[ACR] az acr create/check-name: Implement --dnlscope flag for domain name label hash

src/azure-cli-core/azure/cli/core/profiles/_shared.py

@@ -194,7 +194,7 @@ def default_api_version(self):
             'role_definitions': '2022-05-01-preview',
             'provider_operations_metadata': '2018-01-01-preview'
         }),
-        ResourceType.MGMT_CONTAINERREGISTRY: SDKProfile('2023-11-01-preview', {
+        ResourceType.MGMT_CONTAINERREGISTRY: SDKProfile('2024-11-01-preview', {
             'agent_pools': '2019-06-01-preview',
             'tasks': '2019-06-01-preview',
             'task_runs': '2019-06-01-preview',
@@ -438,6 +438,7 @@ def default_api_version(self):
         'VERSION_2021_08_01_PREVIEW': "2021-08-01-preview",
         'VERSION_2022_02_01_PREVIEW': "2022-02-01-preview",
         'VERSION_2023_11_01_PREVIEW': "2023-11-01-preview",
+        'VERSION_2024_11_01_PREVIEW': "2024-11-01-preview",
     },
     ResourceType.MGMT_CONTAINERSERVICE: {
         # src/azure-cli/azure/cli/command_modules/acs/tests/latest/test_custom.py:50

src/azure-cli/azure/cli/command_modules/acr/_params.py

@@ -73,9 +73,9 @@
 
 def load_arguments(self, _):  # pylint: disable=too-many-statements
     PasswordName, DefaultAction, PolicyStatus, WebhookAction, WebhookStatus, \
-        TokenStatus, ZoneRedundancy = self.get_models(
+        TokenStatus, ZoneRedundancy, AutoGeneratedDomainNameLabelScope = self.get_models(
             'PasswordName', 'DefaultAction', 'PolicyStatus', 'WebhookAction', 'WebhookStatus',
-            'TokenStatus', 'ZoneRedundancy')
+            'TokenStatus', 'ZoneRedundancy', 'AutoGeneratedDomainNameLabelScope')
     TaskStatus, BaseImageTriggerType, SourceRegistryLoginMode, UpdateTriggerPayloadType = self.get_models(
         'TaskStatus', 'BaseImageTriggerType', 'SourceRegistryLoginMode', 'UpdateTriggerPayloadType', operation_group='tasks')
     RunStatus = self.get_models('RunStatus', operation_group='runs')
@@ -121,6 +121,9 @@ def load_arguments(self, _):  # pylint: disable=too-many-statements
     with self.argument_context('acr create') as c:
         c.argument('allow_metadata_search', arg_type=get_three_state_flag(), is_preview=True, help="Enable or disable the metadata-search feature for the registry. If not specified, this is set to disabled by default.")
 
+    with self.argument_context('acr create') as c:
+        c.argument('dnl_scope', options_list=['--dnlscope'], help='Domain name label scope will add a hash to the end of a login server name. The resulting login server name will be in the format <registry-name>-<hash>.azurecr-io. Default is Unsecure.', is_preview=True, arg_type=get_enum_type(AutoGeneratedDomainNameLabelScope))
+
     with self.argument_context('acr update', arg_group='Network Rule') as c:
         c.argument('data_endpoint_enabled', get_three_state_flag(), help="Enable dedicated data endpoint for client firewall configuration")
 
@@ -269,6 +272,7 @@ def load_arguments(self, _):  # pylint: disable=too-many-statements
 
     with self.argument_context('acr check-name') as c:
         c.argument('registry_name', completer=None, validator=None)
+        c.argument('dnl_scope', options_list=['--dnlscope'], help='Domain name label scope will add a hash to the end of a login server name. The resulting login server name will be in the format <registry-name>-<hash>.azurecr-io. Default is Unsecure.', is_preview=True, arg_type=get_enum_type(AutoGeneratedDomainNameLabelScope))
 
