az acr supply-chain workflow
Note
This reference is part of the acrcssc extension for the Azure CLI (version 2.73.0 or higher). The extension will automatically install the first time you run an az acr supply-chain workflow command. Learn more about extensions.
Command group 'acr supply-chain' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Commands to manage acr supply chain workflows.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az acr supply-chain workflow cancel-run |
Cancel currently running supply chain workflow. |
Extension | Preview |
| az acr supply-chain workflow create |
Create acr supply chain workflow. |
Extension | Preview |
| az acr supply-chain workflow delete |
Delete acr supply chain workflow. |
Extension | Preview |
| az acr supply-chain workflow list |
List status of acr supply chain workflow images. |
Extension | Preview |
| az acr supply-chain workflow show |
Show acr supply chain workflow tasks. |
Extension | Preview |
| az acr supply-chain workflow update |
Update acr supply chain workflow. |
Extension | Preview |
az acr supply-chain workflow cancel-run
Command group 'acr supply-chain workflow' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Cancel currently running supply chain workflow.
az acr supply-chain workflow cancel-run --registry
--resource-group
--type {continuouspatchv1}Examples
Cancel currently running acr supply chain workflow scans/patch
az acr supply-chain workflow cancel-run -r $MyRegistry -g $MyResourceGroup --type continuouspatchv1Required Parameters
The name of the container registry. It should be specified in lower case. You can configure the default registry name using az configure --defaults acr=<registry name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Type of workflow task.
| Property | Value |
|---|---|
| Accepted values: | continuouspatchv1 |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az acr supply-chain workflow create
Command group 'acr supply-chain workflow' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Create acr supply chain workflow.
az acr supply-chain workflow create --config
--registry
--resource-group
--schedule
--type {continuouspatchv1}
[--dry-run {false, true}]
[--run-immediately {false, true}]Examples
Create acr supply chain workflow
az acr supply-chain workflow create -r $MyRegistry -g $MyResourceGroup --type continuouspatchv1 --schedule 1d --config path-to-config-fileRequired Parameters
Configuration file path containing the json schema for the list of repositories and tags to filter within the registry. Schema example:{"repositories":[{"repository":"alpine","tags":["tag1","tag2"],"enabled":true},{"repository":"python","tags":["*"],"enabled":false}], "version": "v1", "tag-convention": "floating"}. "tag-convention" is an optional property, values can be "incremental" (the default behavior, will increase the patch version of the tag, for example "{repository}:{original-tag}-1", "{repository}:{original-tag}-2", etc), or "floating" (will reuse the tag "{repository}:{original-tag}-patched" for patching).
The name of the container registry. It should be specified in lower case. You can configure the default registry name using az configure --defaults acr=<registry name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Schedule to run the scan and patching task. E.g. <n>d where <n> is the number of days between each run. Max value is 30d.
Type of workflow task.
| Property | Value |
|---|---|
| Accepted values: | continuouspatchv1 |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Use this flag to see the qualifying repositories and tags that would be affected by the workflow. Default value: false. 'config' parameter is mandatory to provide with dry-run.
| Property | Value |
|---|---|
| Default value: | False |
| Accepted values: | false, true |
Set this flag to trigger the immediate run of the selected workflow task. Default value: false.
| Property | Value |
|---|---|
| Default value: | False |
| Accepted values: | false, true |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az acr supply-chain workflow delete
Command group 'acr supply-chain workflow' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Delete acr supply chain workflow.
az acr supply-chain workflow delete --registry
--resource-group
--type {continuouspatchv1}
[--yes]Examples
Delete acr supply chain workflow and associated configuration files
az acr supply-chain workflow delete -r $MyRegistry -g $MyResourceGroup --type continuouspatchv1Required Parameters
The name of the container registry. It should be specified in lower case. You can configure the default registry name using az configure --defaults acr=<registry name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Type of workflow task.
| Property | Value |
|---|---|
| Accepted values: | continuouspatchv1 |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Proceed with the deletion without user confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az acr supply-chain workflow list
Command group 'acr supply-chain workflow' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
List status of acr supply chain workflow images.
az acr supply-chain workflow list --registry
--resource-group
--type {continuouspatchv1}
[--run-status {Canceled, Failed, Queued, Running, Skipped, Succeeded, Unknown}]Examples
List all acr supply chain workflow images based on the status provided
az acr supply-chain workflow list -r $MyRegistry -g $MyResourceGroup --type continuouspatchv1 --run-status FailedRequired Parameters
The name of the container registry. It should be specified in lower case. You can configure the default registry name using az configure --defaults acr=<registry name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Type of workflow task.
| Property | Value |
|---|---|
| Accepted values: | continuouspatchv1 |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Status to filter the supply-chain workflow image status.
| Property | Value |
|---|---|
| Accepted values: | Canceled, Failed, Queued, Running, Skipped, Succeeded, Unknown |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az acr supply-chain workflow show
Command group 'acr supply-chain workflow' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Show acr supply chain workflow tasks.
az acr supply-chain workflow show --registry
--resource-group
--type {continuouspatchv1}Examples
Show all acr supply chain workflow
az acr supply-chain workflow show -r $MyRegistry -g $MyResourceGroup --type continuouspatchv1Required Parameters
The name of the container registry. It should be specified in lower case. You can configure the default registry name using az configure --defaults acr=<registry name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Type of workflow task.
| Property | Value |
|---|---|
| Accepted values: | continuouspatchv1 |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az acr supply-chain workflow update
Command group 'acr supply-chain workflow' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Update acr supply chain workflow.
az acr supply-chain workflow update --registry
--resource-group
--type {continuouspatchv1}
[--config]
[--dry-run {false, true}]
[--run-immediately {false, true}]
[--schedule]Examples
Update acr supply chain workflow
az acr supply-chain workflow update -r $MyRegistry -g $MyResourceGroup --type continuouspatchv1 --schedule 1d --config path-to-config-fileRequired Parameters
The name of the container registry. It should be specified in lower case. You can configure the default registry name using az configure --defaults acr=<registry name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Type of workflow task.
| Property | Value |
|---|---|
| Accepted values: | continuouspatchv1 |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Configuration file path containing the json schema for the list of repositories and tags to filter within the registry. Schema example:{"repositories":[{"repository":"alpine","tags":["tag1","tag2"],"enabled":true},{"repository":"python","tags":["*"],"enabled":false}], "version": "v1", "tag-convention": "floating"}. "tag-convention" is an optional property, values can be "incremental" (the default behavior, will increase the patch version of the tag, for example "{repository}:{original-tag}-1", "{repository}:{original-tag}-2", etc), or "floating" (will reuse the tag "{repository}:{original-tag}-patched" for patching).
Use this flag to see the qualifying repositories and tags that would be affected by the workflow. Default value: false. 'config' parameter is mandatory to provide with dry-run.
| Property | Value |
|---|---|
| Default value: | False |
| Accepted values: | false, true |
Set this flag to trigger the immediate run of the selected workflow task. Default value: false.
| Property | Value |
|---|---|
| Default value: | False |
| Accepted values: | false, true |
Schedule to run the scan and patching task. E.g. <n>d where n is the number of days between each run. Max value is 30d.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
