Make Use of Content Trust

Docker comes with a model called "Content trust", which enables you to enforce signing of images that are pushed and pulled.

With content trust, you can verify the source and integrity of the images. You can sign your images before pushing them to the registry. Configure the clients to only pull signed images.

For more information, see to: Content trust in Azure Container Registry.