cloudposse/terraform-aws-ecr (cloudposse/ecr/aws)
### [`v0.42.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/v0.42.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/v0.41.1...v0.42.0)
fix(#133): have ability to use wildcards in protected_tags variale @mrdntgrn (#134)
#### what
- the change allows to pass wildcards in protected_tags list
#### why
- there are use cases when the protected tags are not only prefix defineable and only wildcard can be used like "\*prod" or semversion `*.*.*`
#### references
- fixes [#133](https://togithub.com/cloudposse/terraform-aws-ecr/issues/133)
### [`v0.41.1`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/v0.41.1)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.41.0...v0.41.1)
Add support for time based rotation @uhlajs (#132)
#### what
Add support for [countType "sinceImagePushed"](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) ECR Lifepolicy rule.
#### why
- Increase flexibility and usefulness of this module.
#### references
- Implements [#92](https://togithub.com/cloudposse/terraform-aws-ecr/issues/92).
#### 🤖 Automatic Updates
Update .github/settings.yml @osterman (#131)
#### what
- Update `.github/settings.yml`
- Drop `.github/auto-release.yml` files
#### why
- Re-apply `.github/settings.yml` from org level
- Use organization level auto-release settings
#### references
- DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update release workflow to allow pull-requests: write @osterman (#129)
#### what
- Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR
#### why
- So we can support commenting on PRs with a link to the release
Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#128)
#### what
- Update workflows (`.github/workflows`) to use shared workflows from `.github` repo
#### why
- Reduce nested levels of reusable workflows
Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#127)
#### what
- Update workflows (`.github/workflows`) to add `issue: write` permission needed by ReviewDog `tflint` action
#### why
- The ReviewDog action will comment with line-level suggestions based on linting failures
Update GitHub workflows @osterman (#126)
#### what
- Update workflows (`.github/workflows/settings.yaml`)
#### why
- Support new readme generation workflow.
- Generate banners
Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#125)
#### what
- Install latest GitHub Action Workflows
#### why
- Use shared workflows from `cldouposse/.github` repository
- Simplify management of workflows from centralized hub of configuration
Add GitHub Settings @osterman (#123)
#### what
- Install a repository config (`.github/settings.yaml`)
#### why
- Programmatically manage GitHub repo settings
Update README.md and docs @cloudpossebot (#120)
#### what
This is an auto-generated PR that updates the README.md and docs
#### why
To have most recent changes of README.md and doc from origin templates
Update Scaffolding @osterman (#121)
#### what
- Reran `make readme` to rebuild `README.md` from `README.yaml`
- Migrate to square badges
- Add scaffolding for repo settings and Mergify
#### why
- Upstream template changed in the `.github` repo
- Work better with repository rulesets
- Modernize look & feel
### [`v0.41.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/0.41.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.40.1...0.41.0)
Allow to use ECR replication @dmitrijn (#103)
- Allow to use ECR replication
- https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_replication_configuration
Closes [https://github.com/cloudposse/terraform-aws-ecr/issues/99](https://togithub.com/cloudposse/terraform-aws-ecr/issues/99)
### [`v0.40.1`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/0.40.1)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.40.0...0.40.1)
Allow cache though enabled repositories to fetch image from upstream @mfuhrmeisterDM (#117)
#### what
Add a principal list (`principals_pull_though_access`) which are allowed to use specific repositories as pull through cache (import images from upstream). This holds for repositories where one of the strings in `prefixes_pull_through_repositories` is a prefix of the repository name.
#### why
We are using `ecr-public` pull through cache and we want also new images to be downloaded automatically to the cache. Allowed principals for respective repos can use it with the newly introduced variables.
