Added "az acr" commands for Azure container registries (#859)

1. Added commands to manage Azure container registries (create/delete/show/list/update).
2. Integrated repository list and show-tags commands to manage repositories.
3. Added storage command group to manage storage account for container registries.
4. Added credential command group to manage admin user credentials.
5. Added mgmt_acr SDK for Python.

src/command_modules/azure-cli-acr/README.rst

@@ -0,0 +1,163 @@
+Microsoft Azure CLI 'acr' Command Module
+==================================
+
+Commands to manage Azure container registries
+-------------
+::
+
+    Group
+        az acr: Commands to manage Azure container registries.
+
+    Subgroups:
+        credential: Manage admin user credential for Azure container registries.
+        repository: Manage repositories for Azure container registries.
+        storage   : Manage storage accounts for Azure container registries.
+
+    Commands:
+        create    : Create a container registry.
+        delete    : Delete a container registry.
+        list      : List container registries.
+        show      : Get a container registry.
+        update    : Update a container registry.
+
+Create a container registry
+-------------
+::
+
+    Command
+        az acr create: Create a container registry.
+
+    Arguments
+        --location -l       [Required]: Location.
+        --name -n           [Required]: Name of container registry.
+        --resource-group -g [Required]: Name of resource group.
+        --enable-admin                : Enable admin user.
+        --storage-account-name -s     : Name of an existing storage account.
+
+    Examples
+        Create a container registry with a new storage account
+            az acr create -n myRegistry -g myResourceGroup -l southus
+        Create a container registry with an existing storage account
+            az acr create -n myRegistry -g myResourceGroup -l southus -s myStorageAccount
+
+Delete a container registry
+-------------
+::
+
+    Command
+        az acr delete: Delete a container registry.
+
+    Arguments
+        --name -n [Required]: Name of container registry.
+        --resource-group -g : Name of resource group.
+
+List container registries
+-------------
+::
+
+    Command
+        az acr list: List container registries.
+
+    Arguments
+        --resource-group -g: Name of resource group.
+
+    Examples
+        List container registries and show result in a table
+            az acr list -o table
+        List container registries in a resource group and show result in a table
+            az acr list -g myResourceGroup -o table
+
+Get a container registry
+-------------
+::
+
+    Command
+        az acr show: Get a container registry.
+
+    Arguments
+        --name -n [Required]: Name of container registry.
+        --resource-group -g : Name of resource group.
+
+Update a container registry
+-------------
+::
+
+    Command
+        az acr update: Update a container registry.
+
+    Arguments
+        --name -n [Required]: Name of container registry.
+        --disable-admin     : Disable admin user.
+        --enable-admin      : Enable admin user.
+        --resource-group -g : Name of resource group.
+        --tags              : Space separated tags in 'key[=value]' format. Use "" to clear existing
+                            tags.
+        --tenant-id -t      : Tenant id for service principal login. Warning: Changing tenant id will
+                            invalidate assigned access of existing service principals.
+
+    Examples
+        Update tags for a container registry
+            az acr update -n myRegistry --tags key1=value1;key2=value2
+        Enable admin user for a container registry
+            az acr update -n myRegistry --enable-admin
+
+Update storage account for a container registry
+-------------
+::
+
+    Command
+        az acr storage update: Update storage account for a container registry.
+
+    Arguments
+        --name -n                 [Required]: Name of container registry.
+        --storage-account-name -s [Required]: Name of an existing storage account.
+        --resource-group -g                 : Name of resource group.
+
+Get admin username and password for a container registry
+-------------
+::
+
+    Command
+        az acr credential show: Get admin username and password for a container registry.
+
+    Arguments
+        --name -n [Required]: Name of container registry.
+        --resource-group -g : Name of resource group.
+
+List repositories in a given container registry
+-------------
+::
+
+    Command
+        az acr repository list: List repositories in a given container registry.
+
+    Arguments
+        --name -n [Required]: Name of container registry.
+        --password -p       : Password used to log into a container registry.
+        --username -u       : Username used to log into a container registry.
+
+    Examples
+        List repositories in a given container registry if admin user is enabled
+            az acr repository list -n myRegistry
+        List repositories in a given container registry with credentials
+            az acr repository list -n myRegistry -u myUsername -p myPassword
+
+Show tags of a given repository in a given container registry
+-------------
+::
+
+    Command
+        az acr repository show-tags: Show tags of a given repository in a given container registry.
+
+    Arguments
+        --name -n    [Required]: Name of container registry.
+        --repository [Required]: The repository to obtain tags from.
+        --password -p          : Password used to log into a container registry.
+        --username -u          : Username used to log into a container registry.
+
+    Examples
+        Show tags of a given repository in a given container registry if admin user is enabled
+            az acr repository show-tags -n myRegistry --repository myRepository
+        Show tags of a given repository in a given container registry with credentials
+            az acr repository show-tags -n myRegistry --repository myRepository -u myUsername -p
+            myPassword

