acr icon indicating copy to clipboard operation
acr copied to clipboard

Published 20 hours ago verified publisher icon Azure

Trigger pod updates in AKS when an ACR task trigger updates an image

Open infbase opened this issue 3 years ago • 2 comments

What is the problem you're trying to solve After an ACR task trigger updates an image, the running pods in AKS with that image should also be updated. Without that happening, we can end up in a scenario where we have critical vulnerabilities exposed in an AKS cluster even after they have been patched in ACR.

Describe the solution you'd like When an AKS (or Arc for k8s) cluster has GitOps integration configured, the running pods should be automatically updated to use this updated image (deployment rolling update, helm upgrade...). This should not depend on image semantic versioning but preferably on image digests, as forcing changes in the image version may not be desirable, especially if the image update was triggered by base image patching, with no functional changes to the image.

infbase avatar Mar 16 '21 20:03 infbase

Hi folks, Have you looked at: https://aka.ms/acr/webhooks There's more details here: Working with ACR Geo-replication notifications

SteveLasker avatar Apr 05 '21 19:04 SteveLasker

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

github-actions[bot] avatar Dec 18 '23 01:12 github-actions[bot]