Service principals for accessing private container registry (ACR)

[ahelland]

I'm trying to setup a web app based on an image stored in Azure Container Registry by following the scenario for a private registry (https://github.com/Azure/seabreeze-preview-pr/blob/master/docs/conceptual-docs/appmodel-scenarios-private-registry.md).

It says "The production scenarios should use a service principal for container registry access, but to keep this quickstart brief, enable the admin user on your registry with the following command..." which is sort of vague as to what the current status of the service supports :) I'm trying with a service principal though. Since I can't find other parameters documented than username and password I'm using clientId and secret for those.

I would expect this to fail fairly soon if the credentials are incorrect, but instead it stays in the running state for 30 minutes before giving up on me with an error like this: Deployment failed. Correlation ID: 00802b13-9047-4722-a4cf-1d83d04822d2. { "status": "Failed", "error": { "code": "ResourceDeploymentFailure", "message": "The resource operation completed with terminal provisioning state 'Failed'." } }

So, are service principals supported? Am I using incorrect credentials?

Anything obvious I'm missing?

[benc-uk]

The only thing that works for me in imageRegistryCredential is a regular ACR admin username and password, I couldn't get service principal to work.

There's a long road ahead...

[vipul-modi]

Yes the service principals are not yet supported. We have corrected the documentation.