azure-container-registry

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Azure Container Registry Skill

Azure Container Registry 技能

This skill provides expert guidance for Azure Container Registry. Covers troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.

本技能为Azure Container Registry提供专业指导，涵盖故障排除、最佳实践、决策制定、架构与设计模式、限制与配额、安全、配置、集成与编码模式以及部署。它结合了本地快速参考内容与远程文档获取能力。

How to Use This Skill

如何使用本技能

IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g.,
L35-L120
), use
read_file
with the specified lines. For categories with file links (e.g.,
[security.md](security.md)
), use
read_file
on the linked reference file

IMPORTANT for Agent: If
metadata.generated_at
is more than 3 months old, suggest the user pull the latest version from the repository. If
mcp_microsoftdocs
tools are not available, suggest the user install it: Installation Guide

This skill requires network access to fetch documentation content:

Preferred: Use

mcp_microsoftdocs:microsoft_docs_fetch

with query string

from=learn-agent-skill

. Returns Markdown.

Fallback: Use

fetch_webpage

with query string

from=learn-agent-skill&accept=text/markdown

. Returns Markdown.

Agent 重要提示：使用下方的分类索引定位相关章节。对于带有行范围的分类（如
L35-L120
），使用
read_file
读取指定行。对于带有文件链接的分类（如
[security.md](security.md)
），使用
read_file
读取链接的参考文件

Agent 重要提示：如果
metadata.generated_at
已超过3个月，建议用户从仓库拉取最新版本。如果
mcp_microsoftdocs
工具不可用，建议用户安装：安装指南

本技能需要网络访问权限来获取文档内容：

首选方式：使用
```
mcp_microsoftdocs:microsoft_docs_fetch
```
，查询字符串为
```
from=learn-agent-skill
```
，返回Markdown格式内容。
备用方式：使用
```
fetch_webpage
```
，查询字符串为
```
from=learn-agent-skill&accept=text/markdown
```
，返回Markdown格式内容。

Category Index

分类索引

Category	Lines	Description
Troubleshooting	L37-L52	Diagnosing and fixing ACR issues: health checks, error codes, login/auth, network and performance problems, transfer/streaming/cache failures, logs, Arc/connected registry, and CMK encryption.
Best Practices	L53-L60	Best practices for ACR operations: managing public image dependencies, safe image deletion and storage cleanup, and robust image tagging/versioning strategies.
Decision Making	L61-L66	Guidance on choosing Kubernetes auth methods (managed identity, service principals, workload identity) for ACR and migrating image signing from Docker Content Trust to Notary Project.
Architecture & Design Patterns	L67-L74	Patterns for ACR performance and governance: caching image pulls, geo-replication strategies, connected registries for edge/offline, and gated import workflows for public images.
Limits & Quotas	L75-L80	ACR SKU comparisons, throughput and request limits, and how image/storage capacity, retention, and performance quotas work across registry tiers.
Security	L81-L120	Securing ACR with auth, RBAC/ABAC, network controls, encryption, image signing/verification, policies, Defender scans, and managed identity/Key Vault integration.
Configuration	L121-L138	Configuring ACR behavior: caching, purge/retention/soft delete, delete locks, webhooks, metrics/logs, and defining/scheduling multi-step ACR Tasks with YAML and agent pools.
Integrations & Coding Patterns	L139-L154	How to integrate ACR with ACI, AKS, Helm, ORAS, Buildpacks, ACR Transfer, GitHub Actions, Notation, Key Vault, and webhooks for image access, builds, signing, and automation
Deployment	L155-L160	Using ARM templates to automate ACR quick tasks and data transfer, and deploying/managing ACR connected registries via Azure Arc extension

