add retry loop for image-scan

dvviktordelev · dvviktordelev · commit 499a978a4fc1 · 2024-11-06T12:18:54.000+01:00
diff --git a/.github/actions/get-ecr-scan-result/action.yml b/.github/actions/get-ecr-scan-result/action.yml
@@ -53,8 +53,17 @@ runs:
     - name: Get AWS ECR Scan results
       id: get-scan-results
       run: |
-        aws ecr wait image-scan-complete --debug --repository-name $ECR_REPOSITORY --image-id imageTag=$IMAGE_TAG
-        if [ $(echo $?) -eq 0 ]; then
+        max_retries=5
+        retries=0
+        scan_complete=1
+        until [ $retries -eq $max_retries ]; do
+            aws ecr wait image-scan-complete --repository-name $ECR_REPOSITORY --image-id imageTag=$IMAGE_TAG && scan_complete=0 && break
+            sleep 5
+            retries=$((retries + 1))
+            echo "Retry $retries/$max_retries: Waiting for image scan to complete..."
+        done
+
+        if [ $scan_complete -eq 0 ]; then
           scan_findings=$(aws ecr describe-image-scan-findings --repository-name $ECR_REPOSITORY --image-id imageTag=$IMAGE_TAG | jq '.imageScanFindings.findingSeverityCounts')
           critical=$(echo $scan_findings | jq '.CRITICAL')
           high=$(echo $scan_findings | jq '.HIGH')
