Skip to content

Releases: cloudposse-terraform-components/aws-ecr

v3.0.0

20 Nov 19:36
@cloudposse-releaser cloudposse-releaser
v3.0.0
07e1ca1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v3.0.0 Latest
Latest
Update module sources and add ECR registry policy @goruha (#63) ## what * Used `account_map` module from git * Added ECR registry policy to allow principals to use docker pull through cache * Support `account-map` disabled pattern

why

  • Migrate to atmos auth strategy
  • Fix ECR pull-through cache.

Summary by CodeRabbit

  • New Features

    • Added account map configuration (enable flag, account map object, tenant/environment/stage inputs) for account-aware controls.
    • Added ECR registry policy management with computed policies and dynamic principals based on caller identity and account map settings.

  • Chores

    • Switched module sources from local paths to remote GitHub modules; added module-level controls for account map propagation.

✏️ Tip: You can customize this high-level summary in your review settings.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#64) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#62) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.45.0.
Commits
  • 4e0068c go.mod: update golang.org/x dependencies
  • e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
  • f91f7a7 ssh/agent: prevent panic on malformed constraint
  • 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
  • bcf6a84 acme: pass context to request
  • b4f2b62 ssh: fix error message on unsupported cipher
  • 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
  • 122a78f go.mod: update golang.org/x dependencies
  • c0531f9 all: eliminate vet diagnostics
  • 0997000 all: fix some comments
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.
chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.44.0 @[renovate[bot]](https://github.com/apps/renovate) (#61) This PR contains the following updates:
Package Type Update Change
terraform-linters/tflint-ruleset-aws plugin minor 0.43.0 -> 0.44.0

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.44.0

Compare Source

What's Changed

Support for Cosign signatures has been removed from this release. The checksums.txt.keyless.sig and checksums.txt.pem will not be included in the release.
These files are not used in normal use cases, so in most cases this will not affect you, but if you are affected, you can use Artifact Attestations instead.

Breaking Changes
  • Bump github.com/terraform-linters/tflint-plugin-sdk from 0.22.0 to 0.23.1 by @​dependabot[bot] in #​966
    • Requires TFLint v0.46+
Enhancements
Chores
Read more

Contributors

goruha
Assets 2
Loading

v2.1.0

30 Sep 16:44
@cloudposse-releaser cloudposse-releaser
v2.1.0
6064bc0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.1.0
Fix readme @goruha (#60) ## what * Fix readme

Summary by CodeRabbit

  • Documentation
    • Expanded Usage guidance with a detailed YAML example for configuring the ECR component, including variables, lifecycle policy, image scanning, tag mutability, exclusions, images list, and read/write role mappings.
    • Improved readability with formatting tweaks, additional spacing, and clearer inline examples.
    • Streamlined structure by consolidating Usage headings and aligning details sections for consistency.
    • Reintroduced and clarified the Usage section where applicable to ensure examples are easy to find and follow.

Contributors

goruha
Loading

v2.0.0

25 Sep 22:03
@cloudposse-releaser cloudposse-releaser
v2.0.0
ed724b9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.0.0
`feature` ECR tag immutability exclusion support @Benbentwo (#57) This pull request introduces support for advanced ECR image tag mutability options, specifically allowing certain tags to remain mutable while others are immutable. It also updates dependencies to ensure compatibility with these new features, and adds comprehensive documentation and tests to demonstrate usage.

ECR image tag mutability enhancements:

  • Added support for new tag mutability modes (IMMUTABLE_WITH_EXCLUSION, MUTABLE_WITH_EXCLUSION) and a new image_tag_mutability_exclusion_filter variable, allowing specific tags (e.g., latest, dev-) to be excluded from immutability. This is reflected in README.md, README.yaml, src/variables.tf, and src/main.tf. [1] [2] [3] [4]
  • Updated documentation to describe new mutability options and the exclusion filter, including usage examples and variable descriptions. [1] [2] [3] [4]

Dependency updates:

  • Upgraded the AWS provider requirement to >= 6.8.0, < 7.0.0 and the cloudposse/ecr/aws module to version 1.0.0 to support the new ECR features. [1] [2] [3]

Testing and validation:

  • Added a new test case TestImmutabilityExclusions in component_test.go to verify the correct application of the new mutability modes and exclusion filters.
  • Introduced a new test fixture stack immutability-exclusions.yaml and registered it in the test suite to demonstrate and validate the new functionality. [1] [2]

Summary by CodeRabbit

  • New Features

    • Added support for ECR image tag mutability exclusions, allowing specified tags (e.g., latest, dev-) to remain mutable.

  • Documentation

    • Updated usage examples and inputs to include new mutability options and exclusion filter configuration.

  • Chores

    • Upgraded AWS provider compatibility to >=6.8.0, <7.0.0.
    • Bumped ECR module dependency to 1.0.0.

