Container Registry

• 1: Overview
• 1.1: Monitoring Metrics
• 1.2: ServiceWatch Metrics
• 2: How-to guides
• 2.1: Managing Repository
• 2.2: Managing Images and Tags
• 2.3: Managing Image Security Vulnerabilities
• 2.4: Managing Image Tag Deletion Policies
• 2.5: Using Container Registry with CLI
• 3: API Reference
• 4: CLI Reference
• 5: Release Note

1 - Overview

Service Overview

Container Registry is a service that provides a registry for storing and managing container images and OCI (Open Container Initiative) standard artifacts. Users can easily store, manage, and share images using the Docker CLI.

Features

• Easy Registry Management and Image Deployment: You can easily create a container registry for your project in Samsung Cloud Platform. By utilizing the standard Docker CLI, you can easily retrieve images from Container Registry for deployment, simplifying the development and service deployment flow.
• Efficient Container Image Storage: Container image storage is possible anywhere, anytime. It can store and retrieve images in conjunction with Object Storage, making efficient image management possible. Additionally, it supports the Docker Registry V2 API specification, making it convenient to use.
• Enhanced security with registry management: You can safely store and use images using the Container Registry. The Container Registry stores images encrypted in Object Storage and transmits them via HTTPS. You can set repository-based access permissions using the IAM resource-based policies of the Samsung Cloud Platform, and use images according to the set permissions.
• Container Image Vulnerability Analysis: Container Registry provides a feature to analyze security vulnerabilities in stored container images. Users can select an image and scan it in a simple way to check the vulnerability results, and identify and remove vulnerabilities based on the analysis results.

Service Composition Diagram

Provided Features

Container Registry provides the following features.

• Registry Management: Provides Container Registry creation, deletion, registry access control management (private), and visibility features.
• Repository Management: It is created under Container Registry and provides functions such as repository creation, inquiry, deletion, and security policy setting.
• Image Management: These are Container Images stored in the Repository, and provide functions such as image push, image pull, inquiry, deletion, applied tag management, and security policy setting.
• Image Vulnerability Check: You can manually or automatically check the security vulnerabilities of OS packages and language packages of images stored in the Container Registry, as well as secrets included in the images. Users can identify and remove known vulnerabilities (CVE) and secrets based on the check results to prevent the use of unsafe images.

Component

Registry

The registry (Registry) is a repository or collection of repositories used to store, access, and manage container images. Container registries can often support the development of container-based applications as part of development and operational processes. It can be directly connected to container orchestration platforms such as Docker and Kubernetes. The registry acts as an intermediary for sharing container images between systems, saving developers time in creating and providing cloud-native applications. In the case of the Samsung Cloud Platform, it is provided in conjunction with Object Storage and images are transmitted via HTTPS.

Repository

The Repository is a logical management unit of image tags. Using the repository, you can efficiently manage image tags. The repository is a centralized virtual storage used by developers to change and manage application source code. When developing an application, various types of documents and source code need to be stored and shared, allowing developers to easily collaborate and edit simultaneously within the same account, and track/manage changes.

Image

An image means a container that contains all the files and settings required for container execution. The image plays a role similar to a class that creates a container, and the container can be seen as a program or process that runs the image. For example, the Ubuntu image contains all the files necessary to run Ubuntu, and the MySQL image contains all the files, IDs, passwords, and port information necessary to run MySQL.

Preceding service

Container Registry has no preceding services.

1.1 - Monitoring Metrics

Container Registry monitoring metrics

The table below shows the monitoring metrics of Container Registry that can be checked through Cloud Monitoring. For detailed usage of Cloud Monitoring, please refer to the Cloud Monitoring guide.

1.2 - ServiceWatch Metrics

Container Registry sends metrics to ServiceWatch. The metrics provided by default monitoring are data collected at a 1‑minute interval.

Basic Indicators

The following are the basic metrics for the namespace Container Registry.

2 - How-to guides

The user can enter the necessary information for the Container Registry service through the Samsung Cloud Platform Console and create the service by selecting detailed options.

