v1.1.5/go.mod h1:P3F1hku7qzC81txjwXnwOM6Ex6ezkU6+/557Teyb64E= @@ -157,8 +158,9 @@ github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.3/go.mod h1:L72JSFj9OwH github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.6/go.mod h1:SSPEdf9spsFgJyhjrXvawfpyzrXHBCUe+2eQ1CjC1Ak= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.7/go.mod h1:oB9nZcxH1cGq7NPGurVJwxrO2vmJ9mmEBayCwcAlmT8= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.9/go.mod h1:AnVH5pvai0pAF4lXRq0bmhbes1u9R8wTE+g+183bZNM= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.10 h1:uFWgo6mGJI1n17nbcvSc6fxVuR3xLNqvXt12JCnEcT8= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.10/go.mod h1:F+EZtuIwjlv35kRJPyBGcsA4f7bnSoz15zOQ2lJq1Z4= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.12 h1:Zt7DDk5V7SyQULUUwIKzsROtVzp/kVvcz15uQx/Tkow= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.12/go.mod h1:Afj/U8svX6sJ77Q+FPWMzabJ9QjbwP32YlopgKALUpg= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.0.0/go.mod h1:anlUzBoEWglcUxUQwZA7HQOEVEnQALVZsizAapB2hq8= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.0.1/go.mod h1:1xvCD+I5BcDuQUc+psZr7LI1a9pclAWZs3S3Gce5+lg= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.0.2/go.mod h1:xT4XX6w5Sa3dhg50JrYyy3e4WPYo/+WjY/BXtqXVunU= @@ -166,8 +168,9 @@ github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.1.0/go.mod h1:KdVvdk4gb7ia github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.0/go.mod h1:viTrxhAuejD+LszDahzAE2x40YjYWhMqzHxv2ZiWaME= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.1/go.mod h1:K4vz7lRYCyLYpYAMCLObODahFgARdD3YVa0MvQte9Co= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.3/go.mod h1:ssOhaLpRlh88H3UmEcsBoVKq309quMvm3Ds8e9d4eJM= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.4 h1:cnsvEKSoHN4oAN7spMMr0zhEW2MHnhAVpmqQg8E6UcM= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.4/go.mod h1:8glyUqVIM4AmeenIsPo0oVh3+NUwnsQml2OFupfQW+0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.6 h1:eeXdGVtXEe+2Jc49+/vAzna3FAQnUD4AagAw8tzbmfc= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.6/go.mod h1:FwpAKI+FBPIELJIdmQzlLtRe8LQSOreMcM2wBsPMvvc= github.com/aws/aws-sdk-go-v2/internal/ini v1.0.0 h1:k7I9E6tyVWBo7H9ffpnxDWudtjau6Qt9rnOYgV+ciEQ= github.com/aws/aws-sdk-go-v2/internal/ini v1.0.0/go.mod h1:g3XMXuxvqSMUjnsXXp/960152w0wFS4CXVYgQaSVOHE= github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.15.0 h1:9LuS2eGhHVsScUw2y1zMoRHQd+NU/oUmJROrrvKTwCc= @@ -216,8 +219,8 @@ github.com/aws/aws-sdk-go-v2/service/dynamodb v1.10.0 h1:jzvWaPf99rIjqEBxh9uGKxt github.com/aws/aws-sdk-go-v2/service/dynamodb v1.10.0/go.mod h1:ELltfl9ri0n4sZ/VjPZBgemNMd9mYIpCAuZhc7NP7l4= github.com/aws/aws-sdk-go-v2/service/ec2 v1.32.1 h1:vSq2JEkmyk2IF5XKc9+nmnm1/ou0K08bJNhIa+2t/PE= github.com/aws/aws-sdk-go-v2/service/ec2 v1.32.1/go.mod h1:4j+WaEPuilaaff4hE2yZ+HRlWL9dTJW+cO9iuCnn1NI= -github.com/aws/aws-sdk-go-v2/service/ecr v1.2.0 h1:6ExOoVgntAVuVARounLgbXnMLWjy0l5iXf/wAu90NgI= -github.com/aws/aws-sdk-go-v2/service/ecr v1.2.0/go.mod h1:fxAA3GE+slgrsFyA3bsN0lknZ+egpPdvu7GosNGoVT4= +github.com/aws/aws-sdk-go-v2/service/ecr v1.17.6 h1:R9FxvsuknGAoKDJ1YRKwbgkTbedZZ++R7BwscG/6vRk= +github.com/aws/aws-sdk-go-v2/service/ecr v1.17.6/go.mod h1:+eCLloB5OdOr47npoEKlHGphSa72k44lXebO8I9LpKk= github.com/aws/aws-sdk-go-v2/service/ecs v1.18.1 h1:MZKnNbcKEoHIhGEcsybTjc7yNsKlZr5Fyu3XjVS1/ug= github.com/aws/aws-sdk-go-v2/service/ecs v1.18.1/go.mod h1:IMFY+VG/R/8MXaShcrlq7M8gfySqc7IIQTUWxJEw/FQ= github.com/aws/aws-sdk-go-v2/service/efs v1.2.0 h1:PCLM4aShavpVcyXqUoUsQpMJ+Z/PLOFjQuV3NKxitmg= diff --git a/resources/provider/provider.go b/resources/provider/provider.go index c2a70fa60..96b3cce0d 100644 --- a/resources/provider/provider.go +++ b/resources/provider/provider.go @@ -149,7 +149,7 @@ func Provider() *provider.Provider { "ec2.vpc_peering_connections": ec2.Ec2VpcPeeringConnections(), "ec2.vpcs": ec2.Ec2Vpcs(), "ec2.vpn_gateways": ec2.Ec2VpnGateways(), - "ecr.repositories": ecr.EcrRepositories(), + "ecr.repositories": ecr.Repositories(), "ecs.clusters": ecs.Clusters(), "ecs.task_definitions": ecs.EcsTaskDefinitions(), "efs.filesystems": efs.EfsFilesystems(), diff --git a/resources/services/ecr/repositories.go b/resources/services/ecr/repositories.go index a1a2a1bb0..2c8fbe7f0 100644 --- a/resources/services/ecr/repositories.go +++ b/resources/services/ecr/repositories.go @@ -11,7 +11,7 @@ import ( "github.com/cloudquery/cq-provider-sdk/provider/schema" ) -func EcrRepositories() *schema.Table { +func Repositories() *schema.Table { return &schema.Table{ Name: "aws_ecr_repositories", Description: "An object representing a repository.", @@ -41,19 +41,19 @@ func EcrRepositories() *schema.Table { }, { Name: "encryption_configuration_encryption_type", - Description: "The encryption type to use.", + Description: "The encryption type to use", Type: schema.TypeString, Resolver: schema.PathResolver("EncryptionConfiguration.EncryptionType"), }, { Name: "encryption_configuration_kms_key", - Description: "If you use the KMS encryption type, specify the CMK to use for encryption.", + Description: "If you use the KMS encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified", Type: schema.TypeString, Resolver: schema.PathResolver("EncryptionConfiguration.KmsKey"), }, { Name: "image_scanning_configuration_scan_on_push", - Description: "The setting that determines whether images are scanned after being pushed to a repository.", + Description: "The setting that determines whether images are scanned after being pushed to a repository", Type: schema.TypeBool, Resolver: schema.PathResolver("ImageScanningConfiguration.ScanOnPush"), }, @@ -64,12 +64,12 @@ func EcrRepositories() *schema.Table { }, { Name: "registry_id", - Description: "The AWS account ID associated with the registry that contains the repository.", + Description: "The Amazon Web Services account ID associated with the registry that contains the repository.", Type: schema.TypeString, }, { Name: "arn", - Description: "The Amazon Resource Name (ARN) that identifies the repository.", + Description: "The Amazon Resource Name (ARN) that identifies the repository", Type: schema.TypeString, Resolver: schema.PathResolver("RepositoryArn"), }, @@ -81,17 +81,16 @@ func EcrRepositories() *schema.Table { }, { Name: "uri", - Description: "The URI for the repository.", + Description: "The URI for the repository", Type: schema.TypeString, Resolver: schema.PathResolver("RepositoryUri"), }, }, Relations: []*schema.Table{ { - Name: "aws_ecr_repository_images", - Description: "An object that describes an image returned by a DescribeImages operation.", - Resolver: fetchEcrRepositoryImages, - IgnoreInTests: true, + Name: "aws_ecr_repository_images", + Description: "An object that describes an image returned by a DescribeImages operation.", + Resolver: fetchEcrRepositoryImages, Columns: []schema.Column{ { Name: "repository_cq_id", @@ -106,9 +105,10 @@ func EcrRepositories() *schema.Table { Resolver: client.ResolveAWSAccount, }, { - Name: "region", - Type: schema.TypeString, - Resolver: client.ResolveAWSRegion, + Name: "region", + Description: "The AWS Region of the resource.", + Type: schema.TypeString, + Resolver: client.ResolveAWSRegion, }, { Name: "artifact_media_type", @@ -162,7 +162,7 @@ func EcrRepositories() *schema.Table { }, { Name: "image_size_in_bytes", - Description: "The size, in bytes, of the image in the repository.", + Description: "The size, in bytes, of the image in the repository", Type: schema.TypeBigInt, }, { @@ -170,9 +170,14 @@ func EcrRepositories() *schema.Table { Description: "The