Artifact Registry Component
The Artifact Registry component creates a Docker container registry for storing and managing application container images.
Overview
Resources Created
| Resource | Name | Purpose |
|---|---|---|
| Repository | serko-northsky | Docker image storage |
| Cleanup Policy | delete-old-prerelease | Auto-delete old images |
| Cleanup Policy | keep-minimum-versions | Retain minimum images |
Configuration
# Pulumi.dev.yaml
config:
serko-northsky:cleanupDays: "7"
serko-northsky:minVersionsToKeep: "10"
# Pulumi.prod.yaml
config:
serko-northsky:cleanupDays: "14"
serko-northsky:minVersionsToKeep: "20"
Cleanup Policies
Delete Old Prerelease Images
Automatically removes images tagged with prerelease identifiers older than the configured days:
- Tags matching:
*-alpha,*-beta,*-rc*,*-snapshot - Age threshold: 7 days (dev/test) or 14 days (prod)
Keep Minimum Versions
Ensures a minimum number of image versions are retained:
- Minimum count: 10 (dev/test) or 20 (prod)
- Applies to all tags
Outputs
interface ArtifactRegistryOutputs {
repositoryUrl: string; // us-central1-docker.pkg.dev/PROJECT/serko-northsky
repositoryId: string;
}
Usage
Pushing Images
# Authenticate Docker
gcloud auth configure-docker us-central1-docker.pkg.dev
# Tag image
docker tag myapp:latest \
us-central1-docker.pkg.dev/PROJECT_ID/serko-northsky/myapp:v1.0.0
# Push image
docker push \
us-central1-docker.pkg.dev/PROJECT_ID/serko-northsky/myapp:v1.0.0
In CI/CD
The repository URL is available as a Pulumi stack output:
REPO_URL=$(pulumi stack output artifactRegistryUrl)
docker push $REPO_URL/backend:$VERSION
In Kubernetes
Reference images in deployments:
apiVersion: apps/v1
kind: Deployment
spec:
template:
spec:
containers:
- name: backend
image: us-central1-docker.pkg.dev/PROJECT_ID/serko-northsky/backend:v1.0.0
IAM Permissions
The following service accounts have registry access:
| Service Account | Role | Purpose |
|---|---|---|
cicd@PROJECT.iam | artifactregistry.writer | Push images |
gke-nodes@PROJECT.iam | artifactregistry.reader | Pull images |