From 650fcf58f9243b61d306f7dcec2a712b95a09425 Mon Sep 17 00:00:00 2001
From: Caleb Woodbine <c.woodbine@gns.cri.nz>
Date: Tue, 10 Oct 2023 13:26:00 +1300
Subject: [PATCH] chore: filter out ecr from public check

ecr is for private image artifacts
---
 .github/workflows/images-are-public.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/images-are-public.yml b/.github/workflows/images-are-public.yml
index 37c957b..2d825f2 100644
--- a/.github/workflows/images-are-public.yml
+++ b/.github/workflows/images-are-public.yml
@@ -13,4 +13,4 @@ jobs:
       - name: check images are public
         run: |
           # NOTE: important to not use auth
-          jq -r -c '.sync as $sync | .build as $build | {"include":[{"destination": $sync[].destination}, {"destination": $build[].destination}]} | .include[].destination' <<< "$(yq e . -o json config.yaml)" | xargs -n 1 -I{} crane digest {}
+          jq -r -c '.sync as $sync | .build as $build | {"include":[{"destination": $sync[].destination}, {"destination": $build[].destination}]} | .include[] | select(.destination | contains("amazonaws.com") | not) | .destination' <<< "$(yq e . -o json config.yaml)" | xargs -n 1 -I{} crane digest {}