GCP · Developer Tools
Artifact Registry
Repos for containers, npm, Maven, Python, apt/yum.
Official docsOverview
Artifact Registry stores and secures build artifacts with vulnerability scanning and IAM-scoped repos.
When to use it
- Single registry for container + language packages
- CI artifact promotion across envs
Setup
- Enable Artifact Registry API.
- Create repo: `gcloud artifacts repositories create images --repository-format=docker --location=us`.
- Configure Docker auth: `gcloud auth configure-docker us-docker.pkg.dev`.
How to use
Push image
docker push us-docker.pkg.dev/PROJECT/images/api:1.2.3Scan results
gcloud artifacts docker images list-vulnerabilities us-docker.pkg.dev/PROJECT/images/api@sha256:...QA use cases
- Block pipeline promotion when CVEs exceed severity threshold.