     with self.argument_context('acr webhook') as c:
         c.argument('registry_name', options_list=['--registry', '-r'])

src/azure-cli/azure/cli/command_modules/acr/custom.py

@@ -26,13 +26,24 @@
 DEF_DIAG_SETTINGS_NAME_TEMPLATE = '{}-diagnostic-settings'
 SYSTEM_ASSIGNED_IDENTITY_ALIAS = '[system]'
 DENY_ACTION = 'Deny'
-
-
-def acr_check_name(client, registry_name):
-    registry = {
-        'name': registry_name,
-        'type': 'Microsoft.ContainerRegistry/registries'
-    }
+DOMAIN_NAME_LABEL_SCOPE_UNSECURE = 'Unsecure'
+DOMAIN_NAME_LABEL_SCOPE_RESOURCE_GROUP_REUSE = 'ResourceGroupReuse'
+
+
+def acr_check_name(cmd, client, registry_name, resource_group_name=None, dnl_scope=DOMAIN_NAME_LABEL_SCOPE_UNSECURE):
+    if dnl_scope.lower() == DOMAIN_NAME_LABEL_SCOPE_RESOURCE_GROUP_REUSE.lower() and resource_group_name is None:
+        raise CLIError("Resource group name is required for domain name label scope " +
+                       DOMAIN_NAME_LABEL_SCOPE_RESOURCE_GROUP_REUSE)
+    if _get_domain_name_label_scope(cmd, dnl_scope):
+        registry = {
+            'name': registry_name,
+            'type': 'Microsoft.ContainerRegistry/registries',
+            'resourceGroupName': resource_group_name,
+            "autoGeneratedDomainNameLabelScope": _get_domain_name_label_scope(cmd, dnl_scope)
+        }
+    else:
+        raise CLIError("Invalid domain name label scope. The allowed values are 'Unsecure', 'TenantReuse'," +
+                       "'SubscriptionReuse', 'ResourceGroupReuse' or 'NoReuse'.")
     return client.check_name_availability(registry)
 
 
@@ -58,7 +69,8 @@ def acr_create(cmd,
                allow_trusted_services=None,
                allow_exports=None,
                tags=None,
-               allow_metadata_search=None):
+               allow_metadata_search=None,
+               dnl_scope=None):
 
     if default_action and sku not in get_premium_sku(cmd):
         raise CLIError(NETWORK_RULE_NOT_SUPPORTED)
@@ -87,6 +99,9 @@ def acr_create(cmd,
     if allow_metadata_search is not None:
         _configure_metadata_search(cmd, registry, allow_metadata_search)
 
+    if dnl_scope is not None:
+        _configure_domain_name_label_scope(cmd, registry, dnl_scope)
+
     _handle_network_bypass(cmd, registry, allow_trusted_services)
     _handle_export_policy(cmd, registry, allow_exports)
 
@@ -630,3 +645,12 @@ def list_private_link_resources(cmd, client, registry_name, resource_group_name=
 def _configure_metadata_search(cmd, registry, enabled):
     MetadataSearch = cmd.get_models('MetadataSearch')
     registry.metadata_search = (MetadataSearch.enabled if enabled else MetadataSearch.disabled)
+
+
+def _configure_domain_name_label_scope(cmd, registry, scope):
+    registry.auto_generated_domain_name_label_scope = _get_domain_name_label_scope(cmd, scope)
+
+
+def _get_domain_name_label_scope(cmd, scope):
+    DomainNameLabelScope = cmd.get_models('AutoGeneratedDomainNameLabelScope')
+    return DomainNameLabelScope(scope).value

src/azure-cli/azure/cli/command_modules/acr/tests/.vscode/settings.json

@@ -0,0 +1,11 @@
+{
+    "python.testing.unittestArgs": [
+        "-v",
+        "-s",
+        ".",
+        "-p",
+        "test*.py"
+    ],
+    "python.testing.pytestEnabled": false,
+    "python.testing.unittestEnabled": true
+}