Open stfnzl opened 7 months ago
My current workaround:
import { ContainerRegistryManagementClient } from "@azure/arm-containerregistry";
import { GetTokenOptions, AccessToken } from "@azure/identity";
const generatePassword = (
token: azure.containerregistry.Token
): pulumi.Output<string> => {
if (pulumi.runtime.isDryRun()) {
return pulumi.Output.create("1337");
}
return token.id.apply(async (tokenId) => {
const clientConfig = await azure.authorization.getClientConfig();
const clientToken = await azure.authorization.getClientToken();
const credential = {
getToken: async (
scopes: string | string[],
options?: GetTokenOptions
): Promise<AccessToken | null> => ({
token: clientToken.token,
expiresOnTimestamp: Date.now() + 3600 * 1000,
}),
};
const client = new ContainerRegistryManagementClient(
credential,
clientConfig.subscriptionId
);
const credentials = await client.registries.beginGenerateCredentialsAndWait(
containerRegistryResourceGroupName,
containerRegistryName,
{
tokenId,
}
);
return credentials!.passwords!.at(0)!.value!;
});
};
Thanks for suggesting this @stfnzl and for sharing your workaround.
Hello!
Issue details
With
containerregistry.Token
we are able to create the token object but we do not have the possibility of generating the password. We would need a new resource type, which would be the equivalent ofazurerm_container_registry_token_password
.Something like https://github.com/hashicorp/terraform-provider-azurerm/issues/12810