in findings/main.go [81:130]
func describeScan(scanspec ScanSpec) (map[string]ecr.ImageScanFindings, error) {
s := session.Must(session.NewSession(&aws.Config{
Region: aws.String(scanspec.Region),
}))
svc := ecr.New(s)
descinput := &ecr.DescribeImageScanFindingsInput{
RepositoryName: &scanspec.Repository,
RegistryId: &scanspec.RegistryID,
}
results := map[string]ecr.ImageScanFindings{}
switch len(scanspec.Tags) {
case 0: // empty list of tags, describe all tags:
fmt.Printf("DEBUG:: scanning all tags for repo %v\n", scanspec.Repository)
lio, err := svc.ListImages(&ecr.ListImagesInput{
RepositoryName: &scanspec.Repository,
RegistryId: &scanspec.RegistryID,
Filter: &ecr.ListImagesFilter{
TagStatus: aws.String("TAGGED"),
},
})
if err != nil {
fmt.Println(err)
return results, err
}
for _, iid := range lio.ImageIds {
descinput.ImageId = iid
result, err := svc.DescribeImageScanFindings(descinput)
if err != nil {
return results, err
}
results[*iid.ImageTag] = *result.ImageScanFindings
// fmt.Printf("DEBUG:: result for tag %v: %v\n", *iid.ImageTag, result)
}
default: // iterate over the tags specified in the config:
fmt.Printf("DEBUG:: scanning tags %v for repo %v\n", scanspec.Tags, scanspec.Repository)
for _, tag := range scanspec.Tags {
descinput.ImageId = &ecr.ImageIdentifier{
ImageTag: aws.String(tag),
}
result, err := svc.DescribeImageScanFindings(descinput)
if err != nil {
fmt.Println(err)
return results, err
}
results[tag] = *result.ImageScanFindings
// fmt.Printf("DEBUG:: result for tag %v: %v\n", tag, result)
}
}
return results, nil
}