-
Notifications
You must be signed in to change notification settings - Fork 3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added "az acr" commands for Azure container registries (#859)
1. Added commands to manage Azure container registries (create/delete/show/list/update). 2. Integrated repository list and show-tags commands to manage repositories. 3. Added storage command group to manage storage account for container registries. 4. Added credential command group to manage admin user credentials. 5. Added mgmt_acr SDK for Python.
- Loading branch information
1 parent
d8a031e
commit 4ee4d11
Showing
45 changed files
with
2,776 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,163 @@ | ||
Microsoft Azure CLI 'acr' Command Module | ||
================================== | ||
|
||
Commands to manage Azure container registries | ||
------------- | ||
:: | ||
|
||
Group | ||
az acr: Commands to manage Azure container registries. | ||
|
||
Subgroups: | ||
credential: Manage admin user credential for Azure container registries. | ||
repository: Manage repositories for Azure container registries. | ||
storage : Manage storage accounts for Azure container registries. | ||
|
||
Commands: | ||
create : Create a container registry. | ||
delete : Delete a container registry. | ||
list : List container registries. | ||
show : Get a container registry. | ||
update : Update a container registry. | ||
|
||
Create a container registry | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr create: Create a container registry. | ||
|
||
Arguments | ||
--location -l [Required]: Location. | ||
--name -n [Required]: Name of container registry. | ||
--resource-group -g [Required]: Name of resource group. | ||
--enable-admin : Enable admin user. | ||
--storage-account-name -s : Name of an existing storage account. | ||
|
||
Examples | ||
Create a container registry with a new storage account | ||
az acr create -n myRegistry -g myResourceGroup -l southus | ||
Create a container registry with an existing storage account | ||
az acr create -n myRegistry -g myResourceGroup -l southus -s myStorageAccount | ||
|
||
Delete a container registry | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr delete: Delete a container registry. | ||
|
||
Arguments | ||
--name -n [Required]: Name of container registry. | ||
--resource-group -g : Name of resource group. | ||
|
||
List container registries | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr list: List container registries. | ||
|
||
Arguments | ||
--resource-group -g: Name of resource group. | ||
|
||
Examples | ||
List container registries and show result in a table | ||
az acr list -o table | ||
List container registries in a resource group and show result in a table | ||
az acr list -g myResourceGroup -o table | ||
|
||
Get a container registry | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr show: Get a container registry. | ||
|
||
Arguments | ||
--name -n [Required]: Name of container registry. | ||
--resource-group -g : Name of resource group. | ||
|
||
Update a container registry | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr update: Update a container registry. | ||
|
||
Arguments | ||
--name -n [Required]: Name of container registry. | ||
--disable-admin : Disable admin user. | ||
--enable-admin : Enable admin user. | ||
--resource-group -g : Name of resource group. | ||
--tags : Space separated tags in 'key[=value]' format. Use "" to clear existing | ||
tags. | ||
--tenant-id -t : Tenant id for service principal login. Warning: Changing tenant id will | ||
invalidate assigned access of existing service principals. | ||
|
||
Examples | ||
Update tags for a container registry | ||
az acr update -n myRegistry --tags key1=value1;key2=value2 | ||
Enable admin user for a container registry | ||
az acr update -n myRegistry --enable-admin | ||
|
||
Update storage account for a container registry | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr storage update: Update storage account for a container registry. | ||
|
||
Arguments | ||
--name -n [Required]: Name of container registry. | ||
--storage-account-name -s [Required]: Name of an existing storage account. | ||
--resource-group -g : Name of resource group. | ||
|
||
Get admin username and password for a container registry | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr credential show: Get admin username and password for a container registry. | ||