  • Tests

    • Added coverage for immutability with exclusions, including new test fixtures and scenarios.

🚀 Enhancements

chore(deps): bump github.com/ulikunitz/xz from 0.5.11 to 0.5.14 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#51) Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.14.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#58) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#56) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.43.0 @[renovate[bot]](https://github.com/apps/renovate) (#54) Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more [here](https://redirect.github.com/renovatebot/renovate/discussions/37842).

This PR contains the following updates:

Package Type Update Change
terraform-linters/tflint-ruleset-aws plugin minor 0.42.0 -> 0.43.0

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.43.0

Compare Source

What's Changed

Breaking Changes
Enhancements
Chores
Read more

Contributors

goruha and Benbentwo
Loading

v1.538.4

25 Jul 22:57
@cloudposse-releaser cloudposse-releaser
v1.538.4
3a93d73
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.538.4
Update Submodule and support `custom_lifcycle_rules` @Benbentwo (#44) This pull request updates the `ecr` module version and introduces support for custom lifecycle rules in the Terraform configuration. The most important changes include enhancements to lifecycle policy customization and validation logic for the new variable.

Module Updates:

  • src/main.tf: Updated the ecr module version from 0.42.2 to 0.43.0 to incorporate new features and improvements.

Lifecycle Policy Customization:

  • src/main.tf: Added support for custom_lifecycle_rules in the ecr module, enabling users to define custom rules for managing ECR image lifecycle.
  • src/variables.tf: Introduced a new variable custom_lifecycle_rules, allowing detailed configuration of lifecycle rules, including validation to ensure proper rule definitions.

Summary by CodeRabbit

  • New Features

    • Added support for custom lifecycle rules for image repositories, allowing more flexible management of image retention policies.
    • Introduced a setting to specify the number of image versions to retain for protected tags.
    • Enabled default lifecycle rule settings for untagged images and removal of old images.

  • Chores

    • Updated the ECR Terraform module to version 0.44.0.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#47) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Contributors

Benbentwo
Loading

v1.538.3

25 Jul 21:47
@cloudposse-releaser cloudposse-releaser
v1.538.3
cf1d674
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.538.3

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#46) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update terraform cloudposse/ecr/aws to v0.44.0 @[renovate[bot]](https://github.com/apps/renovate) (#45) This PR contains the following updates:
Package Type Update Change
cloudposse/ecr/aws (source) module minor 0.42.2 -> 0.44.0

Release Notes

cloudposse/terraform-aws-ecr (cloudposse/ecr/aws)

v0.44.0

Support disabling default rules @​Benbentwo (#​149)

what

Adds a variable with defaults to allow disabling the default rules.

why

As part of #​146 we added custom lifecycle policies. Now there's a problem where our default rules conflict or are forced at certain points in certain orders relative to our custom lifecycle policies. We want to be able to disable them if they don't meet our needs.

references

#​146

e.g.

        default_lifecycle_rules_settings:
          untagged_image_rule:
            enabled: false
          remove_old_image_rule:
            enabled: false

        custom_lifecycle_rules: 
          - selection: 
              tagStatus: "tagged"
              countType: "imageCountMoreThan"
              countNumber: 1000
              tagPrefixList: ["prod-"]
            description: "Expire images older than 1000 for all tags starting with prod-"
            action: 
              type: "expire"
          - selection: 
              tagStatus: "tagged"
              countType: "imageCountMoreThan"
              countNumber: 1000
              tagPrefixList: ["staging-"]
            description: "Expire images older than 1000 for all tags starting with staging-"
            action: 
              type: "expire"
          - selection: 
              tagStatus: "tagged"
              countType: "imageCountMoreThan"
              countNumber: 1000
              tagPrefixList: ["dev-"]
            description: "Expire images older than 1000 for all tags starting with dev-"
            action: 
              type: "expire"

results in just the custom_lifecycle_rules being created. No default behavior change

v0.43.0

Compare Source

bugfix: validation and null countUnit @​Benbentwo (#​148) This pull request refines the handling of custom lifecycle rules in Terraform configurations by improving validation logic and enhancing the selection merging process. The changes aim to make the code more robust and handle edge cases more effectively.
Improvements to selection merging logic:
  • Enhanced null-checks and condition handling in main.tf: The selection merging logic now includes a check to ensure that countUnit is only added if it is not null, and the filtering logic for keys like tagPrefixList and tagPatternList has been updated to handle null values more gracefully. (main.tf, main.tfL140-R152)
Refinements to validation logic:
  • Validation for tagStatus in variables.tf: Updated the condition to use length(coalesce(...)) for checking tagPrefixList and tagPatternList, ensuring proper handling of null or empty lists. (variables.tf, variables.tfL163-R163)
  • Validation for countType in variables.tf: Adjusted the condition to ensure that countUnit is specified when countType is sinceImagePushed, with a clearer error message for improved readability. (variables.tf, variables.tfL193-R195)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Loading

v1.538.2

24 Jul 19:24
@cloudposse-releaser cloudposse-releaser
v1.538.2
50611d8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.538.2

