diff --git a/pkg/iac/adapters/cloudformation/aws/ecs/ecs_test.go b/pkg/iac/adapters/cloudformation/aws/ecs/ecs_test.go index c6323a1df926..9cf56b0d8b6f 100644 --- a/pkg/iac/adapters/cloudformation/aws/ecs/ecs_test.go +++ b/pkg/iac/adapters/cloudformation/aws/ecs/ecs_test.go @@ -32,8 +32,8 @@ Resources: - Name: "busybox" Image: "busybox" - Cpu: 256 - Memory: 512 + Cpu: "256" + Memory: "512" Essential: true Privileged: true Environment: @@ -68,8 +68,8 @@ Resources: { Name: types.StringTest("busybox"), Image: types.StringTest("busybox"), - CPU: types.IntTest(256), - Memory: types.IntTest(512), + CPU: types.StringTest("256"), + Memory: types.StringTest("512"), Essential: types.BoolTest(true), Privileged: types.BoolTest(true), Environment: []ecs.EnvVar{ diff --git a/pkg/iac/adapters/cloudformation/aws/ecs/task_definition.go b/pkg/iac/adapters/cloudformation/aws/ecs/task_definition.go index 9c2e342bb6f3..b4cc39205147 100644 --- a/pkg/iac/adapters/cloudformation/aws/ecs/task_definition.go +++ b/pkg/iac/adapters/cloudformation/aws/ecs/task_definition.go @@ -45,8 +45,8 @@ func getContainerDefinitions(r *parser.Resource) ([]ecs.ContainerDefinition, err Metadata: containerDef.Metadata(), Name: containerDef.GetStringProperty("Name"), Image: containerDef.GetStringProperty("Image"), - CPU: containerDef.GetIntProperty("Cpu"), - Memory: containerDef.GetIntProperty("Memory"), + CPU: containerDef.GetStringProperty("Cpu"), + Memory: containerDef.GetStringProperty("Memory"), Essential: containerDef.GetBoolProperty("Essential"), Privileged: containerDef.GetBoolProperty("Privileged"), Environment: envVars, diff --git a/pkg/iac/adapters/terraform/aws/ecs/adapt_test.go b/pkg/iac/adapters/terraform/aws/ecs/adapt_test.go index c35bcc12d9b1..9c70a3b1abee 100644 --- a/pkg/iac/adapters/terraform/aws/ecs/adapt_test.go +++ b/pkg/iac/adapters/terraform/aws/ecs/adapt_test.go @@ -91,8 +91,8 @@ func Test_adaptTaskDefinitionResource(t *testing.T) { "name": "my_service", "image": "my_image", "essential": true, - "memory": 256, - "cpu": 2, + "memory": "256", + "cpu": "2", "environment": [ { "name": "ENVIRONMENT", "value": "development" } ] @@ -125,8 +125,8 @@ func Test_adaptTaskDefinitionResource(t *testing.T) { Metadata: iacTypes.NewTestMetadata(), Name: iacTypes.String("my_service", iacTypes.NewTestMetadata()), Image: iacTypes.String("my_image", iacTypes.NewTestMetadata()), - CPU: iacTypes.Int(2, iacTypes.NewTestMetadata()), - Memory: iacTypes.Int(256, iacTypes.NewTestMetadata()), + CPU: iacTypes.String("2", iacTypes.NewTestMetadata()), + Memory: iacTypes.String("256", iacTypes.NewTestMetadata()), Essential: iacTypes.Bool(true, iacTypes.NewTestMetadata()), Privileged: iacTypes.Bool(false, iacTypes.NewTestMetadata()), Environment: []ecs.EnvVar{ diff --git a/pkg/iac/providers/aws/ecs/ecs.go b/pkg/iac/providers/aws/ecs/ecs.go index b0728c2bbf7f..36e9938c80f2 100755 --- a/pkg/iac/providers/aws/ecs/ecs.go +++ b/pkg/iac/providers/aws/ecs/ecs.go @@ -43,8 +43,8 @@ func CreateDefinitionsFromString(metadata iacTypes.Metadata, str string) ([]Cont type containerDefinitionJSON struct { Name string `json:"name"` Image string `json:"image"` - CPU int `json:"cpu"` - Memory int `json:"memory"` + CPU string `json:"cpu"` + Memory string `json:"memory"` Essential bool `json:"essential"` PortMappings []portMappingJSON `json:"portMappings"` EnvVars []envVarJSON `json:"environment"` @@ -77,8 +77,8 @@ func (j containerDefinitionJSON) convert(metadata iacTypes.Metadata) ContainerDe Metadata: metadata, Name: iacTypes.String(j.Name, metadata), Image: iacTypes.String(j.Image, metadata), - CPU: iacTypes.Int(j.CPU, metadata), - Memory: iacTypes.Int(j.Memory, metadata), + CPU: iacTypes.String(j.CPU, metadata), + Memory: iacTypes.String(j.Memory, metadata), Essential: iacTypes.Bool(j.Essential, metadata), PortMappings: mappings, Environment: envVars, @@ -87,13 +87,11 @@ func (j containerDefinitionJSON) convert(metadata iacTypes.Metadata) ContainerDe } type ContainerDefinition struct { - Metadata iacTypes.Metadata - Name iacTypes.StringValue - Image iacTypes.StringValue - // TODO: CPU and Memory are strings - // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-taskdefinition.html#cfn-ecs-taskdefinition-cpu - CPU iacTypes.IntValue - Memory iacTypes.IntValue + Metadata iacTypes.Metadata + Name iacTypes.StringValue + Image iacTypes.StringValue + CPU iacTypes.StringValue + Memory iacTypes.StringValue Essential iacTypes.BoolValue PortMappings []PortMapping Environment []EnvVar diff --git a/pkg/iac/rego/schemas/cloud.json b/pkg/iac/rego/schemas/cloud.json index bdaad1330898..dd9c10ddeae7 100644 --- a/pkg/iac/rego/schemas/cloud.json +++ b/pkg/iac/rego/schemas/cloud.json @@ -1859,7 +1859,7 @@ }, "cpu": { "type": "object", - "$ref": "#/definitions/github.com.aquasecurity.trivy.pkg.iac.types.IntValue" + "$ref": "#/definitions/github.com.aquasecurity.trivy.pkg.iac.types.StringValue" }, "environment": { "type": "array", @@ -1878,7 +1878,7 @@ }, "memory": { "type": "object", - "$ref": "#/definitions/github.com.aquasecurity.trivy.pkg.iac.types.IntValue" + "$ref": "#/definitions/github.com.aquasecurity.trivy.pkg.iac.types.StringValue" }, "name": { "type": "object", diff --git a/pkg/iac/scanners/terraform/scanner_test.go b/pkg/iac/scanners/terraform/scanner_test.go index 6cdcc06d77f3..9c800338afde 100644 --- a/pkg/iac/scanners/terraform/scanner_test.go +++ b/pkg/iac/scanners/terraform/scanner_test.go @@ -284,7 +284,7 @@ resource "aws_ecs_task_definition" "test" { [ { "privileged": true, - "cpu": 10, + "cpu": "10", "command": ["sleep", "10"], "entryPoint": ["/"], "environment": [ @@ -292,7 +292,7 @@ resource "aws_ecs_task_definition" "test" { ], "essential": true, "image": "jenkins", - "memory": 128, + "memory": "128", "name": "jenkins", "portMappings": [ {