src/command_modules/azure-cli-acr/azure/__init__.py

@@ -0,0 +1,6 @@
+#---------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+#---------------------------------------------------------------------------------------------
+import pkg_resources
+pkg_resources.declare_namespace(__name__)

src/command_modules/azure-cli-acr/azure/cli/__init__.py

@@ -0,0 +1,6 @@
+#---------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+#---------------------------------------------------------------------------------------------
+import pkg_resources
+pkg_resources.declare_namespace(__name__)

src/command_modules/azure-cli-acr/azure/cli/command_modules/__init__.py

@@ -0,0 +1,6 @@
+#---------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+#---------------------------------------------------------------------------------------------
+import pkg_resources
+pkg_resources.declare_namespace(__name__)

src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/__init__.py

@@ -0,0 +1,13 @@
+#---------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+#---------------------------------------------------------------------------------------------
+
+#pylint: disable=unused-import
+
+import azure.cli.command_modules.acr._help
+import azure.cli.command_modules.acr._params
+import azure.cli.command_modules.acr.custom
+import azure.cli.command_modules.acr.storage
+import azure.cli.command_modules.acr.credential
+import azure.cli.command_modules.acr.repository

src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/_arm_utils.py

@@ -0,0 +1,187 @@
+#---------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+#---------------------------------------------------------------------------------------------
+
+from azure.cli.core._util import CLIError
+from azure.cli.core.commands.parameters import (
+    get_resources_in_subscription,
+    get_resources_in_resource_group
+)
+
+from azure.cli.command_modules.acr.mgmt_acr.models import Registry
+
+from ._constants import (
+    RESOURCE_PROVIDER,
+    RESOURCE_TYPE
+)
+from ._factory import (
+    get_arm_service_client,
+    get_storage_service_client,
+    get_acr_api_version
+)
+from ._utils import get_resource_group_name_by_resource_id
+
+def arm_get_registries_in_subscription():
+    '''Returns the list of container registries in the current subscription.
+    '''
+    result = get_resources_in_subscription(RESOURCE_TYPE)
+    return [Registry(item.id, item.name, item.location, item.tags) for item in result]
+
+def arm_get_registries_in_resource_group(resource_group_name):
+    '''Returns the list of container registries in the resource group.
+    :param str resource_group_name: The name of resource group
+    '''
+    result = get_resources_in_resource_group(resource_group_name, RESOURCE_TYPE)
+    return [Registry(item.id, item.name, item.location, item.tags) for item in result]
+
+def _arm_get_resource_by_name(resource_name, resource_type):
+    '''Returns the ARM resource in the current subscription with resource_name.
+    :param str resource_name: The name of resource
+    :param str resource_type: The type of resource
+    '''
+    result = get_resources_in_subscription(resource_type)
+    elements = [item for item in result if item.name.lower() == resource_name.lower()]
+
+    if len(elements) == 0:
+        return None
+    elif len(elements) == 1:
+        return elements[0]
+    else:
+        raise CLIError(
+            'More than one resources with type {} are found with name: {}'.format(
+                resource_type, resource_name))
+
+def arm_get_registry_by_name(registry_name):
+    '''Returns the named container registry.
+    :param str registry_name: The name of container registry
+    '''
+    return _arm_get_resource_by_name(registry_name, RESOURCE_TYPE)
+
+def arm_get_storage_account_by_name(storage_account_name):
+    '''Returns the named storage account.
+    :param str storage_account_name: The name of storage account
+    '''
+    return _arm_get_resource_by_name(storage_account_name, 'Microsoft.Storage/storageAccounts')
+
+def arm_deploy_template(resource_group_name,
+                        registry_name,
+                        location,
+                        storage_account_name,
+                        admin_user_enabled):
+    '''Deploys ARM template to create/update a container registry.
+    :param str resource_group_name: The name of resource group
+    :param str registry_name: The name of container registry
+    :param str location: The name of location
+    :param str storage_account_name: The name of storage account
+    :param bool admin_user_enabled: Enable admin user
+    '''
+    from azure.mgmt.resource.resources.models import DeploymentProperties
+    from azure.cli.core._util import get_file_json
+    import os
+
+    parameters = _parameters(registry_name, location, storage_account_name, admin_user_enabled)
+    storage_account_resource_group, _ = _parse_storage_account(storage_account_name)
+
+    if storage_account_resource_group:
