Question 331284 in Docker Question posted in
The official documentation can be found here.

Pull Docker Image from Azure Container Registry to local system upon change

I have the following architecture:
An Azure cloud with Azure Devops completely written in Bicep and Azure-pipelines.yml
An Edge System that runs a Docker image

I am trying to find a way to pull a Docker image from the Azure Container Registry to my local edge system upon change. I was thinking this could maybe be done with a webhook or so.

For the whole workflow, I push code to my Azure repo, it then builds that code into a Docker image and pushes it to my Azure Container Registry so it is stored there. My Azure cloud uses that image to run on the Azure cloud.
I now want to add a second pipeline that can build the code for my AI and also builds it and pushes it to the Azure Container Registry, so that my edge system can pull the docker image from there upon change.

So to visualize:
AI code modifications push to Azure Container Registry –> Edge System pulls new Docker image from Azure Container Registry

I have tried to find resources online but haven’t found any that are trying my specific problem.

Tags:

2

Answers


  1. 0

    Azure Container Registry has webhooks. But They are a push model. i.e. Your edge device/system will need to have a public web address (https) which will be receiving the event from ACR. You can then respond to that event.

    https://learn.microsoft.com/en-us/azure/container-registry/container-registry-webhook

    Login or Signup to reply.
  2. 0

    Per your requirement to trigger the second pipeline to pull image from ACR once there was a new image pushed, you may add container resource to your YAML pipeline and enable automatic trigger of this resource type.

    To pull the image on you Edge System, you need to configure self-hosted agent service in this system and set this second pipeline to run on this agent. Here is a sample YAML pipeline for your reference.

    pool: EdgeSystemPool

resources:
  containers:
  - container: mycontainer1 # name of the container (Alias) 
    type: ACR # type of registry
    azureSubscription: ARMSvcCnnAutoSubX # name of the ARM service connection
    resourceGroup: rg-azacr # Azure resource group with the container
    registry: azacrxxxxx # Azure container registry name
    repository: azuredevops/dockeragent/xxxxx # name of the of container image collection
    trigger:
      enabled: true

steps:
- script: |
    echo "The ACR Container Resource Variables:" 
    echo $(resources.container.mycontainer1.type)
    echo $(resources.container.mycontainer1.registry)
    echo $(resources.container.mycontainer1.repository)
    echo $(resources.container.mycontainer1.tag)
    echo $(resources.container.mycontainer1.digest)
    echo $(resources.container.mycontainer1.URI)
    echo $(resources.container.mycontainer1.location)

- task: AzureCLI@2
  inputs:
    azureSubscription: 'ARMSvcCnnAutoSubX'
    scriptType: 'bash'
    scriptLocation: 'inlineScript'
    inlineScript: |
      az acr login --name $(resources.container.mycontainer1.registry)
      docker pull $(resources.container.mycontainer1.registry).azurecr.io/$(resources.container.mycontainer1.repository):$(resources.container.mycontainer1.tag)

    Thus, as soon as the first pipeline pushes an image to ACR repository, the second pipeline will be triggered and run docker pull command on the agent in the Edge System.

    Kindly note that the service principal referenced by the ARM service connection needs to have Contributor or Owner permissions for ACR to use automatic pipeline trigger and pull image from ACR.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search