GCP Artifact Registry (AR)
Connect a new Registry
- Create a GCP service account with the read-only Artifact Registry role (
roles/artifactregistry.reader
).
You can do this through thegcloud
tool with the following commands.
$ gcloud iam service-accounts create prodvana-ar-readonly
$ gcloud projects add-iam-policy-binding <GCP_PROJECT_ID> --member "serviceAccount:prodvana-ar-readonly@<GCR_PROJECT_ID>.iam.gserviceaccount.com" --role "roles/artifactregistry.reader"
Replace <GCP_PROJECT_ID>
with the ID of the GCP Project where your Artifact Registry is hosted.
- Generate a json key file for this newly created service account:
$ gcloud iam service-accounts keys create keyfile.json --iam-account prodvana-ar-readonly@<GCR_PROJECT_ID>.iam.gserviceaccount.com
- Let's test that this key file works. On a machine with docker installed run,
$ cat keyfile.json | docker login -u _json_key --password-stdin https://<LOCATION>-docker.pkg.dev
Login Succeeded
The <LOCATION>
placeholder is the regional or multi-regional location of the registry.
- Now to link the registry in Prodvana
- Go to your organization's integration page (https://.prodvana.io/integrations)
- Click the "Add Registry" button, and select "Other registries" from the dropdown.
- In the pop-up form, fill in the values:
Name
: The name Prodvana will use to reference this registryUsername
: Use_json_key
Password
: Copy and paste the entire contents of thekeyfile.json
generated above.Hostname
: This will depend on the location of your registry, of the formhttps://<LOCATION>-docker.pkg.dev
- Click "Save"
See Also
https://cloud.google.com/artifact-registry/docs/docker/authentication#json-key
Updated 9 months ago