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#43) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update terraform cloudposse/ecr/aws to v0.42.2 @[renovate[bot]](https://github.com/apps/renovate) (#42) This PR contains the following updates:
Package Type Update Change
cloudposse/ecr/aws (source) module patch 0.42.1 -> 0.42.2

Release Notes

cloudposse/terraform-aws-ecr (cloudposse/ecr/aws)

v0.42.2

Compare Source

Custom lifecycle policy support @​Benbentwo (#​146)

what

why

Allows supporting Custom Lifecycle Policies for your ECR Repositories

references

🤖 Automatic Updates

Fix go version in tests @​osterman (#​144)

what

  • Update go 1.24

why

  • Error loading shared library libresolv.so.2 in Go 1.20

References

Replace Makefile with atmos.yaml @​osterman (#​142)

what

  • Remove Makefile
  • Add atmos.yaml

why

  • Replace build-harness with atmos for readme genration

References

  • DEV-3229 Migrate from build-harness to atmos

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#40) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update terraform cloudposse/ecr/aws to v0.42.1 @[renovate[bot]](https://github.com/apps/renovate) (#3) This PR contains the following updates:
Package Type Update Change
cloudposse/ecr/aws (source) module minor 0.41.0 -> 0.42.1

Release Notes

cloudposse/terraform-aws-ecr (cloudposse/ecr/aws)

v0.42.1

Compare Source

protected tags keep count @​whereismyjetpack (#​139) - **introduce `protected_tags_keep_count`** - **updates readme**
what

Adds protected_tags_keep_count and defaults it to 999999

why

A user may want to retain release tags for an extended period, but not indefinitely.

🤖 Automatic Updates
Migrate new test account @​osterman (#​138)
what
  • Update .github/settings.yml
  • Update .github/chatops.yml files
why
  • Re-apply .github/settings.yml from org level to get terratest environment
  • Migrate to new test account
References
  • DEV-388 Automate clean up of test account in new organization
  • DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
  • DEV-386 Update terratest to use new testing account with GitHub OIDC
Update .github/settings.yml @​osterman (#​136)
what
  • Update .github/settings.yml
  • Drop .github/auto-release.yml files
why
  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings
references
  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update .github/settings.yml @​osterman (#​135)
what
  • Update .github/settings.yml
  • Drop .github/auto-release.yml files
why
  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings
references
  • DEV-1242 Add protected tags with Repository Rulesets on GitHub

v0.42.0

Compare Source

fix(#​133): have ability to use wildcards in protected_tags variale @​mrdntgrn (#​134)

what

  • the change allows to pass wildcards in protected_tags list

why

  • there are use cases when the protected tags are not only prefix defineable and only wildcard can be used like "*prod" or semversion *.*.*

references

v0.41.1

Compare Source

Add support for time based rotation @​uhlajs (#​132)

what

Add support for countType "sinceImagePushed" ECR Lifepolicy rule.

why

  • Increase flexibility and usefulness of this module.

references

🤖 Automatic Updates

Update .github/settings.yml @​osterman (#​131)

what

  • Update .github/settings.yml
  • Drop .github/auto-release.yml files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update release workflow to allow pull-requests: write @​osterman (#​129)

what

  • Update workflow (.github/workflows/release.yaml) to have permission to comment on PR

why

  • So we can support commenting on PRs with a link to the release
Update GitHub Workflows to use shared workflows from '.github' repo @​osterman (#​128)

what

  • Update workflows (.github/workflows) to use shared workflows from .github repo

why

  • Reduce nested levels of reusable workflows
Update GitHub Workflows to Fix ReviewDog TFLint Action @​osterman (#​127)

what

  • Update workflows (.github/workflows) to add issue: write permission needed by ReviewDog tflint action

why

  • The ReviewDog action will comment with line-level suggestions based on linting failures
Update GitHub workflows @​osterman (#​126)

what

  • Update workflows (.github/workflows/settings.yaml)

why

  • Support new readme generation workflow.
  • Generate banners
Use GitHub Action Workflows from `cloudposse/.github` Repo @​osterman (#​125)

what

  • Install latest GitHub Action Workflows

why

  • Use shared workflows from cldouposse/.github repository
  • Simplify management of workflows from centralized hub of configuration
Add GitHub Settings @​osterman (#​123)

what

  • Install a repository config (.github/settings.yaml)

why

  • Programmatically manage GitHub repo settings
Update README.md and docs @​cloudpossebot (#​120)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update Scaffolding @​osterman (#​121)

