
Artifact Registry: the new way to keep your App artifacts and Docker Images on GCP
::: Update 11/2020 :::
:::Update 10/2021:::
Artifact Registry for language packages now generally available
— :: —
Today when you need to store your Docker images on GCP you use the GCR (Google Container Registry). This is pretty handy as you will use a fully integrated service within the GCP ecosystem, that is already easily managed by GCP IAM.
Usually, Doker images are not the only artifacts you need to keep stored though, and it’s quite common the need to use Apps like Jfrog Artifactory or Sonatype Nexus to manage artifacts such as jar files, npm, etc. You can also use GCS to maintain those artifacts as it shows here.
Google has recently launched the Artifact Registry (̵c̵u̵r̵r̵e̵n̵t̵l̵y̵ ̵i̵n̵ ̵B̵e̵t̵a̵)̵ (GA from 11/2020 )that enables you to centrally store artifacts and build dependencies as part of an integrated Google Cloud experience.
AR is the evolution of Container Registry and it will replace GCR when it becomes GA, so will be good to have an idea of its features.
Artifact Registry provides a single location for managing packages and Docker container images. You can:
- Manage the full artifact lifecycle — Store, manage and secure your artifacts.
- Integrate into your environment — Use your existing CI/CD tools to upload and download artifacts. Leverage close integration with Cloud Identity and Access Management and Google Cloud products or integrate other tools with Artifact Registry.
- Create multiple regional repositories within a single Google Cloud project.
- Control access at the project or repository level.
- Secure repositories in a VPC Service Controls security perimeter.
Artifact Registry integrates with Cloud Build and other continuous delivery and continuous integration systems to store packages from your builds. You can also store trusted dependencies that you use for builds and deployments.
I will show you how to create the AR for Docker container and Java artifacts below.
Docker
Step1:
Authenticate to Artifact Registry:
gcloud beta auth configure-docker us-central1-docker.pkg.dev
Step 2:
Docker needs access to Artifact Registry to push and pull images. You can use the standalone Docker credential helper tool, docker-credential-gcr
, to configure your Artifact Registry credentials for use with Docker without using requiring gcloud
.
VERSION=2.0.0
OS=linux # or "darwin" for OSX, "windows" for Windows.
ARCH=amd64 # or "386" for 32-bit OSs
curl -fsSL "https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${VERSION}/docker-credential-gcr_${OS}_${ARCH}-${VERSION}.tar.gz" \
| tar xz --to-stdout ./docker-credential-gcr \
> /usr/bin/docker-credential-gcr && chmod +x /usr/bin/docker-credential-gcr
You can find more information about how to install this tool here
Step 3:
Configure Docker to use your Artifact Registry credentials when interacting with Artifact Registry
docker-credential-gcr configure-docker --registries=us-central1-docker.pkg.dev
Now you should be good to go, with your docker push
& docker tag
& docker pull
commands ;)
Java
The following steps will show you how to create a maven repo and push your artifact. Be aware that the maven is still in ALPHA, and it can be changed anytime.
Step 1:
Grant authorization to Cloud SDK to access Google Cloud
gcloud auth application-default login
Step 2:
Create the maven repository
gcloud beta artifacts repositories create quickstart-maven-repo --repository-format=maven \
--location=us-central1 [--description="Maven repository"]
for a docker container you just need to change --repository-format=docker
You can verify if it was created correctly with
gcloud beta artifacts repositories list
To simplify the gcloud commands you can set the default repo and the location using:
gcloud config set artifacts/repository quickstart-maven-repo
and
gcloud config set artifacts/location us-central1
Step 3:
Add the config to your pom.xml
<distributionManagement>
<snapshotRepository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/PROJECT/quickstart-maven-repo</url>
</snapshotRepository>
<repository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/PROJECT/quickstart-maven-repo</url>
</repository>
</distributionManagement>
<repositories>
<repository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/PROJECT/quickstart-maven-repo</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
<build>
<extensions>
<extension>
<groupId>com.google.cloud.artifactregistry</groupId>
<artifactId>artifactregistry-maven-wagon</artifactId>
<version>2.0.1</version>
</extension>
</extensions>
</build>
You can easily generate this config with the command
gcloud beta artifacts print-settings mvn
Step 4:
Now, you will be able to push the artifacts with mvn deploy
and mvn release
commands
That’s it!
Summary
In this article you see how you can easily integrate and manage your artifacts with the new GCP Artifact-Registry, so you will not need any other external artifact manager tools.
GCP AR will also replace our current GCR in the future, so will be good to keep an eye on it even on this early stage Beta/Alpha.
I hope you enjoy it!
Please let me know your thoughts!
Source:
https://cloud.google.com/artifact-registry/docs/overview
https://cloud.google.com/artifact-registry/docs/java/quickstart