-
Notifications
You must be signed in to change notification settings - Fork 60.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
token-based auth for azure container registry (#52356)
Co-authored-by: Kevin Heis <[email protected]>
- Loading branch information
Showing
3 changed files
with
77 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
#!/usr/bin/env node | ||
import { execSync } from 'child_process' | ||
import * as core from '@actions/core' | ||
import dotenv from 'dotenv' | ||
|
||
type IsoDateString = string | ||
|
||
// For local testing set environment variables in the .env file | ||
dotenv.config() | ||
|
||
const acrTokenName = process.env.ACR_TOKEN_NAME | ||
const acrProdRegistryServer = process.env.PROD_REGISTRY_SERVER | ||
const repo = process.env.GITHUB_REPOSITORY | ||
|
||
function main() { | ||
// Get the current time and add 30 minutes to it | ||
// Convert Date format from YYYY-MM-DDTHH:mm:ss.sssZ to | ||
// YYYY-MM-DDTHH:mm:ssZ (remove .sss) | ||
const expirationDate: IsoDateString = | ||
new Date(Date.now() + 30 * 60 * 1000).toISOString().split('.')[0] + 'Z' | ||
|
||
let resp | ||
try { | ||
const cmd = `az acr token create \ | ||
--name ${acrTokenName} \ | ||
--registry ${acrProdRegistryServer} \ | ||
--repository ${repo} \ | ||
content/write \ | ||
content/read \ | ||
--expiration ${expirationDate} \ | ||
--output json` | ||
|
||
console.log('Executing az acr token create command.') | ||
resp = JSON.parse(execSync(cmd, { encoding: 'utf8' })) | ||
} catch (error) { | ||
console.error('An error occurred while creating ACR token with the Azure CLI') | ||
throw error | ||
} | ||
|
||
const acrTokenValue = resp?.credentials?.passwords[0]?.value | ||
if (!acrTokenValue) { | ||
throw new Error( | ||
'The response from the Azure CLI was not in the expected format: \n' + | ||
JSON.stringify(resp, null, 2), | ||
) | ||
} | ||
|
||
// Set the ACR_TOKEN_VALUE environment variable so | ||
// that it can be used in the subsequent steps | ||
core.exportVariable('ACR_TOKEN_VALUE', acrTokenValue) | ||
execSync(`echo $ACR_TOKEN_VALUE`) | ||
} | ||
|
||
main() |