分类	行号	描述
故障排除	L37-L52	诊断并修复ACR问题：健康检查、错误代码、登录/认证、网络与性能问题、传输/流式处理/缓存故障、日志、Arc/连接注册表以及CMK加密。
最佳实践	L53-L60	ACR操作的最佳实践：管理公共镜像依赖项、安全删除镜像与清理存储、以及可靠的镜像标记/版本控制策略。
决策制定	L61-L66	为ACR选择Kubernetes认证方法（托管身份、服务主体、工作负载身份），以及将镜像签名从Docker Content Trust迁移到Notary Project的指导。
架构与设计模式	L67-L74	提升ACR性能与治理的模式：缓存镜像拉取、异地复制策略、边缘/离线场景的连接注册表、以及公共镜像的 gated 导入工作流。
限制与配额	L75-L80	ACR SKU对比、吞吐量与请求限制，以及不同注册表层级下镜像/存储容量、保留期和性能配额的工作机制。
安全	L81-L120	通过认证、RBAC/ABAC、网络控制、加密、镜像签名/验证、策略、Defender扫描以及托管身份/Key Vault集成来保护ACR。
配置	L121-L138	配置ACR行为：缓存、清理/保留/软删除、删除锁定、Webhook、指标/日志，以及使用YAML和代理池定义与调度多步骤ACR Tasks。
集成与编码模式	L139-L154	如何将ACR与ACI、AKS、Helm、ORAS、Buildpacks、ACR Transfer、GitHub Actions、Notation、Key Vault和Webhook集成，以实现镜像访问、构建、签名与自动化
部署	L155-L160	使用ARM模板自动化ACR快速任务与数据传输，以及通过Azure Arc扩展部署/管理ACR连接注册表

Troubleshooting

故障排除

Topic	URL
Run az acr check-health for quick ACR diagnostics	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-check-health
Azure Container Registry FAQ and known issues	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-faq
Interpret az acr check-health error codes and fixes	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-health-error-reference
View and manage Azure Container Registry task run logs	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-logs
Troubleshoot Azure Container Registry Transfer failures	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-transfer-troubleshooting
Troubleshoot Azure Container Registry network connectivity	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-troubleshoot-access
Troubleshoot ACR login, authentication, and authorization issues	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-troubleshoot-login-authn-authz
Troubleshoot Azure Container Registry performance problems	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-troubleshoot-performance
Troubleshoot Azure Container Registry artifact cache issues	https://learn.microsoft.com/en-us/azure/container-registry/troubleshoot-artifact-cache
Diagnose and fix Azure Container Registry artifact streaming issues	https://learn.microsoft.com/en-us/azure/container-registry/troubleshoot-artifact-streaming
Troubleshoot connected registry Arc extension issues	https://learn.microsoft.com/en-us/azure/container-registry/troubleshoot-connected-registry-arc
Troubleshoot customer-managed key issues in ACR	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-troubleshoot-customer-managed-keys

主题	URL
使用az acr check-health进行快速ACR诊断	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-check-health
Azure Container Registry常见问题与已知问题	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-faq
解读az acr check-health错误代码与修复方法	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-health-error-reference
查看与管理Azure Container Registry任务运行日志	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-logs
排查Azure Container Registry Transfer故障	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-transfer-troubleshooting
排查Azure Container Registry网络连接问题	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-troubleshoot-access
排查ACR登录、认证与授权问题	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-troubleshoot-login-authn-authz
排查Azure Container Registry性能问题	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-troubleshoot-performance
排查Azure Container Registry制品缓存问题	https://learn.microsoft.com/en-us/azure/container-registry/troubleshoot-artifact-cache
诊断并修复Azure Container Registry制品流式处理问题	https://learn.microsoft.com/en-us/azure/container-registry/troubleshoot-artifact-streaming
排查连接注册表Arc扩展问题	https://learn.microsoft.com/en-us/azure/container-registry/troubleshoot-connected-registry-arc
排查ACR中的客户管理密钥问题	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-troubleshoot-customer-managed-keys

Best Practices

最佳实践

Topic	URL
Manage public image dependencies using ACR	https://learn.microsoft.com/en-us/azure/container-registry/buffer-gate-public-content
Follow operational best practices for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-best-practices
Delete ACR images safely to manage registry storage	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-delete
Apply image tagging and versioning best practices in ACR	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-image-tag-version

主题	URL
使用ACR管理公共镜像依赖项	https://learn.microsoft.com/en-us/azure/container-registry/buffer-gate-public-content
遵循Azure Container Registry的操作最佳实践	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-best-practices
安全删除ACR镜像以管理注册表存储	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-delete
在ACR中应用镜像标记与版本控制最佳实践	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-image-tag-version

Decision Making

决策制定

Topic	URL
Select Kubernetes authentication options for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/authenticate-kubernetes-options
Migrate ACR signing from DCT to Notary Project	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-content-trust-deprecation

主题	URL
为Azure Container Registry选择Kubernetes认证选项	https://learn.microsoft.com/en-us/azure/container-registry/authenticate-kubernetes-options
将ACR签名从DCT迁移到Notary Project	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-content-trust-deprecation

