Hi,

We use bitbucket and whenever we try to submit a task with our bitbucket repo (https://username@bitbucket.org/org/repo.git) it says Invalid repository URL.

Can you support bitbucket as well?

In-case the primary region is unavailable, the pushes stop working, the pulls will still work, since the image is geo-replicated, hence, if secondary region pushes are allowed, then there can be seamless CI-CD in applications. In a recent outage, where storage account went down in East US, the ACR service health was up, but the storage accounts backing them were not working properly, hence the pushes were failing, in a situation like this, we should be able to push to the secondary region, and a secondary endpoint should be available to us for the same.

Many organizations use Office365 accounts and groups as authentication backend (Active Directory).
It is not possible to define those users as ACR users as Azure subscription is needed.
Goal is that Office365 users should use ACR as service and pull images, not to manage it thru portal or az cli.
For now docker login does work only for Admin or Service Principle accounts.
This functionality is required to use ACR as production grade service to support the end customers.

We have a customer want to run ACR scheduling task to synchronize their Docker Images from external docker registry, since the task is just a docker container, could ACR also integrate with Log Analytics to auto capture the docker container stdout/stderr just like what AKS did, it would be easier for us to monitoring how the ACR scheduling task executed.

I ran into a "too many requests" error during parallel docker pull in a cluster, and was told ACR currently has 100 request limit per node.

I added a retry on top as work-around.
However, if too many customers pulling at the same time, it's still possible that every one got a mix of success/failure layers, and need to restart the entire pull again, which is a dead loop.

It'll be nice if ACR can throttle more gracefully, by splitting bandwidth evenly (don't queue, that may timeout NAT or http proxy).

Please advise if it is recommended and support User Interface for Azure Container Registry.

UI should be accessible thru browser and support the same Access Control as for docker login.

Found one repo: https://github.com/Azure/acr-web-manager
but not sure if it is recommended and supported by Azure.

I plan to have 8TB ACR with 20 users online at the same time.

I am trying to enable the Content Trust using Powershell but there is no help or link provided for this.
Although I can do it from the portal as well as using Azure CLI but in my scenario I have to enable Content Trust in Policies inside my ACR.
Can you please help me how I can achieve it using Powershell?

Support ACI for ACR deployed in VNet ASAP.
ACI is currently not supported when ACR is deployed in VNet. As ACI and ACR both are native Azure and ACI is better use case for containerization, at least ACI should work with ACR+VNet.
It is strange to see its allowed from AKS cluster but not from ACI

I have been searching for REST API which will list repositories in particular ACR like it is available through azure portal under service.

I've got a user who I have assigned the role AcrDelete (and Reader) to. According to [this](https://docs.microsoft.com/bs-latn-ba/azure/container-registry/container-registry-roles) that should be what is needed to delete an image from a repository in an azure container registry. However, even after logging out and logging back in, the user is unable to delete images. Note that removing his reader permission takes affect and then prevents him from seeing the containers in question. Is there a bug with this role?

Was asked to elevate this idea here from https://github.com/Azure/acr/issues/247

Put simply, it would be really nice if the ACR showed the LABEL data that was set in the Dockerfiles.

During task creation in azure container registry I found automation of docker build in ACR for CI/CD is only supported for github commits but not supported for Gitlab.

It would be very useful ans easy if Gitlab commits are also supported for ACR tasks/REST API.

Add option to az acr to list all registries and/or repo’s that exist under a tenant instead of needing to iterate through all subs.

Could not find a fqdn of the image in the ACR details of an image. Would be nice to have a "copy to clipboard option" wich gives the full details as required to pull an image from ACR (not credentials), e.g., for configuring k8s deployment objects.

Hello,

i'm using az acr build to build image inside azure however i would like to use content trust during the build inside azure.
https://docs.microsoft.com/en-us/cli/azure/acr?view=azure-cli-latest#az-acr-build

I dont want to pull sign image and push sign image from my computer, i would like to have the argument --disable-content-trust=false like in docker build on az acr build.

https://docs.docker.com/engine/security/trust/content_trust/

regards

docker build allows labeling a image at build time.
e.g.

docker build . --label "version=1.0"

but there is no equivalent "acr build args"

Would like to be able to use:
az acr build -r
myrepo --label "version=1.0" --file Dockerfile .

Currently, ACR Tasks do not work for instances with the preview VNET / firewall configuration enabled. This will block usability of ACR for organizations that require increased network security.

Azure CLI allows to overwrite helm chart using --force option.
This option should be possible to disable for whole registry.
For production cases, helm charts should not be allowed to be overwritten.

`az acr task create` require access to access github repository by admin.
We sometimes cannot get this.
Using this access, `az acr task create` makes webhook setting of Github.
If it doesn't have enough permission, we should set webhook setting manually.

references:
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-build-task