Artifact Registry lets you centrally store artifacts and builddependencies as part of an integrated Google Cloud experience.

Introduction

Artifact Registry provides a single location for storing and managingyour packages and Docker container images. You can:

• Integrate Artifact Registry with Google CloudCI/CD services or your existing CI/CD tools.
• Store artifacts fromCloud Build.
• Deploy artifacts to Google Cloud runtimes, includingGoogle Kubernetes Engine,Cloud Run,Compute Engine, andApp Engine flexible environment.
• Identity and Access Management provides consistent credentials and access control.
• Protect your software supply chain.
  • Manage container metadata and scan for container vulnerabilities withArtifact Analysis.
• Protect repositories in aVPC Service Controls security perimeter.
• Create multiple regional repositories within a single Google Cloud project. Group images by team or development stage and control access at the repository level.

Artifact Registry integrates with Cloud Build and other continuousdelivery and continuous integration systems to store packages from your builds.You can also store trusted dependencies that you use for builds and deployments.

Dependency management

Protecting your software supply chain goes beyond using specific tools.The processes and practices you use to develop, build, and run your softwarealso impact the integrity of your software. To learn more about best practicesfor dependencies, seeDependency management

Software supply chain security

Google Cloud provides a comprehensive and modular set of capabilitiesand tools that your developers, DevOps, and security teams can use to improvethe security posture of your software supply chain.

Artifact Registry provides:

• Remote repositories to cache dependencies from upstream public sources so thatyou have greater control over them and can scan them for vulnerabilities,build provenance, and other dependency information.
• Virtual repositories to group remote and private repositories behind a singleendpoint. Set a priority on each repository to control search order whendownloading or installing an artifact.

You can view security insights about your security posture, build artifacts,and dependencies in Google Cloud console dashboards within Cloud Build,Cloud Run, and GKE.

Artifact Registry and Container Registry

Artifact Registry expands on the capabilities of Container Registry andis the recommended container registry for Google Cloud. If you currently useContainer Registry, learn abouttransitioning from Container Registry to take advantage ofnew and improved features.

What's next

• Docker quickstart
• Go quickstart
• Helm quickstart
• Java quickstart
• Node.js quickstart
• Python quickstart
• Ruby quickstart