Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support token auth in ACR premium #4947

Open
majastrz opened this issue Oct 21, 2021 · 11 comments
Open

Support token auth in ACR premium #4947

majastrz opened this issue Oct 21, 2021 · 11 comments
Labels
enhancement New feature or request story: registry
Milestone
Committed Backlog

Comments

@majastrz
Copy link
Member

ACR premium supports authenticating via tokens: https://docs.microsoft.com/en-us/azure/container-registry/container-registry-repository-scoped-permissions. We should support that for ACR requests.
@majastrz majastrz added enhancement New feature or request story: registry labels Oct 21, 2021
@ghost ghost added the Needs: Triage 🔍 label Oct 21, 2021
@majastrz
Copy link
Member Author

Related to #4884.

@majastrz majastrz mentioned this issue Oct 21, 2021
Open
@alex-frankel alex-frankel added this to the v1.0 milestone Oct 25, 2021
@alex-frankel
Copy link
Collaborator

Will this also allow for querying a single ACR instance across tenants? So I create ACR in tenant A, but want to reference in a deployment to tenant B.

@majastrz
Copy link
Member Author

Yes, that should work. These tokens are really using Basic Authentication, so they wouldn't be tied to any AAD tenant.

@alex-frankel alex-frankel mentioned this issue Oct 29, 2021
Open
@ggirard07
Copy link

ggirard07 commented Nov 16, 2021
edited
Loading

Are there any plan to support generating the actual token credential from bicep too (password1 and password2)?
Looks like currently the only available solution is through the CLI.

In my case, I would like to then inject it as a keyvault secret or reuse it to configure other resources.

@stephaniezyen stephaniezyen moved this to Todo in Bicep Mar 24, 2022
@stephaniezyen stephaniezyen modified the milestones: v1.0, Committed Backlog Apr 27, 2022
@alex-frankel alex-frankel mentioned this issue Aug 26, 2022
Closed
@PixelRobots
Copy link

hey @alex-frankel any update one this?

@PixelRobots PixelRobots mentioned this issue May 11, 2023
Closed
@cedricbraekevelt
Copy link

@alex-frankel I'm also looking forward to this feature, to use scope maps. Since template spec doesn't work between different tenants...

@quality-leftovers
Copy link

quality-leftovers commented Nov 3, 2023
edited
Loading

+1. Bicep module restore not working for ACR in another tenant is a major hurdle if you have a dev and prod tenant (private registries for bicep are kinda useless without this IMHO)

@PixelRobots
Copy link

Hey @alex-frankel any update on token support?

@alex-frankel
Copy link
Collaborator

No major updates, but @sydkar / @majastrz are working out a plan to update the ORAS .NET client such that we can take a dependency on it instead of relying on the ACR SDK which binds us to ACR. We might know more in about a month.

@PixelRobots
Copy link

Hey, Just wondering if there is any update on this?

@quality-leftovers
Copy link

Any update?

@lumunro lumunro mentioned this issue Sep 29, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request story: registry
Projects
Bicep
Status: Todo
Milestone
Committed Backlog
Development

No branches or pull requests
7 participants
@ggirard07 @alex-frankel @majastrz @PixelRobots @cedricbraekevelt @quality-leftovers @stephaniezyen