list of tags associated with this image.", Type: schema.TypeStringArray, }, + { + Name: "last_recorded_pull_time", + Description: "The date and time, expressed in standard JavaScript date format, when Amazon ECR recorded the last image pull", + Type: schema.TypeTimestamp, + }, { Name: "registry_id", - Description: "The AWS account ID associated with the registry to which this image belongs.", + Description: "The Amazon Web Services account ID associated with the registry to which this image belongs.", Type: schema.TypeString, }, { @@ -189,6 +194,7 @@ func EcrRepositories() *schema.Table { // ==================================================================================================================== // Table Resolver Functions // ==================================================================================================================== + func fetchEcrRepositories(ctx context.Context, meta schema.ClientMeta, parent *schema.Resource, res chan<- interface{}) error { maxResults := int32(1000) config := ecr.DescribeRepositoriesInput{ diff --git a/resources/services/ecr/repositories.hcl b/resources/services/ecr/repositories.hcl new file mode 100644 index 000000000..bf69b7267 --- /dev/null +++ b/resources/services/ecr/repositories.hcl @@ -0,0 +1,72 @@ +service = "aws" + +output_directory = "." + +resource "aws" "ecr" "repositories" { + multiplex "AwsAccountRegion" { + path = "github.com/cloudquery/cq-provider-aws/client.ServiceAccountRegionMultiplexer" + params = ["api.ecr"] + } + + + path = "github.com/aws/aws-sdk-go-v2/service/ecr/types.Repository" + ignoreError "IgnoreCommonErrors" { + path = "github.com/cloudquery/cq-provider-aws/client.IgnoreCommonErrors" + } + deleteFilter "AccountRegionFilter" { + path = "github.com/cloudquery/cq-provider-aws/client.DeleteAccountRegionFilter" + } + + options { + primary_keys = ["account_id", "arn"] + } + + column "repository_arn" { + rename = "arn" + } + column "repository_name" { + rename = "name" + } + + column "repository_uri" { + rename = "uri" + } + + + userDefinedColumn "account_id" { + description = "The AWS Account ID of the resource." + type = "string" + resolver "resolveAWSAccount" { + path = "github.com/cloudquery/cq-provider-aws/client.ResolveAWSAccount" + } + } + userDefinedColumn "region" { + description = "The AWS Region of the resource." + type = "string" + resolver "resolveAWSRegion" { + path = "github.com/cloudquery/cq-provider-aws/client.ResolveAWSRegion" + } + } + + + user_relation "aws" "ecr" "images" { + path = "github.com/aws/aws-sdk-go-v2/service/ecr/types.ImageDetail" + userDefinedColumn "account_id" { + description = "The AWS Account ID of the resource." + type = "string" + resolver "resolveAWSAccount" { + path = "github.com/cloudquery/cq-provider-aws/client.ResolveAWSAccount" + } + } + userDefinedColumn "region" { + description = "The AWS Region of the resource." + type = "string" + resolver "resolveAWSRegion" { + path = "github.com/cloudquery/cq-provider-aws/client.ResolveAWSRegion" + } + } + // user_relation "aws" "ecr" "image_scan_findings" { + // path = "github.com/aws/aws-sdk-go-v2/service/ecr/types.ImageScanFindings" + // } + } +} \ No newline at end of file diff --git a/resources/services/ecr/repositories_mock_test.go b/resources/services/ecr/repositories_mock_test.go index 2f3129a29..0a0d2e6c6 100644 --- a/resources/services/ecr/repositories_mock_test.go +++ b/resources/services/ecr/repositories_mock_test.go @@ -39,5 +39,5 @@ func buildEcrRepositoriesMock(t *testing.T, ctrl *gomock.Controller) client.Serv } func TestEcrRepositories(t *testing.T) { - client.AwsMockTestHelper(t, EcrRepositories(), buildEcrRepositoriesMock, client.TestOptions{}) + client.AwsMockTestHelper(t, Repositories(), buildEcrRepositoriesMock, client.TestOptions{}) }