fix(ec2): fixing vpc endpoint pattern for ecr and ecr docker #31434
Conversation
shikha372
changed the title
shikha372
changed the title
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
shikha372
added
the
pr-linter/exempt-test
|
Exemption Request : No changes to integration test as the fix is for isolated regions. |
aws-cdk-automation
added
pr-linter/exemption-requested
shikha372
removed
the
pr-linter/exempt-test
| test.each([ | ||
| ['us-isof-test-1', 'gov.ic.hci.csp'], | ||
| ['eu-isoe-test-1', 'uk.adc-e.cloud'], | ||
| ])('test vpc interface endpoint for ECR can be created correctly in isolated regions', (region : string, domain: string) => { |
There was a problem hiding this comment.
can we add tests for commercial regions, cn regions, govcloud regions?
There was a problem hiding this comment.
sure, though we already had tests for cn regions below this, added it here too.
aws-cdk-automation
removed
the
pr/needs-maintainer-review
shikha372
force-pushed
the
shikagg/ecr_vpc_endpoint
branch
from
c1cf904
to
aace418
Compare
| 'us-isof-': ['ecr.api', 'ecr.dkr'], | ||
| 'eu-isoe-': ['ecr.api', 'ecr.dkr'], |
There was a problem hiding this comment.
Do we only need this two here? What about other us gov regions?
There was a problem hiding this comment.
these two are the only ones flagged in ticket, so for now only these two. These are isolated, for US Gov region i think it starts with us-gov
shikha372
added
the
pr-linter/exempt-integ-test
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. |
Issue # (if applicable)
Closes #.
Internal Tracking ticket P150271569
Reason for this change
Expected Endpoints for ECR in some isolated regions are as below
gov.ic.hci.csp.us-isof-name.ecr.api,
gov.ic.hci.csp.us-isof-name.ecr.dkr,
uk.adc-e.cloud.eu-isoe-name.ecr.api,
uk.adc-e.cloud.eu-isoe-name.ecr.dkr,
Description of changes
As discussed with the ECR Service team, endpoints for the service are being generated in reverse order of the domain suffix.
Since some of the endpoints for other services are still using
com.amazonaws, added fix only for the partitions and service(ECR) flagged.Cannot do for cn regions on the basis of suffix as both regions have different services under exceptions.
Description of how you validated changes
Added unit test for validation of endpoint, keeping the region names as
us-isoe-test-1as the regions are in build stage and could be confidential.No changes to integration test as the fix is for isolated regions.
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license