#### 🤖 Automatic Updates
Update README.md and docs @cloudpossebot (#116)
#### what
This is an auto-generated PR that updates the README.md and docs
#### why
To have most recent changes of README.md and doc from origin templates
Update README.md and docs @cloudpossebot (#115)
#### what
This is an auto-generated PR that updates the README.md and docs
#### why
To have most recent changes of README.md and doc from origin templates
Update README.md and docs @cloudpossebot (#114)
#### what
This is an auto-generated PR that updates the README.md and docs
#### why
To have most recent changes of README.md and doc from origin templates
### [`v0.40.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/0.40.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.39.0...0.40.0)
feat: support scan_type @dudymas (#113)
#### what
- add `scanning_configuration` as child module
#### why
- support `scan_type` settings
- should be deployed as a per-account global, rather than per-ecr-repo
#### Notes
- fixes [#90](https://togithub.com/cloudposse/terraform-aws-ecr/issues/90)
### [`v0.39.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/0.39.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.38.0...0.39.0)
feat: add organizations as readonly access @dragosmc (#106)
#### what
- Add the ability to have organizations as trustees (read-only) for the ECR repository
#### why
- As described in [#82](https://togithub.com/cloudposse/terraform-aws-ecr/issues/82) , it's sometimes useful to allow an entire organization to consume images from a centralized repository
#### references
- closes [#82](https://togithub.com/cloudposse/terraform-aws-ecr/issues/82)
### [`v0.38.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/0.38.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.37.0...0.38.0)
fix: cleans up principals lambda logic to separate policy doc @Gowiem (#105)
#### what
- Clean up of the logic surrounding the `var.principals_lambda` policies
#### why
- When this was originally implemented it was copy / pastad across multiple policy docs, which isn't necessary and creates a bunch of bloat.
#### references
- Discovered in [#98](https://togithub.com/cloudposse/terraform-aws-ecr/issues/98)
- Originally introduced in [#88](https://togithub.com/cloudposse/terraform-aws-ecr/issues/88)
### [`v0.37.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/0.37.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.36.0...0.37.0)
add optional policy allowing push access @kpankonen (#98)
#### what
* adds the ability to give push-only access to the repository
#### why
* full access was more than we wanted in our situation (CI pushing images to the repo) so we added a `principals_push_access` to give push-only access.
#### references
* policy is based on [this](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html#IAM_allow_other_accounts) AWS doc
Sync github @max-lobur (#104)
Sync github from the template
### [`v0.36.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/0.36.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.35.0...0.36.0)
- No changes
### [`v0.35.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/0.35.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/0.34.0...0.35.0)
adding force_delete @pcartas (#101)
Hi! im adding "force_delete" parameter, is implemented in aws 4.22.0 for an easier delete of the ecr
#### references
https://registry.terraform.io/providers/hashicorp/aws/4.22.0/docs/resources/ecr_repository
git.io->cloudposse.tools update @dylanbannon (#95)
#### what and why
Change all references to `git.io/build-harness` into `cloudposse.tools/build-harness`, since `git.io` redirects will stop working on April 29th, 2022.
#### References
- DEV-143
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
0.34.0
->0.42.0
Release Notes
cloudposse/terraform-aws-ecr (cloudposse/ecr/aws)
### [`v0.42.0`](https://togithub.com/cloudposse/terraform-aws-ecr/releases/tag/v0.42.0) [Compare Source](https://togithub.com/cloudposse/terraform-aws-ecr/compare/v0.41.1...v0.42.0)fix(#133): have ability to use wildcards in protected_tags variale @mrdntgrn (#134)
#### what - the change allows to pass wildcards in protected_tags list #### why - there are use cases when the protected tags are not only prefix defineable and only wildcard can be used like "\*prod" or semversion `*.*.*` #### references - fixes [#133](https://togithub.com/cloudposse/terraform-aws-ecr/issues/133)Add support for time based rotation @uhlajs (#132)
#### what Add support for [countType "sinceImagePushed"](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) ECR Lifepolicy rule. #### why - Increase flexibility and usefulness of this module. #### references - Implements [#92](https://togithub.com/cloudposse/terraform-aws-ecr/issues/92).Update .github/settings.yml @osterman (#131)
#### what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files #### why - Re-apply `.github/settings.yml` from org level - Use organization level auto-release settings #### references - DEV-1242 Add protected tags with Repository Rulesets on GitHubUpdate release workflow to allow pull-requests: write @osterman (#129)
#### what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR #### why - So we can support commenting on PRs with a link to the releaseUpdate GitHub Workflows to use shared workflows