Share via

How can we find a owner of the container image?

Mishra, Rajiv 51 Reputation points
2020-09-04T11:07:16.613+00:00

Hi Team,

We are managing a Azure container registry and many users are pushing their image in that single container only. Now we are not sure who is the user of each repository who has pushed the images.

If the feature of identifying user is already there then let us know?

If there is no mechanism where we can see repository user then what is best way to add users with repository to identify later and reach out to them in case needed?

Thanks
Rajiv

Azure Container Registry
Azure Container Registry
An Azure service that provides a registry of Docker and Open Container Initiative images.
511 questions
0 comments
Accepted answer
  1. prmanhas-MSFT 17,946 Reputation points Microsoft Employee Moderator
    2020-09-04T17:10:53.967+00:00

    @Mishra, Rajiv I reached out to our internal team on this and came to know that you can look at the activity log to see who the last user is who pushed the image to a particular repository. Please keep in mind that the activity logs are kept for 90 days by default.

    Another thing you can do is to introduce a process for the teams that push images to add a label to each image that has the owner. This is something that you can do as part of the CI/CD process. Unfortunately, we do not expose that information in the Portal UI but you can pull the image and inspect it to retrieve the label information.

    We are also considering a functionality to allow adding metadata to the images in ACR. That will be a free form key-value pairs that you can set to tag the images according to their needs. However, this is in the planning and we don’t have any ETA for its implementation.

    Another aspect is that Multiple entities can push to a specific repo, so it’s really on the specific digest that you’d want to know this.
    The identity of the entity that pushed the artifact is captured in the ACR Diagnostics & Audit logs capability. You can refer to this for more information.
    This does assume the entity is using a unique identity. For instance, never, ever use the Admin account. It’s almost as evil as using :latest.

    For more info on using Auth models with ACR, please see this.

    It’s an interesting idea to add the identity to the repo listing. If that’s what’s desired, please log a request
    here.

    Hope it helps!!!

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Mishra, Rajiv 51 Reputation points
    2020-09-04T14:01:45.703+00:00

    Hi @prmanhas-MSFT ,

    I am not sure you understood my question correcly.

    This is about azure container registry, not about container instance. In ACR we have multiple image and i want to find a way to gather those user id whom i can reach out. see attached image

    22704-image.png

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.