[ACR] az acr create/update and az acr check-health: Add ABAC support for ACR registry#31065
[ACR] az acr create/update and az acr check-health: Add ABAC support for ACR registry#31065zhoxing-ms merged 16 commits intoAzure:devfrom
az acr create/update and az acr check-health: Add ABAC support for ACR registry#31065Conversation
️✔️AzureCLI-FullTest
|
|
Hi @lizMSFT, |
|
| rule | cmd_name | rule_message | suggest_message |
|---|---|---|---|
| acr check-health | cmd acr check-health added parameter repository |
||
| acr create | cmd acr create added parameter role_assignment_mode |
||
| acr update | cmd acr update added parameter role_assignment_mode |
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
microsoft-github-policy-service
bot
requested review from
wangzelin007,
yonzhan and
zhoxing-ms
microsoft-github-policy-service
bot
added
Auto-Assign
lizMSFT
changed the title
az acr create | update and az acr check-health: Add ABAC supportaz acr create | update and az acr check-health: Add ABAC support for ACR registry
| }) | ||
|
|
||
| self.cmd('acr create -g {rg} -n {name} --sku Basic --location southeastasia --role-assignment-mode rbac-abac', checks=[ | ||
| self.check('roleAssignmentMode', 'AbacRepositoryPermissions') |
There was a problem hiding this comment.
We'd better refer to RoleAssignmentMode instead of using string literals.
lizMSFT
requested review from
calvinhzy,
evelyn-ys,
jiasli,
jsntcy,
kairu-ms,
necusjz and
yanzhudd
as code owners
|
@yonzhan @zhoxing-ms This PR looks good to ACR team. Could you take a look when you have time? |
|
/azp run |
|
Azure Pipelines successfully started running 3 pipeline(s). |
|
@zhoxing-ms |
|
Hi @lizMSFT |
zhoxing-ms
modified the milestones:
May 2025 (2025-05-06),
Build 2025 (2025-05-19)❗ Breaking change release ❗
Due to the code completion date of this sprint was
|
zhoxing-ms
changed the title
az acr create | update and az acr check-health: Add ABAC support for ACR registryaz acr create/update and az acr check-health: Add ABAC support for ACR registry
Update test recordings
|
Commenter does not have sufficient privileges for PR 31065 in repo Azure/azure-cli |
|
Hello @wangzelin007 @zhoxing-ms We have fixed test failures, could you help re-run the tests, thanks. |
|
/azp run |
|
Azure Pipelines successfully started running 3 pipeline(s). |
|
I've updated the history notes to address the pull request error. @yonzhan Could you help re-run the tests, thanks. |
|
/azp run |
|
Azure Pipelines successfully started running 3 pipeline(s). |
| self.cmd('acr delete -g {rg} -n {name} --yes') | ||
|
|
||
| @ResourceGroupPreparer(name_prefix='cli_test_acrabac_') | ||
| @live_only() |
There was a problem hiding this comment.
May I ask why do you need to mark this test as live_only()?
There was a problem hiding this comment.
This test invokes some local tools (helm etc.) apart from sending ARM requests. So they cannot be executed in recording tests.
5 participants
Related command
az acr createaz acr updateaz acr check-healthDescription
These commands introduce new functionality for the ABAC feature.
History Notes
[ACR]
az acr create/update: Add a new optional parameter--role-assignment-modeto specify the role assignment mode for new or existing registries. This parameter allows customers to enable or disable Attribute-Based Access Control (ABAC)[ACR]
az acr check-health: Add a new optional parameter--repositoryto check read, write, and delete permissions for a specific repositoryTesting Guide
az acr check-health:az acr create | updateThis checklist is used to make sure that common guidelines for a pull request are followed.