To get integration stated, we’ve added links to Aqua and Twistlock from overview within a configured registry.
Over time, we’ll provide a more integrated experience, where ACR has vulnerability scanning integrated into the image listing.
An error occurred while saving the commentOliver, Matthew commented
What about the possibility of enabling direct integration of Clair (https://github.com/coreos/clair)?
We love this feature, but wanted to support more than just Helm. We’ve been working with the OCI working group to define registry artifacts, which enable a registry to store lots of things, from Helm Charts, CNAB, to other things we don’t yet know of.
For some of the experience, see: https://github.com/stevelasker/registryArtifactTypes/
We’ll also enable this in our az acr repository list CLI.
We made some progress here with some meta-data attributes to store the readme contents. And, some portal work to display it.
Unfortunately, this got prioritized as we had more pressing/blocking work. We love this polish, and are working with the OCI Image and Distribution specs to define common APIs that all OCI Distribtuion implementations would support. This would enable the community to build tools around this scenario, and not limit to just us.
That said, we still want to enable this scenario, just had to move it back to the backlog.
For more info on how we prioritize:
We’ve started the Auto-Purge work, with this current design: https://github.com/AzureCR/specs/tree/master/auto-purge
Please provide feedback here: https://github.com/AzureCR/specs/issues/1