what

  • Reran make readme to rebuild `READ...
Read more
Loading

v1.538.1

26 Jun 19:13
@cloudposse-releaser cloudposse-releaser
v1.538.1
d0c095d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.538.1
chore(deps): restrict aws provider version to < 6.0.0 @Benbentwo (#37) This pull request includes a version constraint update for the AWS provider in the Terraform configuration file `src/versions.tf`. The change ensures compatibility with versions up to but not including 6.0.0.
  • src/versions.tf: Updated the version constraint for the aws provider to >= 4.9.0, < 6.0.0 to ensure compatibility with future versions while avoiding potential breaking changes in version 6.0.0.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#39) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Enable merge queue @goruha (#36) ## what - Added `auto-merge` workflow - Update `settings.yaml` - Fix CodeOwners files

why

  • Support auto merge PRs
  • Create merge queue
  • Implement new CodeOwners policy
Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#34) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Enable merge queue @goruha (#35) ## what - Added `auto-merge` workflow - Update `settings.yaml` - Fix CodeOwners files

why

  • Support auto merge PRs
  • Create merge queue
  • Implement new CodeOwners policy

Contributors

goruha and Benbentwo
Loading

v1.538.0

02 Jun 17:20
@cloudposse-releaser cloudposse-releaser
v1.538.0
a935990
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.538.0
add mixins, update docs @Benbentwo (#33) This pull request includes updates to documentation and the addition of a new IAM policy configuration for GitHub Actions. The changes improve compatibility, enhance security, and provide necessary permissions for ECR operations.

Documentation Updates:

  • Updated the link to the GitHub Actions IAM Role mixin in README.yaml to point to the correct repository. Added a collapsible warning section about updating the eks-iam component for older architectures to ensure sufficient IAM roles for ECR access.

IAM Policy Enhancements:

  • Added a new github_actions_iam_policy in mixins/github-actions-iam-policy.tf to define permissions for ECR operations. This includes actions like ecr:BatchGetImage, ecr:PutImage, and more, with resources dynamically fetched from the ecr.repository_arn_map.
  • Included an additional IAM policy statement to allow the ecr:GetAuthorizationToken and sts:GetServiceBearerToken actions, ensuring the minimum permissions required for pushing and logging into public ECR repositories.

Summary by CodeRabbit

  • New Features
    • Introduced an IAM policy to enable GitHub Actions to interact with AWS ECR, supporting image management and authentication.
  • Documentation
    • Updated the documentation to correct a link and added a collapsible warning about required updates for older reference architectures using the eks-iam component.

🤖 Automatic Updates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.40.0 @[renovate[bot]](https://github.com/apps/renovate) (#4) This PR contains the following updates:
Package Type Update Change
terraform-linters/tflint-ruleset-aws plugin minor 0.23.1 -> 0.40.0

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.40.0

Compare Source

What's Changed

Enhancements
Chores

Full Changelog: terraform-linters/tflint-ruleset-aws@v0.39.0...v0.40.0

v0.39.0

Compare Source

What's Changed

Enhancements
Bug Fixes
Chores
Read more

Contributors

goruha and Benbentwo
Loading

v1.537.0

19 Feb 23:26
@cloudposse-releaser cloudposse-releaser
v1.537.0
68b38ec
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.537.0
Added tests @goruha (#19) ## what * Added tests

Summary by CodeRabbit

  • Configuration Updates

    • Added new configuration files for Atmos CLI and Terraform testing
    • Updated .gitignore to exclude .cache and other temporary files

  • Testing Improvements

    • Introduced new test suite for AWS ECR component
    • Added Go module and test fixtures for infrastructure testing

  • Vendor Management

    • Created vendor configuration for managing component sources

  • Disabled Components

    • Introduced configuration for a disabled ECR component
    • Added configuration for account mapping and ECR lifecycle management

Contributors

goruha
Loading

v1.536.1

22 Jan 20:58
@cloudposse-releaser cloudposse-releaser
v1.536.1
9cc2c3a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.536.1
feat: add ecr replication_configurations variable @westonplatter (#20) ## what * minimally bumping `cloudposse/aws/ecr` module from `0.36.0` to `0.41.0` in order to access `replication_configurations`
  • pulling in the same var.replication_configurations defaults as the underlying module.

why

  • minimally bumping cloudposse/aws/ecr module from 0.36.0 to 0.41.0 in order to access replication_configurations

references

Summary by CodeRabbit

  • Documentation

    • Updated README.md with refined formatting for input variables
    • Improved clarity of variable descriptions

  • New Features

    • Added support for ECR registry replication configurations
    • Upgraded ECR module to version 0.41.0

  • Chores

    • Introduced new replication_configurations variable to enable advanced registry replication settings

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#21) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Contributors

westonplatter
Loading