Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Pending manual FIPS testing] Fix ECR Client Migration to V2 #4550

Open
wants to merge 2 commits into
base: dev
Choose a base branch
from
Open

[Pending manual FIPS testing] Fix ECR Client Migration to V2 #4550

wants to merge 2 commits into from

Conversation

TheanLim
Copy link
Contributor

@TheanLim TheanLim commented Mar 29, 2025
edited
Loading

Summary

A fix on PR #4512 by adding HTTPS prefix.

Implementation details

HTTPS/HTTP prefix is automatically added to endpoint in sdk v1 but not in v2.
Adding HTTPS prefix to endpoint override if it's not already so.

Testing

New tests cover the changes: no, but adapting the existing test.

Description for the changelog

Additional Information

Does this PR include breaking model changes? If so, Have you added transformation functions?

Does this PR include the addition of new environment variables in the README?

Licensing

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@TheanLim TheanLim requested a review from a team as a code owner March 29, 2025 00:09
@TheanLim TheanLim changed the title WIP - Fix ecr migration [Pending additional FIPS testing] Fix ECR Client Migration to V2 Apr 3, 2025
@TheanLim TheanLim changed the title [Pending additional FIPS testing] Fix ECR Client Migration to V2 [Pending manual FIPS testing] Fix ECR Client Migration to V2 Apr 3, 2025
@TheanLim TheanLim force-pushed the fix-ecr-migration branch from 8cf4edb to d672034 Compare April 4, 2025 17:50
mye956
mye956 reviewed Apr 4, 2025
View reviewed changes
agent/ecr/factory.go
)

const httpsPrefix = "https://"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Q: Do we also need to consider http as well?

Looks like in AWS SDK Go V1, it takes that into consideration when appending the prefixes -> https://github.com/aws/aws-sdk-go/blob/8d203ccff393340d080be0417d091cc60354449b/aws/endpoints/endpoints.go#L324-L339

Copy link
Contributor Author

@TheanLim TheanLim Apr 7, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, we don't need to consider http.
We currently (in v1) do not instantiate a new client with Config.DisableSSL set to true. This flag is passed to AddScheme to determine whether the HTTP or HTTPS schemes should be added.

In short, we only prepend https prefix, if it's needed.

@TheanLim TheanLim force-pushed the fix-ecr-migration branch from d672034 to 8f62fed Compare April 7, 2025 18:11
@TheanLim TheanLim force-pushed the fix-ecr-migration branch from 48399a7 to 5fd8b89 Compare April 10, 2025 21:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mye956 mye956 mye956 left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TheanLim @mye956 @amazon-ecs-bot