+        file_path = os.path.join(os.path.dirname(__file__), 'template.existing.json')
+        parameters['storageAccountResourceGroup'] = {'value': storage_account_resource_group}
+    else:
+        file_path = os.path.join(os.path.dirname(__file__), 'template.new.json')
+        parameters['storageAccountType'] = {'value': 'Standard_LRS'}
+
+    template = get_file_json(file_path)
+    properties = DeploymentProperties(template=template, parameters=parameters, mode='incremental')
+
+    return _arm_deploy_template(
+        get_arm_service_client().deployments, resource_group_name, properties)
+
+def _arm_deploy_template(deployments_client,
+                         resource_group_name,
+                         properties,
+                         index=0):
+    '''Deploys ARM template to create a container registry.
+    :param obj deployments_client: ARM deployments service client
+    :param str resource_group_name: The name of resource group
+    :param DeploymentProperties properties: The properties of a deployment
+    :param int index: The index added to deployment name to avoid conflict
+    '''
+    if index == 0:
+        deployment_name = RESOURCE_PROVIDER
+    elif index > 9: # Just a number to avoid infinite loops
+        raise CLIError(
+            'The resource group {} has too many deployments'.format(resource_group_name))
+    else:
+        deployment_name = RESOURCE_PROVIDER + '_' + str(index)
+
+    try:
+        deployments_client.validate(
+            resource_group_name, deployment_name, properties)
+        return deployments_client.create_or_update(
+            resource_group_name, deployment_name, properties)
+    except: #pylint: disable=bare-except
+        return _arm_deploy_template(
+            deployments_client, resource_group_name, properties, index + 1)
+
+def _parameters(registry_name,
+                location,
+                storage_account_name,
+                admin_user_enabled):
+    '''Returns a dict of deployment parameters.
+    :param str registry_name: The name of container registry
+    :param str location: The name of location
+    :param str storage_account_name: The name of storage account
+    :param bool admin_user_enabled: Enable admin user
+    '''
+    parameters = {
+        'registryName': {'value': registry_name},
+        'registryLocation': {'value': location},
+        'registryApiVersion': {'value': get_acr_api_version()},
+        'storageAccountName': {'value': storage_account_name},
+        'adminUserEnabled': {'value': admin_user_enabled}
+    }
+    return parameters
+
+def _parse_storage_account(storage_account_name):
+    '''Returns resource group and tags in the storage account.
+    :param str storage_account_name: The name of storage account
+    '''
+    storage_account = arm_get_storage_account_by_name(storage_account_name)
+
+    if storage_account:
+        storage_account_resource_group = get_resource_group_name_by_resource_id(storage_account.id)
+        return storage_account_resource_group, storage_account.tags
+    else:
+        return None, None
+
+def add_tag_storage_account(storage_account_name, registry_name):
+    '''Add a new tag (key, value) to the storage account.
+    :param str storage_account_name: The name of storage account
+    :param str registry_name: The name of container registry
+    '''
+    from azure.mgmt.storage.models import StorageAccountUpdateParameters
+    storage_account_resource_group, tags = _parse_storage_account(storage_account_name)
+
+    tags[registry_name.lower()] = 'acr'
+    client = get_storage_service_client().storage_accounts
+
+    return client.update(storage_account_resource_group,
+                         storage_account_name,
+                         StorageAccountUpdateParameters(tags=tags))
+
+def delete_tag_storage_account(storage_account_name, registry_name):
+    '''Delete a tag (key, value) from the storage account, if value matches registry_name.
+    :param str storage_account_name: The name of storage account
+    :param str registry_name: The name of container registry
+    '''
+    from azure.mgmt.storage.models import StorageAccountUpdateParameters
+    storage_account_resource_group, tags = _parse_storage_account(storage_account_name)
+    registry_name = registry_name.lower()
+
+    if registry_name in tags and tags[registry_name] == 'acr':
+        del tags[registry_name]
+        client = get_storage_service_client().storage_accounts
+
+        return client.update(storage_account_resource_group,
+                             storage_account_name,
+                             StorageAccountUpdateParameters(tags=tags))

src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/_constants.py

@@ -0,0 +1,7 @@
+#---------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+#---------------------------------------------------------------------------------------------
+
+RESOURCE_PROVIDER = 'Microsoft.ContainerRegistry'
+RESOURCE_TYPE = RESOURCE_PROVIDER + '/registries'