Create Container Registry

You can create and use the Container Registry service in the Samsung Cloud Platform Console.

To create a Container Registry service, follow these steps.

1. Click All services > Container > Container Registry menu. It moves to the Service Home page of Container Registry.
2. On the Service Home page, click the Create Registry button. It moves to the Create Registry page.
3. Registry Creation page where you enter the information required for service creation and select detailed options.
   • Enter Service Information Enter or select the required information in the area.

     Classification	Necessity	Detailed Description
     Registry Name	Required	The name of the registry created by the user Starts with a lowercase letter and uses lowercase letters and numbers to input 3-25 characters
     Endpoint	Required	Sets the access type for the registry endpoint Private is selected, only private endpoint access control items can be set Private&Public is selected, private endpoint access control items and public endpoint access control settings are available
     Private Endpoint Access Control	Optional	Private Endpoint Access Control Settings Enable allows you to set access to only specific resources within the same region as the registry, such as within the Account Click Add Private Access Resource to add resources that can access the registry using a private endpoint If Enable is not selected, access is allowed from all subnets in the same region
     Public Endpoint Access Control	Optional	Public Endpoint Access Control Settings Enable allows you to set access to the registry and resources in the same region only from specific IPs Click Add to add IPs and resources that are allowed to access the registry using the public endpoint If Enable is not selected, access from all subnets in the same region is allowed
     Visibility	Optional	Setting for anonymous access to the read (Pull) operation of the registry Public allows unauthenticated anonymous users to perform read operations (Anonymous Pull) on all contents of the registry This setting can only be set to Public when the service is created

     Table. Container Registry service information input items

* **Enter Additional Information** Enter or select the required information in the area.






  



Classification
Necessity
Detailed Description




Tag
Select
Add Tag
Up to 50 can be added per resource
Click the Add Tag button and enter or select Key, Value




  Table. Container Registry additional information input items

4. In the Summary panel, review the detailed information and the estimated charge amount, and click the Complete button.
   • After creation is complete, check the created resource on the Registry list page.

Check Container Registry Details

The Container Registry service allows you to view and modify the full list of resources and detailed information. The Container Registry details page consists of Details, Tags, Work History tabs.

To check the Container Registry details, follow the next procedure.

1. Click All services > Container > Container Registry menu. It moves to the Service Home page of Container Registry.

2. Service Home page, click the Registry menu. Move to the Registry list page.

3. Registry list page, click the resource (Registry) to check the detailed information. Move to the Registry details page.

   • Registry Details page displays the status information and detailed information of the Registry, and consists of Details, Tags, Operation History tabs.

   Classification	Detailed Description
   Registry Status	Status of the registry Creating: being created Running: created/operating normally Editing: settings being changed Terminating: being deleted Error: error occurred Unknown: unknown
   Usage Guide	CLI-based Registry Usage Guide
   Service Cancellation	Button to cancel the service

   Fig. Container Registry status information and additional features

Detailed Information

On the Registry List page, you can check the detailed information of the selected resource and modify the information if necessary.

Tag

On the Registry List page, you can check the tag information of the selected resource, and add, change, or delete it.

Work History

You can check the operation history of the resource selected on the Registry list page.

Cancel Container Registry

You can cancel the unused Container Registry to reduce operating costs. However, if you cancel the service, the operating service may be stopped immediately, so please proceed with the cancellation work after fully considering the impact that occurs when the service is stopped.

To cancel the Container Registry, follow these procedures.

1. Click All services > Container > Container Registry menu. It moves to the Service Home page of Container Registry.
2. On the Service Home page, click the Registry menu. It moves to the Registry list page.
3. Registry list page, click the resource (Registry) to check the detailed information. Move to the Registry details page.
4. Registry Details page, click Service Cancellation.
5. Click the checkbox to confirm cancellation and enter the Registry name to be deleted.
6. If you enter the Registry name correctly, the Confirm button will be activated. Click the Confirm button.
7. Once the cancellation is complete, please check if the resource has been cancelled on the Registry list page.

