acr
'Comprehensive Azure Container Registry (ACR) knowledge skill. Use when users ask about: container registries, ACR authentication, private endpoints, geo-replication, ACR Tasks, image signing (Notation), artifact cache, connected registry, vulnerability scanning, customer-managed keys, RBAC, network security, artifact streaming, Helm charts in ACR, ORAS, or any Azure container registry feature. Triggers: "ACR", "container registry", "azurecr.io", "az acr", "docker push/pull to Azure", "registry authentication", "private registry", "geo-replicated registry", "image signing", "Notation", "Ratify".'
Resources
2Install
npx skillscat add johnsonshi/acr-skills/acr Install via the SkillsCat registry.
Azure Container Registry (ACR) Skill
Comprehensive knowledge for Azure Container Registry - Microsoft's managed container registry service.
Quick Reference
Service Tiers
| SKU | Included Storage | Max Capacity | Key Features |
|---|---|---|---|
| Basic | 10 GiB | 40 TiB | Webhooks (2), zone redundancy |
| Standard | 100 GiB | 40 TiB | Webhooks (10), anonymous pull |
| Premium | 500 GiB | 40 TiB | Geo-replication, private endpoints, CMK, connected registry, artifact streaming |
Note: All tiers support up to 40 TiB max storage capacity. Included storage is what's covered by the base price; additional storage is charged per-GiB.
Common Commands
# Login
az acr login --name myregistry
# Build and push
az acr build --registry myregistry --image myapp:v1 .
# List repositories
az acr repository list --name myregistry
# Import image
az acr import --name myregistry --source docker.io/library/nginx:latest --image nginx:latestFeature Area Navigation
Route to specific feature documentation based on the user's question:
Authentication & Access
| Feature | Folder | Topics |
|---|---|---|
| Authentication | authentication/ |
Entra ID, service principals, managed identity, tokens, OAuth |
| RBAC & Authorization | rbac-authorization/ |
Built-in roles, ABAC, custom roles, scope maps |
Networking & Security
| Feature | Folder | Topics |
|---|---|---|
| Private Endpoints | private-endpoints/ |
Private Link, DNS configuration, NSG rules |
| Network Security | network-security/ |
Firewall rules, service endpoints, service tags |
| Data Loss Prevention | data-loss-prevention/ |
Export policy, exfiltration prevention |
| Dedicated Data Endpoints | dedicated-data-endpoints/ |
Regional data endpoints |
High Availability
| Feature | Folder | Topics |
|---|---|---|
| Geo-Replication | geo-replication/ |
Multi-region, traffic routing, failover |
| Zone Redundancy | zone-redundancy/ |
Availability zones |
Build & Automation
| Feature | Folder | Topics |
|---|---|---|
| ACR Tasks | acr-tasks/ |
Automated builds, YAML, triggers |
| Task Agent Pools | task-agent-pools/ |
Dedicated compute, VNet integration |
Security & Trust
| Feature | Folder | Topics |
|---|---|---|
| Content Trust & Signing | content-trust-signing/ |
Notation, DCT, Ratify verification |
| Vulnerability Scanning | vulnerability-scanning/ |
Defender, quarantine |
| Customer-Managed Keys | customer-managed-keys/ |
Key Vault, encryption, rotation |
| Continuous Patching | continuous-patching/ |
Trivy + Copa, automated OS patching |
Image & Artifact Operations
| Feature | Folder | Topics |
|---|---|---|
| Image Management | image-management/ |
Import, delete, lock, tag, multi-arch |
| Artifact Cache | artifact-cache/ |
Pull-through cache, cache rules |
| Artifact Streaming | artifact-streaming/ |
Lazy loading for AKS |
| OCI Artifacts | oci-artifacts/ |
Helm, ORAS, SBOMs |
Edge & Air-Gapped
| Feature | Folder | Topics |
|---|---|---|
| Connected Registry | connected-registry/ |
Edge, Azure Arc, IoT |
| ACR Transfer | acr-transfer/ |
Air-gapped pipelines |
Lifecycle & Observability
| Feature | Folder | Topics |
|---|---|---|
| Soft Delete & Retention | soft-delete-retention/ |
Recovery, purge, lifecycle |
| Webhooks | webhooks/ |
Event notifications |
| Event Grid | event-grid/ |
Event Grid integration |
| Monitoring & Diagnostics | monitoring-diagnostics/ |
Azure Monitor, health |
| SKUs & Service Tiers | skus-tiers/ |
Tier comparison, limits |
Key Concepts
- Registry: Container for repositories (e.g.,
myregistry.azurecr.io) - Repository: Collection of related images (e.g.,
myapp) - Tag: Mutable label (e.g.,
v1,latest) - Digest: Immutable SHA-256 hash (e.g.,
sha256:abc123...) - Manifest: JSON describing image layers and configuration
Source Documentation
Investigation Reports
investigation-reports/repository-layout/- Repository structure analysisinvestigation-reports/feature-overview/- Feature taxonomy and mappinginvestigation-reports/feature-in-depth/- Detailed per-feature research
Submodules
submodules/azure-management-docs/articles/container-registry/- MS Learn documentationsubmodules/acr/- Azure/acr GitHub repository with preview features and samples
Install
npx skillscat add johnsonshi/acr-skills/acr Install via the SkillsCat registry.