/// <summary> /// Acquires registry credentials for the testing network. /// </summary> /// <param name="context"></param> /// <param name="registryName"></param> /// <param name="loginMode"></param> /// <returns></returns> public static async Task <ContainerRegistryCredentials> GetCredentialsAsync(MockContext context, string registryName, LoginMode loginMode = ContainerRegistryCredentials.LoginMode.TokenAuth) { var registryManagementClient = context.GetServiceClient <ContainerRegistryManagementClient>(handlers: CreateNewRecordedDelegatingHandler()); var registry = await registryManagementClient.Registries.GetAsync(_testResourceGroup, registryName); ContainerRegistryCredentials credential = null; switch (loginMode) { case LoginMode.Basic: case LoginMode.TokenAuth: var registryCredentials = await registryManagementClient.Registries.ListCredentialsAsync(_testResourceGroup, registryName); string username = registryCredentials.Username; string password = registryCredentials.Passwords[0].Value; credential = new ContainerRegistryCredentials(loginMode, registry.LoginServer, username, password); break; case LoginMode.TokenAad: var aadToken = await GetAADAccessToken(); AcquireCallback newAADCallback = () => GetAADAccessToken().GetAwaiter().GetResult(); credential = new ContainerRegistryCredentials(aadToken, registry.LoginServer, newAADCallback); break; default: throw new ArgumentException($"Unkown {nameof(LoginMode)}. Expected one of ['{LoginMode.Basic}', '{LoginMode.TokenAuth}', '{LoginMode.TokenAad}'] but got '{loginMode}'"); } return(credential); }
internal static ContainerRegistryCredentials ConvertToContainerCredentials(TemplateToken token) { var credentials = token.AssertMapping(PipelineTemplateConstants.Credentials); var result = new ContainerRegistryCredentials(); foreach (var credentialProperty in credentials) { var propertyName = credentialProperty.Key.AssertString($"{PipelineTemplateConstants.Credentials} key"); switch (propertyName.Value) { case PipelineTemplateConstants.Username: result.Username = credentialProperty.Value.AssertString(PipelineTemplateConstants.Username).Value; break; case PipelineTemplateConstants.Password: result.Password = credentialProperty.Value.AssertString(PipelineTemplateConstants.Password).Value; break; default: propertyName.AssertUnexpectedValue($"{PipelineTemplateConstants.Credentials} key {propertyName}"); break; } } return(result); }
private static async System.Threading.Tasks.Task DeleteImageAsync( ContainerRegistryImageDeletedEventData deleteEvent, AppConfiguration configuration, ILogger log) { // Create the resourceId from the target ACR resourceId string var targetACRResourceId = ResourceId.FromString(configuration.TargetACRResourceId); // Create Azure credentials to talk to target Cloud using the Active directory application var credential = new AzureCredentials( new ServicePrincipalLoginInformation { ClientId = configuration.TargetAzureServicePrincipalClientId, ClientSecret = configuration.TargetAzureServicePrincipalClientKey }, configuration.TargetAzureServicePrincipalTenantId, AzureEnvironment.FromName(configuration.TargetAzureEnvironmentName)) .WithDefaultSubscription(targetACRResourceId.SubscriptionId); var builder = RestClient .Configure() .WithEnvironment(AzureEnvironment.FromName(configuration.TargetAzureEnvironmentName)) .WithCredentials(credential) .Build(); // Create ACR management client using the Azure credentials var _registryClient = new ContainerRegistryManagementClient(builder); _registryClient.SubscriptionId = targetACRResourceId.SubscriptionId; // Fetch the target ACR properties to identify its login server. var targetRegistry = await _registryClient.Registries.GetAsync( resourceGroupName : targetACRResourceId.ResourceGroupName, registryName : targetACRResourceId.Name) ?? throw new InvalidOperationException($"'{configuration.TargetACRResourceId}' is not found"); // Create ACR data plane client using the Azure credentials var registryCredentials = new ContainerRegistryCredentials( ContainerRegistryCredentials.LoginMode.TokenAuth, targetRegistry.LoginServer, configuration.TargetAzureServicePrincipalClientId, configuration.TargetAzureServicePrincipalClientKey); var client = new AzureContainerRegistryClient(registryCredentials); // Invoke Delete of the image that is part of the delete event on the target ACR. await client.Manifests.DeleteAsync( name : deleteEvent.Target.Repository, reference : deleteEvent.Target.Digest); log.LogInformation($"Image '{deleteEvent.Target.Repository}:@{deleteEvent.Target.Digest}' deleted from registry '{configuration.TargetACRResourceId}'"); }