2.1 - Managing Repository

The repository is a logical management unit of images within the registry. Using a repository allows you to set the default security policy for images created below it.

Create a repository

To create a repository, follow the following procedure.

1. All services > Container > Container Registry menu is clicked. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Repository menu. It moves to the Repository list page.
3. Repository list page, click the Create Repository button. Move to the Create Repository page.

• Repository list page top, click the Settings icon to select an existing registry, or click Create new to create a registry.

5. Repository creation page where you enter the necessary information and select detailed options.

• Service Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Registry	Required	Select the registry name to create the repository If no registry is created, it can be newly created through the New Creation button
  Repository Name	Required	Name of the repository to be created Enter 3-30 characters using lowercase English letters, numbers, and special characters (-) (only lowercase English letters and numbers are allowed at the beginning and end)

  Table. Repository Essential Information Input Items
• Repository basic policy input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Image Scan	Options	Repository-generated image vulnerability automatic scan and scan exclusion policy setting The default scan policy that can be applied when an image is created in the repository can be set If auto-scan is set to use, the vulnerability of the image is automatically checked when the image is pushed, and the vulnerability check cost is charged If the scan exclusion policy is set to use, you can specify the inspection target and vulnerability to be excluded from the image scan as follows Exclusion setting possible inspection targets Language Package inspection exclusion Secret inspection exclusion Exclusion of vulnerabilities without Fix Version Exclusion setting possible vulnerabilities: one of the following levels can be selected (None / Unknown / Negligible / Low / Medium / High / Critical) level or lower vulnerabilities are excluded
  Image Pull Limit	Option	Policy setting for the image Pull limit function used in the repository and the limited value The default Pull limit policy that can be applied when an image is created in the repository can be set If the unscanned image Pull limit is set to use, Pull of unscanned images for vulnerability checking is not allowed If the vulnerable image Pull limit policy is set to use, Pull of images with Critical or High level vulnerabilities exceeding the entered value is not allowed. The values that can be entered and selected in this policy are as follows Critical: 1(default) ~ 9,999,999 High: 1(default) ~ 9,999,999 Excluding vulnerabilities without Fix Version If use is selected, vulnerabilities without Fix Version (when there is no patch version for vulnerable packages/libraries) are excluded from the Pull limit policy
  Image Lock Status	Option	You can set a lock to prevent all images in the repository from being deleted or updated If the image lock status of the repository is Lock, the Lock/Unlock function of individual images in the repository is deactivated If the lock status of the repository’s image lock status is changed to Unlock, the Lock/Unlock function of individual images is activated New image Push is possible
  Image tag deletion	Option	You can set an automatic image deletion policy stored in the repository Selecting Use for deletion policy activation applies the image deletion policy Selecting Untagged Image automatic deletion and Old Image automatic deletion as Use applies the corresponding image deletion policy Enter the automatic deletion period for the deletion policy, and the image will be automatically deleted after the set period has passed since it was first pushed For a detailed explanation of image tag deletion, refer to Image Tag Deletion Policy Management

  Table. Repository Basic Policy Input Items
• Additional Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Description	Selection	Repository Description Enter the repository description
  Tag	Selection	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. Input items for adding repository information

5. Summary panel, review the detailed information generated and the estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the Repository list page.

Repository detailed information check

Repository 서비스는 전체 자원 목록과 상세 정보를 확인하고 수정할 수 있습니다. Repository details 페이지에서는 details, tags, work history 탭으로 구성되어 있습니다.

To check the repository details, follow the next procedure.

1. All services > Container > Container Registry menu is clicked. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Repository menu. It moves to the Repository list page.
3. Repository list page, click on the resource (Repository) to check the detailed information. It moves to the Repository details page.

• Repository details page displays the status information and detailed information of the Repository, and consists of details, tags, work history tabs.

  Classification	Detailed Description
  Repository Status	Expresses the status of the repository Active: Available status Deleting: Being deleted status Inactive: Failed to delete and unavailable status (only deletion request is possible) Editing: Settings are being modified or sub-resources (images, tags) within the image are being deleted
  Usage Guide	Repository Usage Guide CLI-based commands to use images within the repository can be checked
  Repository Delete	Button to delete the repository

  Table. Status Information and Additional Functions

Detailed Information

Repository list page where you can check the detailed information of the selected resource and modify the information if necessary.

Tag

Repository list page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

Repository list page where you can check the work history of the selected resource.

Delete repository

To delete a Repository, follow the following procedure.

1. All services > Container > Container Registry menu is clicked. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Repository menu. It moves to the Repository list page.
3. Repository list page, click on the resource (Repository) to check the detailed information. It moves to the Repository details page.
4. Repository details page, click Delete Repository.
5. Repository deletion popup window where you enter the Repository name.
6. Repository name has been entered correctly, then the Confirm button will be activated. Click the Confirm button.
7. Once the cancellation is complete, check if the resource has been cancelled on the Repository list page.

2.2 - Managing Images and Tags

The image is a logical management unit of the tag. The user can efficiently manage the image version using the tag.

Creating an image

To generate an image, the repository must be created first. For more information about creating a repository, please refer to Managing Repositories. The image is created by pushing an image or OCI standard artifact to the registry endpoint using the CLI. CLI로 이미지를 Push하는 방법은 사용하는 클라이언트 툴에서 제공하는 공식 문서나 CLI 사용하기를 참고하세요. -> For the method of pushing an image using CLI, please refer to the official documentation provided by the client tool being used or Using CLI.

Check image detailed information

Image can check and modify the entire resource list and detailed information. The Image detail page consists of detailed information, tags, deletion policy test tabs.

To check the image details, follow the following procedure.

1. All services > Container > Container Registry menu is clicked. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Image menu. It moves to the Image list page.
3. Image list Click the Settings icon at the top of the page to check the detailed information and select the Registry name and Repository name where the Image is stored, respectively.

• If the desired item is not available, click Create New to register Registry and Repository and select it.

5. Image list page, click on the resource (Image) to check the detailed information. It moves to the Image details page.

• Image details page displays the status information and detailed information of the Image, and consists of details, Tags, deletion policy test tabs.

  Classification	Detailed Description
  Image Status	Express the status of the image Active: Available status Deleting: Being deleted status Inactive: Failed to delete and unavailable status (only deletion request is possible) Editing: Configuration modification or deletion of image sub-resources (tags) in progress status
  Usage Guide	CLI-based Image Usage Guide
  Image deletion	a button to delete the image

  Table. Status Information and Additional Functions

Detailed Information

Image list page where you can check the detailed information of the selected resource and modify the information if necessary.

Delete an image

Image를 삭제하려면 다음 절차를 따르세요 translates to: To delete an image, follow the following procedure.

1. All services > Container > Container Registry menu is clicked. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Image menu. It moves to the Image list page.
3. Image list Click the Settings icon at the top of the page and select the Registry name and Repository name where the image to be deleted is stored, respectively.
4. Image list page, click the resource (Image) to be deleted. It moves to the Image details page.
5. Image deletion button should be clicked.
6. Image deletion popup is displayed, click the Confirm button.
7. When the deletion is complete, check if the resource has been deleted on the Image list page.

Image tag detailed information check

To check the tag details, please follow the following procedure.

1. All services > Container > Container Registry menu is clicked. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Image menu. It moves to the Image list page.
3. Image list Click the Settings icon at the top of the page to check the detailed information and select the Registry name and Repository name where the Image is stored, respectively.
4. Image list page, click on the resource (Image) to check the detailed information. It moves to the Image details page.

• Image details page displays the status information and detailed information of the Image, and consists of details, Tags, deletion policy test tabs.
• Image details page, click the Tags tab to the right of the detailed information tab at the top, it moves to the Tags list page.

