Added support to query the aws_ecr_image_scan_finding table using the…

… image_digest query parameter. Closes #2356
turbot · Dec 17, 2024 · 34fb25d · 34fb25d
1 parent 3d2b869
commit 34fb25d
Showing 1 changed file with 22 additions and 5 deletions.
diff --git a/aws/table_aws_ecr_image_scan_finding.go b/aws/table_aws_ecr_image_scan_finding.go
@@ -33,7 +33,8 @@ func tableAwsEcrImageScanFinding(_ context.Context) *plugin.Table {
 			// image_digest as it's more common/friendly to use.
 			KeyColumns: []*plugin.KeyColumn{
 				{Name: "repository_name", Require: plugin.Required},
-				{Name: "image_tag", Require: plugin.Required},
+				{Name: "image_tag", Require: plugin.AnyOf},
+				{Name: "image_digest", Require: plugin.AnyOf},
 			},
 		},
 		GetMatrixItemFunc: SupportedRegionMatrix(ecrv1.EndpointsID),
@@ -125,8 +126,8 @@ func listAwsEcrImageScanFindings(ctx context.Context, d *plugin.QueryData, _ *pl
 	}
 
 	imageTag := d.EqualsQuals["image_tag"]
+	imageDigest := d.EqualsQuals["image_digest"]
 	repositoryName := d.EqualsQuals["repository_name"]
-
 
 	// Limiting the results
 	maxLimit := int32(1000)
@@ -140,11 +141,27 @@ func listAwsEcrImageScanFindings(ctx context.Context, d *plugin.QueryData, _ *pl
 	input := &ecr.DescribeImageScanFindingsInput{
 		MaxResults:     aws.Int32(maxLimit),
 		RepositoryName: aws.String(repositoryName.GetStringValue()),
-		ImageId: &types.ImageIdentifier{
-			ImageTag: aws.String(imageTag.GetStringValue()),
-		},
 	}
 
+	imageInfo := &types.ImageIdentifier{}
+
+	// Ideally, both image_tag and image_digest could be used.
+	// However, they cannot be passed together simultaneously.
+	// 1. If ImageTag is provided, it takes precedence and is used as the input parameter.
+	// 2. If both ImageTag and ImageDigest are provided, ImageTag will be prioritized to keep the existing table behavior unchanged.
+	// 3. If only ImageDigest is provided, the ImageDigest value will be used as the input parameter.
+	if imageTag != nil {
+		imageInfo.ImageTag = aws.String(imageTag.GetStringValue())
+	}
+	if imageTag != nil && imageDigest != nil {
+		imageInfo.ImageTag = aws.String(imageTag.GetStringValue())
+	}
+	if imageTag == nil && imageDigest != nil {
+		imageInfo.ImageDigest = aws.String(imageDigest.GetStringValue())
+	}
+
+	input.ImageId = imageInfo
+
 	paginator := ecr.NewDescribeImageScanFindingsPaginator(svc, input, func(o *ecr.DescribeImageScanFindingsPaginatorOptions) {
 		o.Limit = maxLimit
 		o.StopOnDuplicateToken = true