azurermContainerRegistryTask
Manages a Container Registry Task.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
new azurerm.provider.AzurermProvider(this, "azurerm", {
features: [{}],
});
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-rg",
}
);
const azurermContainerRegistryExample =
new azurerm.containerRegistry.ContainerRegistry(this, "example_2", {
location: azurermResourceGroupExample.location,
name: "example",
resource_group_name: azurermResourceGroupExample.name,
sku: "Basic",
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermContainerRegistryExample.overrideLogicalId("example");
const azurermContainerRegistryTaskExample =
new azurerm.containerRegistryTask.ContainerRegistryTask(this, "example_3", {
container_registry_id: azurermContainerRegistryExample.id,
docker_step: [
{
context_access_token: "<github personal access token>",
context_path:
"https://github.com/<user name>/acr-build-helloworld-node#main",
dockerfile_path: "Dockerfile",
image_names: ["helloworld:{{.Run.ID}}"],
},
],
name: "example-task",
platform: [
{
os: "Linux",
},
],
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermContainerRegistryTaskExample.overrideLogicalId("example");
Arguments Reference
The following arguments are supported:
-
name
- (Required) The name which should be used for this Container Registry Task. Changing this forces a new Container Registry Task to be created. -
containerRegistryId
- (Required) The ID of the Container Registry that this Container Registry Task resides in. Changing this forces a new Container Registry Task to be created.
-
agentPoolName
- (Optional) The name of the dedicated Container Registry Agent Pool for this Container Registry Task. -
agentSetting
- (Optional) AagentSetting
block as defined below. -
enabled
- (Optional) Should this Container Registry Task be enabled? Defaults totrue
. -
identity
- (Optional) Anidentity
block as defined below. -
platform
- (Optional) Aplatform
block as defined below.
\~> NOTE: The platform
is required for non-system task (when isSystemTask
is set to false
).
-
dockerStep
- (Optional) AdockerStep
block as defined below. -
encodedStep
- (Optional) AencodedStep
block as defined below. -
fileStep
- (Optional) AfileStep
block as defined below.
\~> NOTE: For non-system task (when isSystemTask
is set to false
), one and only one of the dockerStep
, encodedStep
and fileStep
should be specified.
-
baseImageTrigger
- (Optional) AbaseImageTrigger
block as defined below. -
sourceTrigger
- (Optional) One or moresourceTrigger
blocks as defined below. -
timerTrigger
- (Optional) One or moretimerTrigger
blocks as defined below. -
isSystemTask
- (Optional) Whether this Container Registry Task is a system task. Changing this forces a new Container Registry Task to be created. Defaults tofalse
.
\~> NOTE: For system task, the name
has to be set as quicktask
. And the following properties can't be specified: dockerStep
, encodedStep
, fileStep
, platform
, baseImageTrigger
, sourceTrigger
, timerTrigger
.
-
logTemplate
- (Optional) The template that describes the run log artifact. -
registryCredential
- (Optional) OneregistryCredential
block as defined below. -
tags
- (Optional) A mapping of tags which should be assigned to the Container Registry Task. -
timeoutInSeconds
- (Optional) The timeout of this Container Registry Task in seconds. The valid range lies from 300 to 28800. Defaults to3600
.
A agentSetting
block supports the following:
cpu
- (Required) The number of cores required for the Container Registry Task.
A authentication
block supports the following:
-
token
- (Required) The access token used to access the source control provider. -
tokenType
- (Required) The type of the token. Possible values arepat
(personal access token) andoAuth
. -
expireInSeconds
- (Optional) Time in seconds that the token remains valid. -
refreshToken
- (Optional) The refresh token used to refresh the access token. -
scope
- (Optional) The scope of the access token.
A baseImageTrigger
block supports the following:
-
name
- (Required) The name which should be used for this trigger. -
type
- (Required) The type of the trigger. Possible values areall
andruntime
. -
enabled
- (Optional) Should the trigger be enabled? Defaults totrue
. -
updateTriggerEndpoint
- (Optional) The endpoint URL for receiving the trigger. -
updateTriggerPayloadType
- (Optional) Type of payload body for the trigger. Possible values aredefault
andtoken
.
A custom
block supports the following:
-
loginServer
- (Required) The login server of the custom Container Registry. -
identity
- (Optional) The managed identity assigned to this custom credential. For user assigned identity, the value is the client ID of the identity. For system assigned identity, the value is[system]
. -
password
- (Optional) The password for logging into the custom Container Registry. It can be either a plain text of password, or a Keyvault Secret ID. -
username
- (Optional) The username for logging into the custom Container Registry. It can be either a plain text of username, or a Keyvault Secret ID.