Architecture & Design Patterns

架构与设计模式

Topic	URL
Optimize image pulls with ACR artifact cache	https://learn.microsoft.com/en-us/azure/container-registry/artifact-cache-overview
Use geo-replication patterns with Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-geo-replication
Design and use connected registries with ACR	https://learn.microsoft.com/en-us/azure/container-registry/intro-connected-registry
Implement gated import workflow for public images in ACR	https://learn.microsoft.com/en-us/azure/container-registry/tasks-consume-public-content

主题	URL
使用ACR制品缓存优化镜像拉取	https://learn.microsoft.com/en-us/azure/container-registry/artifact-cache-overview
使用Azure Container Registry的异地复制模式	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-geo-replication
设计并使用ACR的连接注册表	https://learn.microsoft.com/en-us/azure/container-registry/intro-connected-registry
在ACR中实现公共镜像的 gated 导入工作流	https://learn.microsoft.com/en-us/azure/container-registry/tasks-consume-public-content

Limits & Quotas

限制与配额

Topic	URL
Compare Azure Container Registry SKUs and limits	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-skus
Understand storage features and limits in ACR	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-storage

主题	URL
对比Azure Container Registry的SKU与限制	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-skus
了解ACR中的存储功能与限制	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-storage

Security

安全

Topic	URL
Allow trusted Azure services to access network-restricted ACR	https://learn.microsoft.com/en-us/azure/container-registry/allow-access-trusted-services
Enable anonymous pull access for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/anonymous-pull-access
Configure cross-tenant AKS authentication to Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/authenticate-aks-cross-tenant
Restrict Azure Container Registry public access by IP rules	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-access-selected-networks
Use Microsoft Entra service principals to access ACR	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal
Choose and configure authentication methods for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication
Configure managed identity authentication to Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication-managed-identity
Use Azure Policy to audit ACR compliance	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-azure-policy
Configure Microsoft Entra Conditional Access policies for ACR	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-configure-conditional-access
Enable Docker Content Trust for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-content-trust
Use dedicated data endpoints to mitigate ACR data exfiltration	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-dedicated-data-endpoints
Control accepted Microsoft Entra auth scopes for ACR	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-disable-authentication-as-arm
Configure firewall rules to allow access to Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-firewall-access-rules
Configure Private Link private endpoints for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-private-link
Use Azure ABAC for fine-grained ACR repository permissions	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-rbac-abac-repository-permissions
Reference for Azure Container Registry built-in RBAC roles	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-rbac-built-in-roles-directory-reference
Understand and assign Azure Container Registry built-in Entra roles	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-rbac-built-in-roles-overview
Create and assign custom RBAC roles for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-rbac-custom-roles
Use Azure Container Registry service tags for network rules	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-service-tag
Access Key Vault secrets from ACR Tasks via managed identity	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-authentication-key-vault
Configure managed identity for ACR Tasks	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-authentication-managed-identity
Use managed identity for cross-registry auth in ACR Tasks	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-cross-registry-authentication
Configure token-based repository permissions in Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-token-based-repository-permissions
Sign ACR images with CA certs via Key Vault	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-sign-trusted-ca
Enforce AKS image signature verification with Ratify	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-verify-with-ratify-aks
Restrict ACR access with virtual network service endpoints	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-vnet
Disable artifact export to prevent ACR data exfiltration	https://learn.microsoft.com/en-us/azure/container-registry/data-loss-prevention
Manage ACR Tasks network bypass policy with trusted services	https://learn.microsoft.com/en-us/azure/container-registry/manage-network-bypass-policy-for-tasks
Reference of built-in Azure Policy definitions for ACR	https://learn.microsoft.com/en-us/azure/container-registry/policy-reference
Configure client tokens to pull from connected registries	https://learn.microsoft.com/en-us/azure/container-registry/pull-images-from-connected-registry
Scan ACR images with Microsoft Defender for Cloud	https://learn.microsoft.com/en-us/azure/container-registry/scan-images-defender
Apply Azure Policy compliance controls to ACR	https://learn.microsoft.com/en-us/azure/container-registry/security-controls-policy
Secure connected registry Arc extension deployments	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-connected-registry-arc
Configure customer-managed encryption keys for ACR	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-customer-managed-keys
Enable customer-managed keys on Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-enable-customer-managed-keys
Rotate and revoke customer-managed keys for ACR	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-rotate-revoke-customer-managed-keys

