Create an Azure Container Registry#

Create an ACR#

Note

The ACR name must be globally unique and consist of only lowercase alphanumeric characters, between 5 and 50 characters long. This can be checked using: az acr check-name --name <ACR-NAME>.

az acr create --name hub23registry --resource-group hub23 --sku Standard

Save the registry ID to a variable#

ACR_ID=$(az acr show --name hub23-registry --query id --output tsv)

Assign AcrPush role to the Service Principal#

The Service Principal needs an AcrPush role so that it is permitted to both push and pull images to/from the registry. Without this, BinderHub won’t be able to store the images it generates.

Warning

You will only have permission to perform this step if you are an owner on the turingmybinder Azure subscription. Otherwise, you should ask IT to assign this role to the Service Principal.

See the Service Principal section for instructions on how to download the Service Principal app ID to a file from the Key Vault.

az role assignment create --assignee $(cat .secret/appId.txt) --scope ${ACR_ID} --role AcrPush

Hub23 Deployment Guide

Create an Azure Container Registry

Contents

Create an Azure Container Registry#

Create an ACR#

Save the registry ID to a variable#

Assign AcrPush role to the Service Principal#

Hub23 Deployment Guide

Create an Azure Container Registry

Contents

Create an Azure Container Registry#

Create an ACR#

Login to the ACR#

Save the login server to a variable#

Save the registry ID to a variable#

Assign AcrPush role to the Service Principal#