Skills
skills/sickn33/antigravity-awesome-skills/azure-containerregistry-py

azure-containerregistry-py

SKILL.md

Azure Container Registry SDK for Python

Manage container images, artifacts, and repositories in Azure Container Registry.

Installation

pip install azure-containerregistry

Environment Variables

AZURE_CONTAINERREGISTRY_ENDPOINT=https://<registry-name>.azurecr.io

Authentication

Entra ID (Recommended)

from azure.containerregistry import ContainerRegistryClient
from azure.identity import DefaultAzureCredential

client = ContainerRegistryClient(
    endpoint=os.environ["AZURE_CONTAINERREGISTRY_ENDPOINT"],
    credential=DefaultAzureCredential()
)

Anonymous Access (Public Registry)

from azure.containerregistry import ContainerRegistryClient

client = ContainerRegistryClient(
    endpoint="https://mcr.microsoft.com",
    credential=None,
    audience="https://mcr.microsoft.com"
)

List Repositories

client = ContainerRegistryClient(endpoint, DefaultAzureCredential())

for repository in client.list_repository_names():
    print(repository)

Repository Operations

Get Repository Properties

properties = client.get_repository_properties("my-image")
print(f"Created: {properties.created_on}")
print(f"Modified: {properties.last_updated_on}")
print(f"Manifests: {properties.manifest_count}")
print(f"Tags: {properties.tag_count}")

Update Repository Properties

from azure.containerregistry import RepositoryProperties

client.update_repository_properties(
    "my-image",
    properties=RepositoryProperties(
        can_delete=False,
        can_write=False
    )
)

Delete Repository

client.delete_repository("my-image")

List Tags

for tag in client.list_tag_properties("my-image"):
    print(f"{tag.name}: {tag.created_on}")

Filter by Order

from azure.containerregistry import ArtifactTagOrder

# Most recent first
for tag in client.list_tag_properties(
    "my-image",
    order_by=ArtifactTagOrder.LAST_UPDATED_ON_DESCENDING
):
    print(f"{tag.name}: {tag.last_updated_on}")

Manifest Operations

List Manifests

from azure.containerregistry import ArtifactManifestOrder

for manifest in client.list_manifest_properties(
    "my-image",
    order_by=ArtifactManifestOrder.LAST_UPDATED_ON_DESCENDING
):
    print(f"Digest: {manifest.digest}")
    print(f"Tags: {manifest.tags}")
    print(f"Size: {manifest.size_in_bytes}")

Get Manifest Properties

manifest = client.get_manifest_properties("my-image", "latest")
print(f"Digest: {manifest.digest}")
print(f"Architecture: {manifest.architecture}")
print(f"OS: {manifest.operating_system}")

Update Manifest Properties

from azure.containerregistry import ArtifactManifestProperties

client.update_manifest_properties(
    "my-image",
    "latest",
    properties=ArtifactManifestProperties(
        can_delete=False,
        can_write=False
    )
)

Delete Manifest

# Delete by digest
client.delete_manifest("my-image", "sha256:abc123...")

# Delete by tag
manifest = client.get_manifest_properties("my-image", "old-tag")
client.delete_manifest("my-image", manifest.digest)

Tag Operations

Get Tag Properties

tag = client.get_tag_properties("my-image", "latest")
print(f"Digest: {tag.digest}")
print(f"Created: {tag.created_on}")

Delete Tag

client.delete_tag("my-image", "old-tag")

Upload and Download Artifacts

from azure.containerregistry import ContainerRegistryClient

client = ContainerRegistryClient(endpoint, DefaultAzureCredential())

# Download manifest
manifest = client.download_manifest("my-image", "latest")
print(f"Media type: {manifest.media_type}")
print(f"Digest: {manifest.digest}")

# Download blob
blob = client.download_blob("my-image", "sha256:abc123...")
with open("layer.tar.gz", "wb") as f:
    for chunk in blob:
        f.write(chunk)

Async Client

from azure.containerregistry.aio import ContainerRegistryClient
from azure.identity.aio import DefaultAzureCredential

async def list_repos():
    credential = DefaultAzureCredential()
    client = ContainerRegistryClient(endpoint, credential)
    
    async for repo in client.list_repository_names():
        print(repo)
    
    await client.close()
    await credential.close()

Clean Up Old Images

from datetime import datetime, timedelta, timezone

cutoff = datetime.now(timezone.utc) - timedelta(days=30)

for manifest in client.list_manifest_properties("my-image"):
    if manifest.last_updated_on < cutoff and not manifest.tags:
        print(f"Deleting {manifest.digest}")
        client.delete_manifest("my-image", manifest.digest)

Client Operations

Operation Description
list_repository_names List all repositories
get_repository_properties Get repository metadata
delete_repository Delete repository and all images
list_tag_properties List tags in repository
get_tag_properties Get tag metadata
delete_tag Delete specific tag
list_manifest_properties List manifests in repository
get_manifest_properties Get manifest metadata
delete_manifest Delete manifest by digest
download_manifest Download manifest content
download_blob Download layer blob

Best Practices

  1. Use Entra ID for authentication in production
  2. Delete by digest not tag to avoid orphaned images
  3. Lock production images with can_delete=False
  4. Clean up untagged manifests regularly
  5. Use async client for high-throughput operations
  6. Order by last_updated to find recent/old images
  7. Check manifest.tags before deleting to avoid removing tagged images

When to Use

This skill is applicable to execute the workflow or actions described in the overview.

Weekly Installs
17
Repository
sickn33/antigra…e-skills
GitHub Stars
21.0K
First Seen
Feb 17, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
codex17
mcpjam16
kiro-cli16
antigravity16
windsurf16
zencoder16