# Prerequisite
# 1) Install azure-cli
registry_name="myregistry"
task_name="mypurgetask"
cmd="acr purge --filter 'hello-world:.*' --untagged --ago 1d --dry-run"
echo "enable trusted service on registry: $registry_name"
registry_login_server=$(az acr update -n $registry_name --allow-trusted-services true --query "loginServer" -o tsv)
echo "registry login server: $registry_login_server"
echo "create task with system identity enabled: $task_name"
system_identity_principal=$(az acr task create -r $registry_name -n $task_name --cmd "$cmd" -c /dev/null --assign-identity [system] --auth-mode None --base-image-trigger-enabled false --query "identity.principalId" -o tsv)
echo "system identity principal: $system_identity_principal"
registry_resource_id=$(az acr show -n $registry_name --query "id" -o tsv)
echo "assign AcrPush role to the system ideneity for registry: $registry_resource_id"
az role assignment create --role AcrPush --assignee-object-id $system_identity_principal --assignee-principal-type ServicePrincipal --scope $registry_resource_id
echo "enable system identity login on registry: $registry_login_server"
az acr task credential add -r $registry_name -n $task_name --login-server $registry_login_server --use-identity [system]
az acr task run -r $registry_name -n $task_name
Last active
July 9, 2022 06:51
-
-
Save northtyphoon/a4f85eed1ea495a0cba9810c109da242 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment