[ACR] az acr connected-registry create/delete/repo: sync token permissions management.

[rosanch]

Description
New repo command to add and delete repository permission to a connected registry. This command will update several scope map resources necessary for functionality and cleanup.

Create a connected registry now verifies that the parent is active and adds all the necessary repo and gateway permissions to its ancestor's sync scope maps.

Delete connected registry now removes the gateway permissions from its ancestor's sync scope map.

Testing Guide
Creating or deleting a child connected registry and verifying that its ancestors' sync scope maps were updated.

History Notes
[ACR] az acr connected-registry create: Verifies before the creation of the token and sync scope map that all ancestors are active.
[ACR] az acr connected-registry create: Adds the repository and gateway permissions required for creation to all the ancestors of the new connected registry if needed prior to the connected registry creation.
[ACR] az acr connected-registry delete: Removes the gateway permissions of the deleted resources from all its ancestors' sync scope maps.
[ACR] az acr connected-registry repo: New command to add repository permissions to a connected registry and all its ancestors' sync scope maps, and remove repository permissions from the connected registry and all its descendants' sync scope maps

---

This checklist is used to make sure that common guidelines for a pull request are followed.

• The PR title and description has followed the guideline in Submitting Pull Requests.

• I adhere to the Command Guidelines.

• I adhere to the Error Handling Guidelines.

[rosanch]

@yungezz @fengzhou-msft can you start with pr reviewed, please? I'm particularly concerned with the new command 'repo'. I'm not entirely sure if I'm properly handling the experience since. I've never seen a resource that potentially updates multiple azure resources at once.

[yungezz]

@yungezz @fengzhou-msft can you start with pr reviewed, please? I'm particularly concerned with the new command 'repo'. I'm not entirely sure if I'm properly handling the experience since. I've never seen a resource that potentially updates multiple azure resources at once.

sure, we'll review this

[fengzhou-msft]

@rosanch please also fix the style check.

[toddysm]

@rosanch Here are some updates to the Release Notes:

History Notes
[ACR] az acr connected-registry create: Verifies before the creation of the token and sync scope map that all ancestors are active.
[ACR] az acr connected-registry create: Adds the repository and gateway permissions required for creation to all the ancestors of the new connected registry if needed prior to the connected registry creation.
[ACR] az acr connected-registry delete: Removes the gateway permissions of the deleted resources from all its ancestors' sync scope maps.
[ACR] az acr connected-registry repo: New command to add repository permissions to a connected registry and all its ancestors' sync scope maps, and remove repository permissions from the connected registry and all its descendants' sync scope maps

[fengzhou-msft]

Please use verb with present-tense in base form for history notes as instructed in https://github.com/Azure/azure-cli/tree/dev/doc/authoring_command_modules#format-pr-title

The format aligns with Git recommendation (link):
The preference for present-tense, imperative-style commit messages comes from Git itself. From Documentation/SubmittingPatches in the Git repo:

Describe your changes in imperative mood, e.g. "make xyzzy do frotz" instead of "[This patch] makes xyzzy do frotz" or "[I] changed xyzzy to do frotz", as if you are giving orders to the codebase to change its behavior.