/// <summary>
/// Acquires registry credentials for the testing network.
/// </summary>
/// <param name="context"></param>
/// <param name="registryName"></param>
/// <param name="loginMode"></param>
/// <returns></returns>
public static async Task <ContainerRegistryCredentials> GetCredentialsAsync(MockContext context, string registryName, LoginMode loginMode = ContainerRegistryCredentials.LoginMode.TokenAuth)
{
var registryManagementClient = context.GetServiceClient <ContainerRegistryManagementClient>(handlers: CreateNewRecordedDelegatingHandler());
var registry = await registryManagementClient.Registries.GetAsync(_testResourceGroup, registryName);
ContainerRegistryCredentials credential = null;
switch (loginMode)
{
case LoginMode.Basic:
case LoginMode.TokenAuth:
var registryCredentials = await registryManagementClient.Registries.ListCredentialsAsync(_testResourceGroup, registryName);
string username = registryCredentials.Username;
string password = registryCredentials.Passwords[0].Value;
credential = new ContainerRegistryCredentials(loginMode, registry.LoginServer, username, password);
break;
case LoginMode.TokenAad:
var aadToken = await GetAADAccessToken();
AcquireCallback newAADCallback = () => GetAADAccessToken().GetAwaiter().GetResult();
credential = new ContainerRegistryCredentials(aadToken, registry.LoginServer, newAADCallback);
break;
default:
throw new ArgumentException($"Unkown {nameof(LoginMode)}. Expected one of ['{LoginMode.Basic}', '{LoginMode.TokenAuth}', '{LoginMode.TokenAad}'] but got '{loginMode}'");
}
return(credential);
}
internal static ContainerRegistryCredentials ConvertToContainerCredentials(TemplateToken token)
{
var credentials = token.AssertMapping(PipelineTemplateConstants.Credentials);
var result = new ContainerRegistryCredentials();
foreach (var credentialProperty in credentials)
{
var propertyName = credentialProperty.Key.AssertString($"{PipelineTemplateConstants.Credentials} key");
switch (propertyName.Value)
{
case PipelineTemplateConstants.Username:
result.Username = credentialProperty.Value.AssertString(PipelineTemplateConstants.Username).Value;
break;
case PipelineTemplateConstants.Password:
result.Password = credentialProperty.Value.AssertString(PipelineTemplateConstants.Password).Value;
break;
default:
propertyName.AssertUnexpectedValue($"{PipelineTemplateConstants.Credentials} key {propertyName}");
break;
}
}
return(result);
}
private static async System.Threading.Tasks.Task DeleteImageAsync(
ContainerRegistryImageDeletedEventData deleteEvent,
AppConfiguration configuration,
ILogger log)
{
// Create the resourceId from the target ACR resourceId string
var targetACRResourceId = ResourceId.FromString(configuration.TargetACRResourceId);
// Create Azure credentials to talk to target Cloud using the Active directory application
var credential = new AzureCredentials(
new ServicePrincipalLoginInformation
{
ClientId = configuration.TargetAzureServicePrincipalClientId,
ClientSecret = configuration.TargetAzureServicePrincipalClientKey
},
configuration.TargetAzureServicePrincipalTenantId,
AzureEnvironment.FromName(configuration.TargetAzureEnvironmentName))
.WithDefaultSubscription(targetACRResourceId.SubscriptionId);
var builder = RestClient
.Configure()
.WithEnvironment(AzureEnvironment.FromName(configuration.TargetAzureEnvironmentName))
.WithCredentials(credential)
.Build();
// Create ACR management client using the Azure credentials
var _registryClient = new ContainerRegistryManagementClient(builder);
_registryClient.SubscriptionId = targetACRResourceId.SubscriptionId;
// Fetch the target ACR properties to identify its login server.
var targetRegistry = await _registryClient.Registries.GetAsync(
resourceGroupName : targetACRResourceId.ResourceGroupName,
registryName : targetACRResourceId.Name) ??
throw new InvalidOperationException($"'{configuration.TargetACRResourceId}' is not found");
// Create ACR data plane client using the Azure credentials
var registryCredentials = new ContainerRegistryCredentials(
ContainerRegistryCredentials.LoginMode.TokenAuth,
targetRegistry.LoginServer,
configuration.TargetAzureServicePrincipalClientId,
configuration.TargetAzureServicePrincipalClientKey);
var client = new AzureContainerRegistryClient(registryCredentials);
// Invoke Delete of the image that is part of the delete event on the target ACR.
await client.Manifests.DeleteAsync(
name : deleteEvent.Target.Repository,
reference : deleteEvent.Target.Digest);
log.LogInformation($"Image '{deleteEvent.Target.Repository}:@{deleteEvent.Target.Digest}' deleted from registry '{configuration.TargetACRResourceId}'");
}
