Socket
Book a DemoInstallSign in
Socket

@backstage-community/plugin-acr

Package Overview
Dependencies
Maintainers
1
Versions
21
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@backstage-community/plugin-acr

A Backstage plugin that displays information about your container images available in the Azure Container Registry

1.16.0
latest
Source
npmnpm
Version published
Maintainers
1
Created
Source

Azure Container Registry plugin for Backstage

The Azure Container Registry (ACR) plugin displays information about your container images available in the Azure Container Registry.

For administrators

Installing and configuring the ACR plugin

  • Run the following command to install the ACR plugin:

    yarn workspace app add @backstage-community/plugin-acr
    
  • Set the proxy to the desired ACR server in the app-config.yaml file as follows:

    # app-config.yaml
    proxy:
      endpoints:
        '/acr/api':
          target: 'https://mycontainerregistry.azurecr.io/acr/v1/'
          credentials: require
          changeOrigin: true
          headers:
            # If you use Bearer Token for authorization, please replace the 'Basic' with 'Bearer' in the following line.
            Authorization: 'Basic ${ACR_AUTH_TOKEN}'
          # Change to "false" in case of using self hosted artifactory instance with a self-signed certificate
          secure: true
    

    (Optional) Specify a Custom Registry Path to Support Multiple Registries

    # app-config.yaml
    proxy:
      endpoints:
        '/acr/api':
          target: 'https://mycontainerregistry.azurecr.io/acr/v1/'
          credentials: require
          changeOrigin: true
          headers:
            # If you use Bearer Token for authorization, replace 'Basic' with 'Bearer'
            Authorization: 'Basic ${ACR_AUTH_TOKEN}'
          # Set to false if using a self-hosted ACR instance with a self-signed certificate
          secure: true
    
        '/acr/custom/api/mysecondregistry':
          target: 'https://mysecondregistry.azurecr.io/acr/v1/'
          credentials: require
          changeOrigin: true
          headers:
            Authorization: 'Basic ${SECOND_ACR_AUTH_TOKEN}'
          secure: true
    

    [!NOTE] The value inside each route is either a simple URL string, or an object on the format accepted by http-proxy-middleware. Additionally, it has an optional credentials key which can have the following values:

    • require: Callers must provide Backstage user or service credentials with each request. The credentials are not forwarded to the proxy target. This is the default.
    • forward: Callers must provide Backstage user or service credentials with each request, and those credentials are forwarded to the proxy target.
    • dangerously-allow-unauthenticated: No Backstage credentials are required to access this proxy target. The target can still apply its own credentials checks, but the proxy will not help block non-Backstage-blessed callers. If you also add allowedHeaders: ['Authorization'] to an endpoint configuration, then the Backstage token (if provided) WILL be forwarded.

    Note that if you have backend.auth.dangerouslyDisableDefaultAuthPolicy set to true, the credentials value does not apply; the proxy will behave as if all endpoints were set to dangerously-allow-unauthenticated.

  • Set the authorization using one of the following options:

    • Basic authorization:

      • Navigate to the ACR portal and go to the Access Keys tab.
      • Retrieve the username and password of the Admin user and use the Basic Auth Header Generator tool or run echo printf '<username>:<password>' | base64 in a terminal to convert the credentials into a basic token.
      • Set the generated token as ACR_AUTH_TOKEN in environment variables.
    • OAuth2: - Generate bearer access token using the process described in Authenticate with an Azure Container Registry.

      • One method is to generate a bearer token using your basic authorization token, i.e.

                curl --location 'https://<yourregistry>.azurecr.io/oauth2/token?scope=repository%3A*%3A*&service=<yourregistry>.azurecr.io' \
        --header 'Authorization: Basic <basic_token>'
        
      • Set the generated token as ACR_AUTH_TOKEN in environment variables. Make sure to replace the Basic in the app-config.yaml with Bearer

  • Enable an additional tab on the entity view page using the packages/app/src/components/catalog/EntityPage.tsx file as follows:

    /* highlight-add-start */
    import {
      AcrImagesEntityContent,
      isAcrAvailable,
    } from '@backstage-community/plugin-acr';
    
    /* highlight-add-end */
    
    const serviceEntityPage = (
      <EntityLayout>
        // ...
        {/* highlight-add-start */}
        <EntityLayout.Route if={isAcrAvailable} path="/acr" title="ACR images">
          <AcrImagesEntityContent />
        </EntityLayout.Route>
        {/* highlight-add-end */}
      </EntityLayout>
    );
    
  • Annotate your entity using the following annotations:

    metadata:
      annotations:
        'azure-container-registry/repository-name': `<REPOSITORY-NAME>',
    

(Optional) Specify a Custom Registry Path to Support Multiple Registries

  metadata:
    annotations:
      'azure-container-registry/repository-name': `<REPOSITORY-NAME>',
      'azure-container-registry/registry-name': `<REGISTRY-NAME>',

Use new frontend system

  • Install the frontend plugin:

    yarn workspace app add @backstage-community/plugin-acr
    
  • Enable the plugin in your packages/app(-next)/src/App.tsx:

    After all other imports:

    import acrPlugin from '@backstage-community/plugin-acr/alpha';
    
    export const app = createApp({
      features: [
        catalogPlugin,
        catalogImportPlugin,
        userSettingsPlugin,
        acrPlugin,
        // ...
      ],
    });
    

For users

Using the ACR plugin in Backstage

ACR is a front-end plugin that enables you to view information about the container images from your Azure Container Registry in Backstage.

Prerequisites

Procedure

  • Open your Backstage application and select a component from the Catalog page.

  • Go to the ACR tab.

    acr-tab

    The ACR tab in the Backstage UI contains a list of container images and related information, such as TAG, CREATED, LAST MODIFIED, and MANIFEST.

Keywords

backstage

FAQs

Package last updated on 14 Aug 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.