  Column	Required	Detailed Description
  Tags	Required	Image Digest’s tag name A single image Digest can have multiple tag names
  Digest	Required	Image Digest value
  Size	Required	Image Digest capacity
  Modification Time	Required	Image Digest(Tags) Modification Time
  Inspection Time	Required	Image Digest(Tags) Vulnerability Inspection Time
  Vulnerability Check Result	Required	Image Digest(Tags) Vulnerability Check Result Vulnerability count summary information and inspection result view button are displayed View Result button is clicked to confirm the detailed analysis result of vulnerabilities for image tags
  Status	Required	Status of Image Digest(Tags) Active: normal usable status Deleting: being deleted status Inactive: failed to delete and not usable status (only deletion request is possible)
  URL copy	-	To use the image Digest endpoint URL copy You can copy the endpoint URL to be used for the command to use the image Digest
  View more button	-	Image Digest(Tags) deletion, modification, vulnerability check, detailed usage guide selection menu Delete to delete the corresponding image Digest(Tags) Click Tags modification to display the Tags modification window. In the Tags modification window, you can modify the tag name of the image Digest Click Vulnerability check to check for vulnerabilities in the image Digest(Tags) Click Detailed usage guide to view the guide for using image Digest(Tags) based on CLI Click Tags Lock to set a lock so that the selected image Tags cannot be deleted or updated Click Tags Unlock to unlock the lock so that the selected image Tags can be deleted or updated

  Table. List of Tags Items

Detailed Information

Image Click the Tags of the image Digest in the list of Tags for details to check the details, the detailed information window of the image Digest (Tags) appears.

• Tag detailed information window, check the information and click confirm to close the window.

Image tag deletion

To delete an image tag, follow the following procedure.

1. All services > Container > Container Registry menu is clicked. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Image menu. It moves to the Image list page.
3. Image list Click the Settings icon at the top of the Image list page to check the detailed information and select the Registry name and Repository name where the Image is stored, respectively.
4. Image list page, click the resource (Image) to check the detailed information. It moves to the Image details page.

• Image details page, click the Tags tab to the right of the detailed information tab at the top, it moves to the Tags list page.

5. Tags list에서 삭제할 태그의 왼쪽에 위치한 체크박스를 선택한 후 삭제를 클릭하세요. -> 5. Select the checkbox to the left of the tag to be deleted in the Tags list, then click Delete.

• When you select the checkboxes of multiple items, you can delete multiple tags at once, and you can select and delete up to 50 tags at a time.
• You can delete tags one by one by clicking the delete button inside the more button located at the right end of the tag to be deleted.

6. Tags deletion popup window opens, click confirm.
7. Once the deletion is complete, please check the Tags list page to see if the resource has been deleted.

Image tag deletion policy test

To test the image tag deletion policy you set, follow the next procedure.

1. All services > Container > Container Registry menu is clicked. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Image menu. It moves to the Image list page.
3. Image list Click the Settings icon at the top of the page to check the detailed information and select the Registry name and Repository name where the Image is stored, respectively.
4. Image list page, click on the resource (Image) to check the detailed information. It moves to the Image details page.

• Image details page displays the status information and detailed information of the Image, and consists of details, Tags, deletion policy test tabs.
• Image details page, click the Deletion Policy Test tab to the right of the detailed information tab at the top. Move to the Deletion Policy Test tab page.

5. Deletion Policy Test tab page, click the Policy Test button in the deletion target Tags item. The deletion policy test will be executed.
6. When the deletion policy test execution notification popup window opens, click the Confirm button.

• When the test run application is completed, the test run application for deletion policy has been completed phrase will be displayed.

7. When the deletion policy test is completed, please check the test results.

• Deletion Target Tags The image tags (digest) that are the target of the deletion policy are displayed in the item.

2.3 - Managing Image Security Vulnerabilities

The image security vulnerability checking function allows you to manually or automatically check the OS package security vulnerabilities and Secrets included in the images stored in the Container Registry. Users can identify and remove known vulnerabilities (CVE) and Secrets based on the inspection results, preventing the use of insecure images.

Vulnerability Check Support Information

Supported OS

The vulnerability checking function supports checking of libraries installed with a package manager on the following OS.

Supported Language

The vulnerability checking function supports checking for the following languages.

