Vintner
Plant a Vine

Container Registry

ECR, Artifact Registry, and ACR configuration — tag mutability and image scanning.

Container Registry

The container registry section creates managed Docker image registries for your application containers. Multiple registries can be added per vine.

Fields Per Registry

FieldTypeDescription
NameText inputRepository name (e.g., api, frontend, worker)
Tag MutabilitySelectMUTABLE (tags can be overwritten) or IMMUTABLE (once pushed, a tag is permanent)
Scan on PushToggleAutomatically scan images for vulnerabilities on push

Services by Provider

ECR (Elastic Container Registry)

  • Private repositories with IAM-based access
  • Lifecycle policies (auto-expire old images)
  • Integration with EKS for pull authentication

Artifact Registry

  • Docker and OCI image support
  • IAM-based access control
  • Vulnerability scanning via Container Analysis

ACR (Azure Container Registry)

  • SKU tiers: Basic, Standard, Premium
  • Geo-replication (Premium)
  • Integration with AKS for pull authentication

Tag Mutability

ModeBehaviorUse Case
MUTABLESame tag (e.g., latest) can be pushed multiple timesDevelopment, CI/CD with latest tag
IMMUTABLEOnce a tag is pushed, it cannot be overwrittenProduction (ensures deployed image is never changed)

Immutable tags prevent accidental overwrites in production. A v1.2.3 tag always points to the same image digest, making rollbacks deterministic.

After Provisioning

The registry card in vine detail shows:

  • Repository URL — full push/pull endpoint (e.g., 123456789012.dkr.ecr.eu-west-1.amazonaws.com/api)
  • Status — ACTIVE or CREATING

Secrets

Managed secrets with auto-generation, presets, and cloud-native secret stores.

Repositories

Git repository selection for application deployment via ArgoCD.

On this page

Container RegistryFields Per RegistryServices by ProviderTag MutabilityAfter Provisioning