In past few articles, I have been writing about Azure Bicep. In this articles, we are going to talk about creating private bicep registry.
Why private registry is needed ?
Bicep files can be used to create the resources. An organization may have multiple applications and they may also have different environments in order to host those applications.
Hence, there are high chances that some of the bicep files created by one team may also be needed by other teams. They may either use those files as they are or they may create new files by reusing the custom modules.
The private registry can be used to share the bicep modules with other teams. If you want to share the modules within the organization (or to limited set of people), then you can create private registry. Similarly, there is a public registry which makes some modules available to everyone. There is already a public registry and to contribute to the public module registry, see the contribution guide.
We can add the bicep files to the registry and then we can refer them from there.
How to create a private registry ?
A Bicep registry is hosted on Azure Container Registry (ACR). So, if we do not have ACR, we can create a new ACR. The bicep file given below shows how to create ACR using bicep file.
Then we can use login server name by using either PowerShell or Azure CLI. The code snippet given below shows both commands.
How to publish bicep files to private registry ?
Let’s discuss about permissions first. In order to be able to publish modules to the registry, you must have permission to push an image. To deploy a module from a registry, you must have permission to pull the image. For more information about the roles that grant adequate access, see Azure Container Registry roles and permissions.
We can use the publish command and provide any Bicep files you intend to use as modules. We need to specify the target location for the module in your registry. The code snippet given below shows Azure CPI as well as PowerShell commands to publish the bicep module
If needed we can also view the files in the container registry. For that we need to sign in to the Azure portal and navigate to the container registry. Select the registry and then select the Repositories from the left menu.
Then we can select the module path (repository). In the preceding example, the module path name is bicep/modules/storage. Then we need to select the tag, which is v1 in our case. It should show you the artifact reference (URL to the module) which can be used for referencing this module into another.
I hope you find this information helpful. Let me know your thoughts.