主题	URL
允许受信任的Azure服务访问受网络限制的ACR	https://learn.microsoft.com/en-us/azure/container-registry/allow-access-trusted-services
为Azure Container Registry启用匿名拉取访问	https://learn.microsoft.com/en-us/azure/container-registry/anonymous-pull-access
配置跨租户AKS对Azure Container Registry的认证	https://learn.microsoft.com/en-us/azure/container-registry/authenticate-aks-cross-tenant
通过IP规则限制Azure Container Registry的公共访问	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-access-selected-networks
使用Microsoft Entra服务主体访问ACR	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal
选择并配置Azure Container Registry的认证方法	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication
配置对Azure Container Registry的托管身份认证	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication-managed-identity
使用Azure Policy审计ACR合规性	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-azure-policy
为ACR配置Microsoft Entra条件访问策略	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-configure-conditional-access
为Azure Container Registry启用Docker Content Trust	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-content-trust
使用专用数据端点缓解ACR数据泄露	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-dedicated-data-endpoints
控制ACR接受的Microsoft Entra认证范围	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-disable-authentication-as-arm
配置防火墙规则以允许访问Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-firewall-access-rules
为Azure Container Registry配置Private Link专用端点	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-private-link
使用Azure ABAC实现ACR仓库的细粒度权限	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-rbac-abac-repository-permissions
Azure Container Registry内置RBAC角色参考	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-rbac-built-in-roles-directory-reference
了解并分配Azure Container Registry内置Entra角色	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-rbac-built-in-roles-overview
为Azure Container Registry创建并分配自定义RBAC角色	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-rbac-custom-roles
使用Azure Container Registry服务标签配置网络规则	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-service-tag
通过托管身份从ACR Tasks访问Key Vault机密	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-authentication-key-vault
为ACR Tasks配置托管身份	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-authentication-managed-identity
在ACR Tasks中使用托管身份进行跨注册表认证	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-cross-registry-authentication
在Azure Container Registry中配置基于令牌的仓库权限	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-token-based-repository-permissions
通过Key Vault使用CA证书签名ACR镜像	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-sign-trusted-ca
使用Ratify强制AKS镜像签名验证	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-verify-with-ratify-aks
使用虚拟网络服务端点限制ACR访问	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-vnet
禁用制品导出以防止ACR数据泄露	https://learn.microsoft.com/en-us/azure/container-registry/data-loss-prevention
使用受信任服务管理ACR Tasks网络绕过策略	https://learn.microsoft.com/en-us/azure/container-registry/manage-network-bypass-policy-for-tasks
ACR的内置Azure Policy定义参考	https://learn.microsoft.com/en-us/azure/container-registry/policy-reference
配置客户端令牌以从连接注册表拉取镜像	https://learn.microsoft.com/en-us/azure/container-registry/pull-images-from-connected-registry
使用Microsoft Defender for Cloud扫描ACR镜像	https://learn.microsoft.com/en-us/azure/container-registry/scan-images-defender
为ACR应用Azure Policy合规控制	https://learn.microsoft.com/en-us/azure/container-registry/security-controls-policy
保护连接注册表Arc扩展部署	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-connected-registry-arc
为ACR配置客户管理的加密密钥	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-customer-managed-keys
在Azure Container Registry上启用客户管理的密钥	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-enable-customer-managed-keys
轮换与吊销ACR的客户管理密钥	https://learn.microsoft.com/en-us/azure/container-registry/tutorial-rotate-revoke-customer-managed-keys

Configuration

配置

Topic	URL
Configure artifact cache in ACR using Azure CLI	https://learn.microsoft.com/en-us/azure/container-registry/artifact-cache-cli
Configure and schedule ACR purge for tags and manifests	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auto-purge
Configure delete locks on ACR images and repositories	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-image-lock
Configure retention policy for untagged ACR manifests	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-retention-policy
Enable and configure ACR soft delete retention policy	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-soft-delete-policy
Use multi-step ACR Tasks to build, test, and patch images	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-multi-step
YAML schema reference for Azure Container Registry Tasks	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-reference-yaml
Schedule Azure Container Registry Tasks with timers	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-scheduled
Configure multi-step ACR Tasks for build workflows	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-multistep-task
Webhook payload schema for Azure Container Registry events	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-webhook-reference
Configure continuous patching for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/how-to-continuous-patching
Monitoring metrics and logs reference for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/monitor-container-registry-reference
Configure dedicated agent pools for ACR Tasks	https://learn.microsoft.com/en-us/azure/container-registry/tasks-agent-pools
Configure wildcard cache rules for Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/wildcards-artifact-cache

