Tencent Container Registry (TCR) Enterprise Edition supports protection for the hosted container image tags. Container image security is a key part of cloud-native application delivery. It enables tag immutability feature for the images hosted in TCR, which ensures the images of the same tag will only be successfully pushed once, thus effectively reduce the risk of tag overwriting caused by misoperation in the production environment. TCR supports tag protection at the namespace level. Users can fine-grainly define the repositories and image tags covered by the feature according to service demands.
|Associated instance||The instance which has been selected currently.|
|Namespaces||The current instance needs to enable the namespace for tag protection. Only a rule can be created in a single namespace.|
|Immutability rule||latest: in all repositories in the current namespace, all image tags are not allowed to be overwritten except the latest tag.|
|Custom: customize the configuration of the repository and image tag that need to be matched.
|Rule switch||The rule is effective as of creation by default.
You can view the rules on the “Tag Immutability” page after creation, and take the following actions to manage the rules.