`google_artifact_registry_repository` should allow setting vulnerability scanning

[Boeller666]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to a user, that user is claiming responsibility for the issue.
• Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Description

Currently there is no option to disable vulnerability scanning on repositories like in the UI. As vulnerability scanning currently costs 0.26$ per image, this is a huge cost factor and the only way to disable it is to not enable the whole api service!

An option vulnerability_scanning in the docker_config block (defaults to true) would be nice.

New or Affected Resource(s)

• google_artifact_registry_repository

Potential Terraform Configuration

resource "google_artifact_registry_repository" "docker_repo" {
  location      = var.region
  repository_id = "images"
  description   = "docker repository"
  format        = "DOCKER"
  docker_config {
    immutable_tags         = true
    vulnerability_scanning = false
  }
}

References

No response