Skip to content

v1.5.0 Multi-platform image support (a.k.a. multi-architecture)
Compare
Choose a tag to compare
@github-actions github-actions released this 26 Mar 06:10
· 92 commits to main since this release
v1.5.0
e98e0b5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Headline changes

The plugin now supports multi-platform (multi-architecture) images. These are manifest list images that point to multiple other images, one for each target platform.

Since ECR only reports vulnerability scan results for each of the platform-specific images, the plugin now downloads the manifest list and uses the set of digests to retrieve the scan results for each target platform. The results are then merged and presented in a unified UI.

Important

While this release is created as a minor version update, there are changes that may affect some users.

Downloading manifest list images requires that the plugin has pull access to the target repository. See the permissions section of the README for details of the required IAM permissions.

image

What's Changed

  • chore(deps): update ecr-scan-results-buildkite-plugin to v1.4.0 [CSRE-3451] by @fleet-updates-culture-amp-sre in #29
  • feat: upgrade to Go 1.22 by @jamestelfer in #35
  • fix: small QOL changes by @jamestelfer in #32
  • ci: update to latest versions of actions in use by @jamestelfer in #34
  • feat: limited multi-platform (architecture) image support by @jamestelfer in #33
  • ci: coverage checking in tests by @jamestelfer in #36
  • feat: multi-arch image support by @jamestelfer in #30

Full Changelog: v1.4.0...v1.5.0

Contributors

jamestelfer
Assets 10
Loading