A dockerStep
block supports the following:
-
contextAccessToken
- (Required) The token (Git PAT or SAS token of storage account blob) associated with the context for this step. -
contextPath
- (Required) The URL (absolute or relative) of the source context for this step. -
dockerfilePath
- (Required) The Dockerfile path relative to the source context. -
arguments
- (Optional) Specifies a map of arguments to be used when executing this step. -
imageNames
- (Optional) Specifies a list of fully qualified image names including the repository and tag. -
cacheEnabled
- (Optional) Should the image cache be enabled? Defaults totrue
. -
pushEnabled
- (Optional) Should the image built be pushed to the registry or not? Defaults totrue
. -
secretArguments
- (Optional) Specifies a map of secret arguments to be used when executing this step. -
target
- (Optional) The name of the target build stage for the docker build.
A encodedStep
block supports the following:
-
taskContent
- (Required) The (optionally base64 encoded) content of the build template. -
contextAccessToken
- (Optional) The token (Git PAT or SAS token of storage account blob) associated with the context for this step. -
contextPath
- (Optional) The URL (absolute or relative) of the source context for this step. -
secretValues
- (Optional) Specifies a map of secret values that can be passed when running a task. -
valueContent
- (Optional) The (optionally base64 encoded) content of the build parameters. -
values
- (Optional) Specifies a map of values that can be passed when running a task.
A fileStep
block supports the following:
-
taskFilePath
- (Required) The task template file path relative to the source context. -
contextAccessToken
- (Optional) The token (Git PAT or SAS token of storage account blob) associated with the context for this step. -
contextPath
- (Optional) The URL (absolute or relative) of the source context for this step. -
secretValues
- (Optional) Specifies a map of secret values that can be passed when running a task. -
valueFilePath
- (Optional) The parameters file path relative to the source context. -
values
- (Optional) Specifies a map of values that can be passed when running a task.
An identity
block supports the following:
-
type
- (Required) Specifies the type of Managed Service Identity that should be configured on this Container Registry Task. Possible values aresystemAssigned
,userAssigned
,systemAssigned,UserAssigned
(to enable both). -
identityIds
- (Optional) Specifies a list of User Assigned Managed Identity IDs to be assigned to this Container Registry Task.
\~> NOTE: This is required when type
is set to userAssigned
or systemAssigned,UserAssigned
.
A platform
block supports the following:
-
os
- (Required) The operating system type required for the task. Possible values arewindows
andlinux
. -
architecture
- (Optional) The OS architecture. Possible values areamd64
,x86
,386
,arm
andarm64
. -
variant
- (Optional) The variant of the CPU. Possible values arev6
,v7
,v8
.
A registryCredential
block supports the following:
-
source
- (Optional) Onesource
block as defined below. -
custom
- (Optional) One or morecustom
blocks as defined above.
A source
block supports the following:
loginMode
- (Required) The login mode for the source registry. Possible values arenone
anddefault
.
A sourceTrigger
block supports the following:
-
name
- (Required) The name which should be used for this trigger. -
events
- (Required) Specifies a list of source events corresponding to the trigger. Possible values arecommit
andpullrequest
. -
repositoryUrl
- (Required) The full URL to the source code repository. -
sourceType
- (Required) The type of the source control service. Possible values aregithub
andvisualStudioTeamService
. -
authentication
- (Optional) Aauthentication
block as defined above. -
branch
- (Optional) The branch name of the source code. -
enabled
- (Optional) Should the trigger be enabled? Defaults totrue
.
A timerTrigger
block supports the following:
-
name
- (Required) The name which should be used for this trigger. -
schedule
- (Required) The CRON expression for the task schedule. -
enabled
- (Optional) Should the trigger be enabled? Defaults totrue
.
Attributes Reference
In addition to the Arguments listed above - the following Attributes are exported:
-
id
- The ID of the Container Registry Task. -
identity
- Anidentity
block as defined below.
An identity
block exports the following:
-
principalId
- The Principal ID associated with this Managed Service Identity. -
tenantId
- The Tenant ID associated with this Managed Service Identity.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the Container Registry Task.read
- (Defaults to 5 minutes) Used when retrieving the Container Registry Task.update
- (Defaults to 30 minutes) Used when updating the Container Registry Task.delete
- (Defaults to 30 minutes) Used when deleting the Container Registry Task.
Import
Container Registry Tasks can be imported using the resourceId
, e.g.