Support Secret

The vulnerability scanning feature supports the following types of secrets included in the image.

Checking image security vulnerabilities (manual)

To check for image security vulnerabilities, follow the next procedure.

1. Click on the menu for all services > Container > Container Registry. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Image menu. It moves to the Image list page.
3. Image list Click the Settings icon at the top of the page to check the detailed information and select the Registry name and Repository name where the Image is stored, respectively.
4. On the Image List page, click the resource (Image) to check for security vulnerabilities. It moves to the Image Details page.
   • Click the Tags tab to the right of the detailed information tab at the top of the Image Details page. Move to the Tags tab page.
5. On the Tags tab page, click the more button located at the right end of the tag to check security vulnerabilities, then click Vulnerability Check.
6. When the vulnerability check alert popup window opens, click the Confirm button.
   • When the inspection starts, vulnerability check will be performed. message is displayed.
   • After the inspection is complete, a summary of the inspection results and the View Results button are displayed in the Vulnerability Check Results section. When you click the View Results button, a popup window appears where you can view detailed analysis results of vulnerabilities by Image Digest(Tags).

Check the image security vulnerability check result

To check the vulnerability check result, follow the next procedure.

1. Click on the menu for all services > Container > Container Registry. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Image menu. It moves to the Image list page.
3. Image list Click the Settings icon at the top of the page to check the detailed information and select the Registry name and Repository name where the Image is stored, respectively.
4. On the Image List page, click the resource (Image) to check for security vulnerabilities. It moves to the Image Details page.
   • Click the Tags tab to the right of the detailed information tab at the top of the Image Details page. Move to the Tags tab page.
5. On the Tags tab page, click the View Results button in the Vulnerability Check Result item to check the vulnerability check result.
6. Vulnerability Analysis by Image Tags A popup window appears to show detailed analysis results of vulnerabilities by image tags.

Check the test results by vulnerability unit

You can check the image security vulnerability check results by vulnerability in the Vulnerability tab.

You can check the list of all discovered vulnerabilities in the Vulnerability tab.

Checking the results by package unit

You can check the image security vulnerability check results by package. In the Image Tag-based Vulnerability detail page, click the Package tab to move to the package-based vulnerability page.

In the package tab, you can check the entire package list, the list of packages with vulnerabilities found, and the list of packages with no vulnerabilities found.

Check the test results by secret unit

You can check the image security vulnerability check results by secret. In the Image Tag-based Vulnerability detail page, clicking the Secret tab will move to the secret-based vulnerability page.

In the Secret tab

2.4 - Managing Image Tag Deletion Policies

The user can register and manage the image tag deletion policy.

Managing image tag deletion policies

The image tag deletion policy refers to the policy that automatically deletes an image when a certain period of time has passed since it was first pushed to the repository. If the image tag deletion policy is enabled, the image tags (digest) stored in the Container Registry will be automatically deleted according to the set deletion policy.

Support deletion policy information

Describes policy information that supports deleting image tags.

Support Policy

It supports a policy that allows you to set automatic deletion and period for image tags (digest).

Set the image tag (digest) deletion policy

To set the image tag (digest) deletion policy, follow these steps.

1. Click All services > Container > Container Registry menu. It moves to the Service Home page of Container Registry.
2. Service Home page, click the Image menu. It moves to the Image list page.
3. Click the gear button at the top of the Image 목록 page. The Registry/Repository 설정 popup window opens.
4. Registry/Repository settings In the popup window, select the Registry name and Repository name where the Image to be set for the deletion policy is stored, and click the OK button.
5. Image list page, click the resource (Image) to set the deletion policy. Move to the Image details page.
6. Image Detail page’s Detail Info tab, click the Edit icon of the Delete Image Tag item. The Edit Delete Image Tag popup window will open.
7. Image Tag Deletion Modification In the popup window, enter and select the necessary information and activation status, and click the Confirm button.
   • Delete policy activation is set to Use, the image tag (digest) will be automatically deleted according to the set delete policy.
   • Select the deletion policy to apply and enter the period from when the image was first pushed to the repository to when it will be automatically deleted.
8. When the update notification popup window opens, click the Confirm button.
   • When the modification is complete, Image tag deletion modification was successful message will be displayed.

