使用 Azure 容器注册表 webhookUsing Azure Container Registry webhooks

Azure 容器注册表可存储和管理专用 Docker 容器映像,其方式类似于 Docker Hub 存储公共 Docker 映像。An Azure container registry stores and manages private Docker container images, similar to the way Docker Hub stores public Docker images. 它还可托管 Helm Chart(预览版)的存储库;Helm Chart 是一种将应用程序部署到 Kubernetes 的打包格式。It can also host repositories for Helm charts (preview), a packaging format to deploy applications to Kubernetes. 可以使用 Webhook 在其中一个注册表存储库中发生特定操作时触发事件。You can use webhooks to trigger events when certain actions take place in one of your registry repositories. Webhook 可在注册表级别响应事件或者将其范围缩小到特定存储库标记。Webhooks can respond to events at the registry level, or they can be scoped down to a specific repository tag. 通过异地复制注册表,可将每个 Webhook 配置为响应特定区域副本中的事件。With a geo-replicated registry, you configure each webhook to respond to events in a specific regional replica.

有关 Webhook 请求的详细信息,请参阅 Azure 容器注册表 Webhook 架构参考For details on webhook requests, see Azure Container Registry webhook schema reference.

先决条件Prerequisites

创建 Webhook - Azure 门户Create webhook - Azure portal

  1. 登录 Azure 门户Sign in to the Azure portal.
  2. 导航到要在其中创建 Webhook 的容器注册表。Navigate to the container registry in which you want to create a webhook.
  3. 在“服务”下,选择“Webhook” 。Under Services, select Webhooks.
  4. 在 Webhook 工具栏中选择“添加”。Select Add in the webhook toolbar.
  5. 使用以下信息完成“创建 webhook”窗体:Complete the Create webhook form with the following information:
Value 说明Description
Webhook 名称Webhook name 想要赋予 webhook 的名称。The name you want to give to the webhook. 它只能包含字母和数字,且长度必须为 5-50 个字符。It may contain only letters and numbers, and must be 5-50 characters in length.
位置Location 对于异地复制注册表,请指定注册表副本的 Azure 区域。For a geo-replicated registry, specify the Azure region of the registry replica.
服务 URIService URI Webhook 应向其发送 POST 通知的 URI。The URI where the webhook should send POST notifications.
自定义标头Custom headers 想要随 POST 请求一起传递的标头。Headers you want to pass along with the POST request. 它们的格式应该为:“键: 值”。They should be in "key: value" format.
触发操作Trigger actions 触发 webhook 的操作。Actions that trigger the webhook. 操作包括映像推送、映像删除、Helm Chart 推送、Helm Chart 删除和映像隔离。Actions include image push, image delete, Helm chart push, Helm chart delete, and image quarantine. 可选择一个或多个操作来触发 Webhook。You can choose one or more actions to trigger the webhook.
状态Status Webhook 创建后的状态。The status for the webhook after it's created. 默认启用。It's enabled by default.
范围Scope Webhook 的作用域。The scope at which the webhook works. 如果未指定,则范围为注册表中的所有事件。If not specified, the scope is for all events in the registry. 可通过对存储库中的所有标记使用“存储库:标记”或“存储库:”格式,指定存储库或标记的范围。It can be specified for a repository or a tag by using the format "repository:tag", or "repository:*" for all tags under a repository.

示例 Webhook 窗体:Example webhook form:

Azure 门户中的 ACR webhook 创建 UI

创建 Webhook - Azure CLICreate webhook - Azure CLI

若要使用 Azure CLI 创建 webhook,请使用 az acr webhook create 命令。To create a webhook using the Azure CLI, use the az acr webhook create command. 以下命令为注册表 mycontainerregistry 中的所有映像删除事件创建 Webhook:The following command creates a webhook for all image delete events in the registry mycontainerregistry:

az acr webhook create --registry mycontainerregistry --name myacrwebhook01 --actions delete --uri http://webhookuri.com

测试 webhookTest webhook

Azure 门户Azure portal

使用 Webhook 之前,可使用 Ping 按钮对它进行测试。Prior to using the webhook, you can test it with the Ping button. Ping 将向指定的终结点发送泛型 POST 请求并记录响应。Ping sends a generic POST request to the specified endpoint and logs the response. 使用 ping 功能可帮助验证是否已正确配置 Webhook。Using the ping feature can help you verify you've correctly configured the webhook.

  1. 选择想要测试的 webhook。Select the webhook you want to test.
  2. 在顶部工具栏中,选择“Ping”。In the top toolbar, select Ping.
  3. 在“HTTP 状态”列中检查终结点的响应。Check the endpoint's response in the HTTP STATUS column.

Azure 门户中的 ACR webhook 创建 UI

Azure CLIAzure CLI

若要使用 Azure CLI 测试 ACR webhook,请使用 az acr webhook ping 命令。To test an ACR webhook with the Azure CLI, use the az acr webhook ping command.

az acr webhook ping --registry mycontainerregistry --name myacrwebhook01

若要查看结果,请使用 az acr webhook list-events 命令。To see the results, use the az acr webhook list-events command.

az acr webhook list-events --registry mycontainerregistry08 --name myacrwebhook01

删除 webhookDelete webhook

Azure 门户Azure portal

每个 webhook 均可通过在 Azure 门户中选择 webhook,然后选择“删除”按钮进行删除。Each webhook can be deleted by selecting the webhook and then the Delete button in the Azure portal.

Azure CLIAzure CLI

az acr webhook delete --registry mycontainerregistry --name myacrwebhook01

后续步骤Next steps

Webhook 架构参考Webhook schema reference

有关 Azure 容器注册表发出的 JSON 事件负载的格式和属性的详细信息,请参阅 Webhook 架构参考:For details on the format and properties of the JSON event payloads emitted by Azure Container Registry, see the webhook schema reference:

Azure 容器注册表 Webhook 架构参考Azure Container Registry webhook schema reference