Add OAuth support. It is need for access to Azure CR

[vikborisov]

We also forked the nokia repo and fixed the OAuth contract.

Image Updater gets support for Azure CR

[CLAassistant]

All committers have signed the CLA.

[jannfis]

Hey @vikborisov, thanks for this PR.

However, I feel that we should not move to yet another fork of docker-registry-client. Due to the staleness of both, the original repository and all of its forks, I was thinking whether to just vendor in the code or make a clone of this repository available under argoproj-labs repository.

Once this is done, please feel free to submit any changes required to make oAuth work.

[vikborisov]

@jannfis Can you make a fork and i create a PR with my changes?

[jannfis]

Me moved away from docker-registry-client to use Docker's distribution/v3 API (see #249). Chances are, that this will enable oAuth support by default.

[andloh]

Any updates on this?

[janpieper]

@andloh We're using version 0.10.1 with Azure Container Registry and it works fine so far.

registries:
  - name: youracrname
    ping: yes
    api_url: https://youracrname.azurecr.io
    prefix: youracrname.azurecr.io
    credentials: [...]

$ argocd-image-updater test --registries-conf registries.conf youracrname.azurecr.io/your-image

If this does not help you: Either we discuss your problem here or maybe create an issue 😉

[andloh]

Hi, thanks @janpieper.

What du you use for authentication? SP, MSI, Token, Access Keys etc...

Also...is it possible to use the integrated ACR -> AKS authentication? E.g the /etc/kubernetes/azure.conf

[janpieper]

What du you use for authentication? SP, MSI, Token, Access Keys etc...

Service Principal

[anthonyoride]

What du you use for authentication? SP, MSI, Token, Access Keys etc...

Service Principal

@janpieper i have been struggling with this for sometime. i'm using service principal but having authentication issues. i'm using the same ACR secret config for image pull in my deployments and it works flawlessly. but same ACR secret config doesn't work for argocd image updater. below are samples of my configs;

--ApplicationSet--

apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: my-backend-app
namespace: argocd
spec:
generators:

• list:
  elements:
  • app: auth-service
    image: myapp-auth-service
  • app: cart-service
    image: my-cart-service
    template:
    metadata:
    name: '{{app}}'
    annotations:
    argocd-image-updater.argoproj.io/image-list: image-url=myrepo.azurecr.io/{{image}}:latest
    argocd-image-updater.argoproj.io/image-url.update-strategy: digest

---Image Updater Configmap---

apiVersion: v1
data:
log.level: debug
registries.conf: |
registries:
- name: ACR
prefix: myrepo.azurecr.io
api_url: https://myrepo.azurecr.io
credentials: pullsecret:default/acr-config
kind: ConfigMap

Help will really be appreciated.