states.azurerm.containerregistry.task

Azure Resource Manager (ARM) Container Registry Task State Module

New in version 3.0.0.

Changed in version 4.0.0.

maintainer:

<devops@eitr.tech>
configuration:

This module requires Azure Resource Manager credentials to be passed via acct. Note that the authentication parameters are case sensitive.

Required provider parameters:

if using username and password:
  • subscription_id
  • username
  • password
if using a service principal:
  • subscription_id
  • tenant
  • client_id
  • secret

Optional provider parameters:

cloud_environment: Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:

  • AZURE_PUBLIC_CLOUD (default)
  • AZURE_CHINA_CLOUD
  • AZURE_US_GOV_CLOUD
  • AZURE_GERMAN_CLOUD

Example configuration for Azure Resource Manager authentication:

azurerm:
    default:
        subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
        tenant: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
        client_id: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
        secret: XXXXXXXXXXXXXXXXXXXXXXXX
        cloud_environment: AZURE_PUBLIC_CLOUD
    user_pass_auth:
        subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
        username: fletch
        password: 123pass

The authentication parameters can also be passed as a dictionary of keyword arguments to the connection_auth parameter of each state, but this is not preferred and could be deprecated in the future.
idem_azurerm.states.azurerm.containerregistry.task.absent(hub, ctx, name, registry_name, resource_group, connection_auth=None, **kwargs)

New in version 3.0.0.

Ensure a task does not exist in a container registry.

Parameters:
  • name – Name of the task.
  • registry_name – The name of the container registry.
  • resource_group – The name of the resource group to which the container registry belongs.
 
Ensure container registry task is absent:
    azurerm.containerregistry.task.absent:
        - name: testtask
        - registry_name: testrepo
        - resource_group: testgroup
idem_azurerm.states.azurerm.containerregistry.task.present(hub, ctx, name, registry_name, resource_group, task_type, platform_os, platform_arch, platform_variant=None, context_path=None, context_access_token=None, task_file_path=None, image_names=None, is_push_enabled=None, no_cache=None, target=None, encoded_task_content=None, encoded_values_content=None, values_file_path=None, values_dict=None, agent_num_cores=None, status=None, trigger=None, timeout=None, credential_login_mode=None, credential_login_server=None, credential_username=None, credential_password=None, identity_principal_id=None, identity_tenant_id=None, identity_type=None, user_assigned_identities=None, tags=None, connection_auth=None, **kwargs)

New in version 3.0.0.

Changed in version 4.0.0.

Ensure a container registry task exists.

Parameters:
  • name – The name of the task.
  • registry_name – The name of the container registry.
  • resource_group – The name of the resource group to which the container registry belongs.
  • task_type – The type of task to be scheduled. Must be ‘DockerBuildStep’, ‘EncodedTaskStep’, or ‘FileTaskStep’.
  • platform_os – The platform OS property against which the task has to happen. Accepts ‘Windows’ or ‘Linux’.
  • platform_arch – The platform architecture property against which the task has to happen. Accepts ‘amd64’, ‘x86’, or ‘arm’.
  • platform_variant – The platform CPU variant property against which the run has to happen. Accepts ‘v6’, ‘v7’, or ‘v8’.
  • context_path – (DockerBuildStep, EncodedTaskStep, FileTaskStep) The URL(absolute or relative) of the source context for the task step. The build context for the step of the task should be a well formed absolute URI or there should be only one source trigger for the task.
  • context_access_token – (DockerBuildStep, EncodedTaskStep, FileTaskStep) The token (git PAT or SAS token of storage account blob) associated with the context for a step.
  • task_file_path – (DockerBuildStep, FileTaskStep REQUIRED) The template/definition file path relative to the source.
  • image_names – (DockerBuildStep) A list of strings containing the fully qualified image names including the repository and tag.
  • is_push_enabled – (DockerBuildStep) The value of this property indicates whether the image built should be pushed to the registry or not. SDK default value: True.
  • no_cache – (DockerBuildStep) The value of this property indicates whether the image cache is enabled or not. SDK default value: False.
  • target – (DockerBuildStep) The name of the target build stage for the docker build.
  • encoded_task_content – (EncodedTaskStep REQUIRED) Base64 encoded value of the template/definition file content.
  • encoded_values_content – (EncodedTaskStep) Base64 encoded value of the parameters/values file content.
  • values_file_path – (FileTaskStep) The values/parameters file path relative to the source context.
  • values_dict – The collection of overridable values or arguments that can be passed when running a task. This is a list of dictionaries containing the following keys: ‘name’, ‘value’, and ‘is_secret’
  • agent_num_cores – The CPU configuration in terms of number of cores required for the run.
  • trigger – The properties that describe all triggers for the task. This is a dictionary containing trigger information as described in the documentation for the Azure Python SDK.
  • status – The current status of task. Possible values include: ‘Disabled’, ‘Enabled’.
  • timeout – Run timeout in seconds. Default value: 3600.
  • credential_login_mode – The authentication mode which determines the source registry login scope. The credentials for the source registry will be generated using the given scope. These credentials will be used to login to the source registry during the run. Possible values include: ‘None’, ‘Default’.
  • credential_login_server – Describes the registry login server (myregistry.azurecr.io) for accessing other custom registries.
  • credential_username – Username for accessing the registry defined in credential_login_server.
  • credential_password – Password for accessing the registry defined in credential_login_server.
  • identity_principal_id – The principal ID of resource identity.
  • identity_tenant_id – The tenant ID of resource.
  • identity_type – The identity type. Possible values include: ‘SystemAssigned’, ‘UserAssigned’.
  • user_assigned_identities – The list of user identities associated with the resource. The user identity dictionary key references will be ARM resource ids in the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}.
  • tags – A dictionary of strings can be passed as tag metadata to the object.

Example usage:

Ensure container registry task exists:
    azurerm.containerregistry.task.present:
        - name: testtask
        - registry_name: testrepo
        - resource_group: testgroup
        - task_type: DockerBuildStep
        - platform_os: Linux
        - platform_arch: amd64
        - context_path: "https://github.com/Azure-Samples/acr-build-helloworld-node"
        - task_file_path: Dockerfile
        - image_names:
            - "testrepo:helloworldnode"
        - tags:
            how_awesome: very
            contact_name: Elmer Fudd Gantry