|
||
Arguments | ||
--name -n [Required]: Name of container registry. | ||
--resource-group -g : Name of resource group. | ||
|
||
List repositories in a given container registry | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr repository list: List repositories in a given container registry. | ||
|
||
Arguments | ||
--name -n [Required]: Name of container registry. | ||
--password -p : Password used to log into a container registry. | ||
--username -u : Username used to log into a container registry. | ||
|
||
Examples | ||
List repositories in a given container registry if admin user is enabled | ||
az acr repository list -n myRegistry | ||
List repositories in a given container registry with credentials | ||
az acr repository list -n myRegistry -u myUsername -p myPassword | ||
|
||
Show tags of a given repository in a given container registry | ||
------------- | ||
:: | ||
|
||
Command | ||
az acr repository show-tags: Show tags of a given repository in a given container registry. | ||
|
||
Arguments | ||
--name -n [Required]: Name of container registry. | ||
--repository [Required]: The repository to obtain tags from. | ||
--password -p : Password used to log into a container registry. | ||
--username -u : Username used to log into a container registry. | ||
|
||
Examples | ||
Show tags of a given repository in a given container registry if admin user is enabled | ||
az acr repository show-tags -n myRegistry --repository myRepository | ||
Show tags of a given repository in a given container registry with credentials | ||
az acr repository show-tags -n myRegistry --repository myRepository -u myUsername -p | ||
myPassword |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
#--------------------------------------------------------------------------------------------- | ||
# Copyright (c) Microsoft Corporation. All rights reserved. | ||
# Licensed under the MIT License. See License.txt in the project root for license information. | ||
#--------------------------------------------------------------------------------------------- | ||
import pkg_resources | ||
pkg_resources.declare_namespace(__name__) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
#--------------------------------------------------------------------------------------------- | ||
# Copyright (c) Microsoft Corporation. All rights reserved. | ||
# Licensed under the MIT License. See License.txt in the project root for license information. | ||
#--------------------------------------------------------------------------------------------- | ||
import pkg_resources | ||
pkg_resources.declare_namespace(__name__) |
6 changes: 6 additions & 0 deletions
6
src/command_modules/azure-cli-acr/azure/cli/command_modules/__init__.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
#--------------------------------------------------------------------------------------------- | ||
# Copyright (c) Microsoft Corporation. All rights reserved. | ||
# Licensed under the MIT License. See License.txt in the project root for license information. | ||
#--------------------------------------------------------------------------------------------- | ||
import pkg_resources | ||
pkg_resources.declare_namespace(__name__) |
13 changes: 13 additions & 0 deletions
13
src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/__init__.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
#--------------------------------------------------------------------------------------------- | ||
# Copyright (c) Microsoft Corporation. All rights reserved. | ||
# Licensed under the MIT License. See License.txt in the project root for license information. | ||
#--------------------------------------------------------------------------------------------- | ||
|
||
#pylint: disable=unused-import | ||
|
||
import azure.cli.command_modules.acr._help | ||
import azure.cli.command_modules.acr._params | ||
import azure.cli.command_modules.acr.custom | ||
import azure.cli.command_modules.acr.storage | ||
import azure.cli.command_modules.acr.credential | ||
import azure.cli.command_modules.acr.repository |
187 changes: 187 additions & 0 deletions
187
src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/_arm_utils.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,187 @@ | ||