主题	URL
使用Azure CLI配置ACR中的制品缓存	https://learn.microsoft.com/en-us/azure/container-registry/artifact-cache-cli
配置并调度ACR清理任务以删除标签与清单	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auto-purge
配置ACR镜像与仓库的删除锁定	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-image-lock
配置未标记ACR清单的保留策略	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-retention-policy
启用并配置ACR软删除保留策略	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-soft-delete-policy
使用多步骤ACR Tasks构建、测试与修补镜像	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-multi-step
Azure Container Registry Tasks的YAML架构参考	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-reference-yaml
使用计时器调度Azure Container Registry Tasks	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-scheduled
配置多步骤ACR Tasks以实现构建工作流	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-multistep-task
Azure Container Registry事件的Webhook负载架构	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-webhook-reference
为Azure Container Registry配置持续修补	https://learn.microsoft.com/en-us/azure/container-registry/how-to-continuous-patching
Azure Container Registry的监控指标与日志参考	https://learn.microsoft.com/en-us/azure/container-registry/monitor-container-registry-reference
为ACR Tasks配置专用代理池	https://learn.microsoft.com/en-us/azure/container-registry/tasks-agent-pools
为Azure Container Registry配置通配符缓存规则	https://learn.microsoft.com/en-us/azure/container-registry/wildcards-artifact-cache

Integrations & Coding Patterns

集成与编码模式

Topic	URL
Grant Azure Container Instances access to ACR with service principals	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-aci
Create Kubernetes pull secrets for Azure Container Registry access	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-kubernetes
Host and manage Helm chart repositories in ACR	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-helm-repos
Import container images into ACR using Azure APIs	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-import-images
Manage OCI and supply chain artifacts in ACR with ORAS	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-manage-artifact
Build images with Buildpacks using az acr pack build	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-pack-build
Use ACR Transfer with Azure CLI extension	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-transfer-cli
Build, push, and sign ACR images in GitHub Actions with Notation	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-github-sign-notation-artifact-signing
Verify signed ACR images in GitHub Actions workflows	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-github-verify-notation-artifact-signing
Sign ACR images with Notation using Azure Key Vault certificates	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-sign-build-push
Sign and verify ACR images using Notation and Artifact Signing	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-sign-verify-notation-artifact-signing
Configure ACR webhooks for registry event notifications	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-webhook

主题	URL
使用服务主体授予Azure Container Instances访问ACR的权限	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-aci
创建Kubernetes拉取密钥以访问Azure Container Registry	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-kubernetes
在ACR中托管与管理Helm图表仓库	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-helm-repos
使用Azure API将容器镜像导入ACR	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-import-images
使用ORAS在ACR中管理OCI与供应链制品	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-manage-artifact
使用az acr pack build通过Buildpacks构建镜像	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tasks-pack-build
使用Azure CLI扩展使用ACR Transfer	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-transfer-cli
在GitHub Actions中使用Notation构建、推送并签名ACR镜像	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-github-sign-notation-artifact-signing
在GitHub Actions工作流中验证已签名的ACR镜像	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-github-verify-notation-artifact-signing
使用Azure Key Vault证书通过Notation签名ACR镜像	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-sign-build-push
使用Notation与制品签名对ACR镜像进行签名与验证	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-sign-verify-notation-artifact-signing
配置ACR Webhook以接收注册表事件通知	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-webhook

Deployment

部署

Topic	URL
Queue ACR quick task runs with ARM templates	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-task-run-template
Automate ACR Transfer using ARM templates	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-transfer-arm-template
Deploy the ACR connected registry Arc extension	https://learn.microsoft.com/en-us/azure/container-registry/quickstart-connected-registry-arc-cli

主题	URL
使用ARM模板排队ACR快速任务运行	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-task-run-template
使用ARM模板自动化ACR Transfer	https://learn.microsoft.com/en-us/azure/container-registry/container-registry-transfer-arm-template
部署ACR连接注册表Arc扩展	https://learn.microsoft.com/en-us/azure/container-registry/quickstart-connected-registry-arc-cli