Creates two new service principals for Azure Container Registry for read-write and read-only

create_azure_container_registry_service_principals.sh

#!/bin/env bash
#
# Creates two new service principals for Azure Container Registry:
# a read-only service principal and a read/write service principal.
#
# Author: Christopher Klein <ckl[dot]dreitier[dot]com>
# See: https://dreitier.com/knowledge-base/continuous-delivery-and-deployment/publish-docker-images-to-azure-container-registry-with-github-actions
#

if [ $# -ne 2 ]; then
	echo "Usage $0 <name of container registry> <service-principal-prefix>"
	exit
fi

ACR_NAME=$1
SERVICE_PRINCIPAL_PREFIX=$2
ACR_REGISTRY_ID=$(az acr show --name $ACR_NAME --query "id" --output tsv)

echo "ACR name $ACR_NAME has registry ID $ACR_REGISTRY_ID"
echo ""

function create_service_principal() {
	local suffix=$1
	local role=$2
	
	local SERVICE_PRINCIPAL="${SERVICE_PRINCIPAL_PREFIX}-${suffix}"
	echo "Creating service principal $SERVICE_PRINCIPAL with role '$role' ... "

	PASSWORD=$(az ad sp create-for-rbac --name $SERVICE_PRINCIPAL --scopes $ACR_REGISTRY_ID --role ${role} --query "password" --output tsv)
	USERNAME=$(az ad sp list --display-name $SERVICE_PRINCIPAL --query "[].appId" --output tsv)

	echo "  Service principal's client ID (username): $USERNAME"
	echo "  Service principal's client secret (password): $PASSWORD"
	echo "  Usage: docker login -u $USERNAME -p $PASSWORD"
}

create_service_principal "ro" "acrpull"
echo "---"
create_service_principal "rw" "acrpush"