#--------------------------------------------------------------------------------------------- | ||
# Copyright (c) Microsoft Corporation. All rights reserved. | ||
# Licensed under the MIT License. See License.txt in the project root for license information. | ||
#--------------------------------------------------------------------------------------------- | ||
|
||
from azure.cli.core._util import CLIError | ||
from azure.cli.core.commands.parameters import ( | ||
get_resources_in_subscription, | ||
get_resources_in_resource_group | ||
) | ||
|
||
from azure.cli.command_modules.acr.mgmt_acr.models import Registry | ||
|
||
from ._constants import ( | ||
RESOURCE_PROVIDER, | ||
RESOURCE_TYPE | ||
) | ||
from ._factory import ( | ||
get_arm_service_client, | ||
get_storage_service_client, | ||
get_acr_api_version | ||
) | ||
from ._utils import get_resource_group_name_by_resource_id | ||
|
||
def arm_get_registries_in_subscription(): | ||
'''Returns the list of container registries in the current subscription. | ||
''' | ||
result = get_resources_in_subscription(RESOURCE_TYPE) | ||
return [Registry(item.id, item.name, item.location, item.tags) for item in result] | ||
|
||
def arm_get_registries_in_resource_group(resource_group_name): | ||
'''Returns the list of container registries in the resource group. | ||
:param str resource_group_name: The name of resource group | ||
''' | ||
result = get_resources_in_resource_group(resource_group_name, RESOURCE_TYPE) | ||
return [Registry(item.id, item.name, item.location, item.tags) for item in result] | ||
|
||
def _arm_get_resource_by_name(resource_name, resource_type): | ||
'''Returns the ARM resource in the current subscription with resource_name. | ||
:param str resource_name: The name of resource | ||
:param str resource_type: The type of resource | ||
''' | ||
result = get_resources_in_subscription(resource_type) | ||
elements = [item for item in result if item.name.lower() == resource_name.lower()] | ||
|
||
if len(elements) == 0: | ||
return None | ||
elif len(elements) == 1: | ||
return elements[0] | ||
else: | ||
raise CLIError( | ||
'More than one resources with type {} are found with name: {}'.format( | ||
resource_type, resource_name)) | ||
|
||
def arm_get_registry_by_name(registry_name): | ||
'''Returns the named container registry. | ||
:param str registry_name: The name of container registry | ||
''' | ||
return _arm_get_resource_by_name(registry_name, RESOURCE_TYPE) | ||
|
||
def arm_get_storage_account_by_name(storage_account_name): | ||
'''Returns the named storage account. | ||
:param str storage_account_name: The name of storage account | ||
''' | ||
return _arm_get_resource_by_name(storage_account_name, 'Microsoft.Storage/storageAccounts') | ||
|
||
def arm_deploy_template(resource_group_name, | ||
registry_name, | ||
location, | ||
storage_account_name, | ||
admin_user_enabled): | ||
'''Deploys ARM template to create/update a container registry. | ||
:param str resource_group_name: The name of resource group | ||
:param str registry_name: The name of container registry | ||
:param str location: The name of location | ||
:param str storage_account_name: The name of storage account | ||
:param bool admin_user_enabled: Enable admin user | ||
''' | ||
from azure.mgmt.resource.resources.models import DeploymentProperties | ||
from azure.cli.core._util import get_file_json | ||
import os | ||
|
||
parameters = _parameters(registry_name, location, storage_account_name, admin_user_enabled) | ||
storage_account_resource_group, _ = _parse_storage_account(storage_account_name) | ||
|
||
if storage_account_resource_group: | ||
file_path = os.path.join(os.path.dirname(__file__), 'template.existing.json') | ||
parameters['storageAccountResourceGroup'] = {'value': storage_account_resource_group} | ||
else: | ||
file_path = os.path.join(os.path.dirname(__file__), 'template.new.json') | ||
parameters['storageAccountType'] = {'value': 'Standard_LRS'} | ||
|
||
template = get_file_json(file_path) | ||
properties = DeploymentProperties(template=template, parameters=parameters, mode='incremental') | ||
|
||
return _arm_deploy_template( | ||
get_arm_service_client().deployments, resource_group_name, properties) | ||
|
||
def _arm_deploy_template(deployments_client, | ||
resource_group_name, | ||
properties, | ||
index=0): | ||
'''Deploys ARM template to create a container registry. | ||
:param obj deployments_client: ARM deployments service client | ||
:param str resource_group_name: The name of resource group | ||
:param DeploymentProperties properties: The properties of a deployment | ||
:param int index: The index added to deployment name to avoid conflict | ||
''' | ||
if index == 0: | ||
deployment_name = RESOURCE_PROVIDER | ||
elif index > 9: # Just a number to avoid infinite loops | ||
raise CLIError( | ||
'The resource group {} has too many deployments'.format(resource_group_name)) | ||
else: | ||
deployment_name = RESOURCE_PROVIDER + '_' + str(index) | ||
|
||
try: | ||
deployments_client.validate( | ||
resource_group_name, deployment_name, properties) | ||
return deployments_client.create_or_update( | ||
resource_group_name, deployment_name, properties) | ||
except: #pylint: disable=bare-except | ||
return _arm_deploy_template( | ||
deployments_client, resource_group_name, properties, index + 1) | ||
|
||
def _parameters(registry_name, | ||
location, | ||
storage_account_name, | ||
admin_user_enabled): | ||
'''Returns a dict of deployment parameters. | ||
:param str registry_name: The name of container registry | ||
:param str location: The name of location | ||
:param str storage_account_name: The name of storage account | ||
:param bool admin_user_enabled: Enable admin user | ||
''' | ||
parameters = { | ||
'registryName': {'value': registry_name}, | ||
'registryLocation': {'value': location}, | ||
'registryApiVersion': {'value': get_acr_api_version()}, | ||
'storageAccountName': {'value': storage_account_name}, | ||
'adminUserEnabled': {'value': admin_user_enabled} | ||
} | ||
return parameters | ||
|
||
def _parse_storage_account(storage_account_name): | ||
'''Returns resource group and tags in the storage account. | ||
:param str storage_account_name: The name of storage account | ||
''' | ||
storage_account = arm_get_storage_account_by_name(storage_account_name) | ||
|
||
if storage_account: | ||
storage_account_resource_group = get_resource_group_name_by_resource_id(storage_account.id) | ||
return storage_account_resource_group, storage_account.tags | ||
else: | ||
return None, None | ||
|
||
def add_tag_storage_account(storage_account_name, registry_name): | ||
'''Add a new tag (key, value) to the storage account. | ||
:param str storage_account_name: The name of storage account | ||
:param str registry_name: The name of container registry | ||
''' | ||
from azure.mgmt.storage.models import StorageAccountUpdateParameters | ||
storage_account_resource_group, tags = _parse_storage_account(storage_account_name) | ||
|
||
tags[registry_name.lower()] = 'acr' | ||
client = get_storage_service_client().storage_accounts | ||
|
||
return client.update(storage_account_resource_group, | ||
storage_account_name, | ||
StorageAccountUpdateParameters(tags=tags)) | ||
|
||
def delete_tag_storage_account(storage_account_name, registry_name): | ||
'''Delete a tag (key, value) from the storage account, if value matches registry_name. | ||
:param str storage_account_name: The name of storage account | ||
:param str registry_name: The name of container registry | ||
''' | ||
from azure.mgmt.storage.models import StorageAccountUpdateParameters | ||
storage_account_resource_group, tags = _parse_storage_account(storage_account_name) | ||
registry_name = registry_name.lower() | ||
|
||
if registry_name in tags and tags[registry_name] == 'acr': | ||
del tags[registry_name] | ||
client = get_storage_service_client().storage_accounts | ||
|
||
return client.update(storage_account_resource_group, | ||
storage_account_name, | ||
StorageAccountUpdateParameters(tags=tags)) |
7 changes: 7 additions & 0 deletions
7
src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/_constants.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
#--------------------------------------------------------------------------------------------- | ||
# Copyright (c) Microsoft Corporation. All rights reserved. | ||
# Licensed under the MIT License. See License.txt in the project root for license information. | ||
#--------------------------------------------------------------------------------------------- | ||
|
||
RESOURCE_PROVIDER = 'Microsoft.ContainerRegistry' | ||
RESOURCE_TYPE = RESOURCE_PROVIDER + '/registries' |
Oops, something went wrong.