from '.github' repo @osterman (#128)
#### what - Update workflows (`.github/workflows`) to use shared workflows from `.github` repo #### why - Reduce nested levels of reusable workflowsUpdate GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#127)
#### what - Update workflows (`.github/workflows`) to add `issue: write` permission needed by ReviewDog `tflint` action #### why - The ReviewDog action will comment with line-level suggestions based on linting failuresUpdate GitHub workflows @osterman (#126)
#### what - Update workflows (`.github/workflows/settings.yaml`) #### why - Support new readme generation workflow. - Generate bannersUse GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#125)
#### what - Install latest GitHub Action Workflows #### why - Use shared workflows from `cldouposse/.github` repository - Simplify management of workflows from centralized hub of configurationAdd GitHub Settings @osterman (#123)
#### what - Install a repository config (`.github/settings.yaml`) #### why - Programmatically manage GitHub repo settingsUpdate README.md and docs @cloudpossebot (#120)
#### what This is an auto-generated PR that updates the README.md and docs #### why To have most recent changes of README.md and doc from origin templatesUpdate Scaffolding @osterman (#121)
#### what - Reran `make readme` to rebuild `README.md` from `README.yaml` - Migrate to square badges - Add scaffolding for repo settings and Mergify #### why - Upstream template changed in the `.github` repo - Work better with repository rulesets - Modernize look & feelAllow to use ECR replication @dmitrijn (#103)
- Allow to use ECR replication - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_replication_configuration Closes [https://github.com/cloudposse/terraform-aws-ecr/issues/99](https://togithub.com/cloudposse/terraform-aws-ecr/issues/99)Allow cache though enabled repositories to fetch image from upstream @mfuhrmeisterDM (#117)
#### what Add a principal list (`principals_pull_though_access`) which are allowed to use specific repositories as pull through cache (import images from upstream). This holds for repositories where one of the strings in `prefixes_pull_through_repositories` is a prefix of the repository name. #### why We are using `ecr-public` pull through cache and we want also new images to be downloaded automatically to the cache. Allowed principals for respective repos can use it with the newly introduced variables.Update README.md and docs @cloudpossebot (#116)
#### what This is an auto-generated PR that updates the README.md and docs #### why To have most recent changes of README.md and doc from origin templatesUpdate README.md and docs @cloudpossebot (#115)
#### what This is an auto-generated PR that updates the README.md and docs #### why To have most recent changes of README.md and doc from origin templatesUpdate README.md and docs @cloudpossebot (#114)
#### what This is an auto-generated PR that updates the README.md and docs #### why To have most recent changes of README.md and doc from origin templatesfeat: support scan_type @dudymas (#113)
#### what - add `scanning_configuration` as child module #### why - support `scan_type` settings - should be deployed as a per-account global, rather than per-ecr-repo #### Notes - fixes [#90](https://togithub.com/cloudposse/terraform-aws-ecr/issues/90)feat: add organizations as readonly access @dragosmc (#106)
#### what - Add the ability to have organizations as trustees (read-only) for the ECR repository #### why - As described in [#82](https://togithub.com/cloudposse/terraform-aws-ecr/issues/82) , it's sometimes useful to allow an entire organization to consume images from a centralized repository #### references - closes [#82](https://togithub.com/cloudposse/terraform-aws-ecr/issues/82)fix: cleans up principals lambda logic to separate policy doc @Gowiem (#105)
#### what - Clean up of the logic surrounding the `var.principals_lambda` policies #### why - When this was originally implemented it was copy / pastad across multiple policy docs, which isn't necessary and creates a bunch of bloat. #### references - Discovered in [#98](https://togithub.com/cloudposse/terraform-aws-ecr/issues/98) - Originally introduced in [#88](https://togithub.com/cloudposse/terraform-aws-ecr/issues/88)add optional policy allowing push access @kpankonen (#98)
#### what * adds the ability to give push-only access to the repository #### why * full access was more than we wanted in our situation (CI pushing images to the repo) so we added a `principals_push_access` to give push-only access. #### references * policy is based on [this](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html#IAM_allow_other_accounts) AWS docSync github @max-lobur (#104)
Sync github from the templateadding force_delete @pcartas (#101)
Hi! im adding "force_delete" parameter, is implemented in aws 4.22.0 for an easier delete of the ecr #### references https://registry.terraform.io/providers/hashicorp/aws/4.22.0/docs/resources/ecr_repositorygit.io->cloudposse.tools update @dylanbannon (#95)
#### what and why Change all references to `git.io/build-harness` into `cloudposse.tools/build-harness`, since `git.io` redirects will stop working on April 29th, 2022. #### References - DEV-143Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.