Image tag (digest) deletion policy test

To test the image tag (digest) deletion policy, follow these steps.

1. Click All services > Container > Container Registry menu. It moves to the Service Home page of Container Registry.
2. On the Service Home page, click the Image menu. It moves to the Image list page.
3. Click the gear button at the top of the Image 목록 page. The Registry/Repository 설정 popup window will open.
4. Registry/Repository Settings In the popup window, select the Registry name and Repository name where the Image to be set for the deletion policy is stored, and click the Confirm button.
5. On the Image List page, click the resource (Image) to test the deletion policy. It moves to the Image Detail page.
6. Image Detail page, click the Deletion Policy Test tab. Move to the Deletion Policy Test tab page.
7. Deletion Policy Test tab page, to test the deletion policy set, click the Policy Test button at the bottom of the deletion target Tags.
8. When the deletion policy test notification popup window opens, click the Confirm button.
   • When the test run application is completed, the phrase The deletion policy test run application has been completed will be displayed.
   • After the test is completed, the image tags (digest) that are the target of the deletion policy will be displayed in the Deletion Target Tags section.

2.5 - Using Container Registry with CLI

This explains how to log in to the Container Registry using the CLI command and manage Container images and Helm charts.

Managing Container Images with CLI

You can log in to the Container Registry and push or pull container images using the CLI command.

Logging in to Container Registry

The user can log in to the Container Registry using the authentication key.

Logging in with an authentication key

Logs in using the AccessKey and SecretKey of the authentication key and the registry endpoint.

• Registry endpoint : Container Registry details page can be found.
• Private endpoint : [registryname-registryid].scr.private.[region].[offering].samsungsdscloud.com

1 docker login <registry_endpoint>
2 Username: <accessKey>
3 Password: <secretKey>

Pushing Images

To push an image to the registry, please refer to the following command.

1 docker push [registryname]-[registryid].scr.private.[region].[offering].samsungsdscloud.com/[repository]/[image:tag]

Image Pulling

To pull an image from the registry, please refer to the following command.

1 docker pull [registryname]-[registryid].scr.private.[region].[offering].samsungsdscloud.com/[repository]/[image:tag]

Managing Helm Charts with CLI

You can log in to the Container Registry using the CLI command and push or pull the Helm chart.

Logging in to Container Registry

The user can log in to the Container Registry using the authentication key.

Logging in with an authentication key

Logs in using the AccessKey, SecretKey of the authentication key and the registry endpoint.

• Registry endpoint : Container Registry details page can be found.
• Private endpoint : [registryname-registryid].scr.private.[region].[offering].samsungsdscloud.com

1 helm registry login <registry_endpoint>
2 Username: <accessKey>
3 Password: <secretKey>

Chart Push

To push a chart to the registry, please refer to the following command.

1 helm push [hello-world-0.1.0].tgz oci://[registryname]-[registryid].scr.private.[region].[offering].samsungsdscloud.com/[mychart]

As shown in the example, writing and executing the command will save (upload) the chart to the mychart repository with the hello-world image and apply the 0.1.0 tag.

To push charts to a registry, you need the LoginContainerRegistry permission for the registry you want to use and the PushRepositoryImages permission for the repository. For more information about policy and permission settings, see Management > IAM > Policy.

Chart Pulling

To pull charts from the registry, please refer to the following command.

1 helm pull oci://[registryname]-[registryid].scr.private.[region].[offering].samsungsdscloud.com/[mychart/hello-world] -version [0.1.0]

As shown in the example, writing and executing the command downloads the chart saved with the tag 0.1.0 in the hello-world image in the mychart repository.

To pull charts from a registry, you need the LoginContainerRegistry permission for the registry you want to use and the PullRepositoryImages permission for the repository. For more information about policy and permission settings, see Management > IAM > Policy.

3 - API Reference

4 - CLI Reference

5 - Release Note

Container Registry