has anyone with the current version succeeded in pushing an image to an ACR? the current example at https://www.pulumi.com/docs/reference/pkg/docker/image/ is out-of-date as is the one at https://www.pulumi.com/blog/build-publish-containers-iac/.

Registry

no longer has

.adminUsername

or

.adminPassword

properties. and the other method - which would be preferable, anyway - with creating a service-principal and using that performs the role assignment like this:

const spAuth = new azure.authorization.Assignment("myauth", {
    scope: registry.id,
    roleDefinitionName: "acrpush",
    principalId: sp.id,
});

but

Assignment

has changed to

RoleAssignment

and the later doesn't get a

roleDefinitionName

, but a

roleDefinitionId

. Yet there is no API to get a roleDefintionId by name or to list all role definitions so I could filter for the one with the matching name.

Does this example help? https://github.com/pulumi/examples/blob/master/azure-ts-appservice-docker/index.ts#L57-L73

I know that example, but it doesn't apply to my question. meanwhile, though, I'd be more interested in making this work with managed identities as described here because that doesn't require the app reg under which pulumi runs to be allowed to assign roles (effectively being a subscription owner). do you by any chance have a Pulumi example that mirrors what MS describes in that link? (doesn't matter which language, as long as it's Pulumi) - that would be very helpful - thanks!

succeeded in pushing an image to an ACR?

Why is this example irrelevant? (putting roles aside for a moment)

maybe my wording in the original question was not precise enough, sorry for that. my problem was solely with authorization alternatives to isAdminEnabled, not with the actual pushing