About this codelab
1. Overview
As the evolution of Container Registry, Artifact Registry is a single place for your organization to manage container images and language packages (such as Maven and npm). It is fully integrated with Google Cloud's tooling and runtimes and comes with support for language based dependency management for use with tools like npm and Maven. This makes it simple to integrate it with your CI/CD tooling to set up automated pipelines.
This lab will walk you through some features available in Artifact Registry.
What you will learn
What are the learning objectives of this lab?
- Create repositories for Containers and Language Packages
- Manage container images with Artifact Registry
- Configure Maven to use Artifact Registry for Java Dependencies
2. Setup and Requirements
Self-paced environment setup
- Sign-in to the Google Cloud Console and create a new project or reuse an existing one. If you don't already have a Gmail or Google Workspace account, you must create one.
- The Project name is the display name for this project's participants. It is a character string not used by Google APIs. You can update it at any time.
- The Project ID is unique across all Google Cloud projects and is immutable (cannot be changed after it has been set). The Cloud Console auto-generates a unique string; usually you don't care what it is. In most codelabs, you'll need to reference the Project ID (it is typically identified as
PROJECT_ID
). If you don't like the generated ID, you may generate another random one. Alternatively, you can try your own and see if it's available. It cannot be changed after this step and will remain for the duration of the project. - For your information, there is a third value, a Project Number which some APIs use. Learn more about all three of these values in the documentation.
- Next, you'll need to enable billing in the Cloud Console to use Cloud resources/APIs. Running through this codelab shouldn't cost much, if anything at all. To shut down resources so you don't incur billing beyond this tutorial, you can delete the resources you created or delete the whole project. New users of Google Cloud are eligible for the $300 USD Free Trial program.
Set up gcloud
In Cloud Shell, set your project ID and project number. Save them as PROJECT_ID
and PROJECT_NUMBER
variables.
export PROJECT_ID=$(gcloud config get-value project)
export PROJECT_NUMBER=$(gcloud projects describe $PROJECT_ID --format='value(projectNumber)')
Enable Google Services
gcloud services enable \
cloudresourcemanager.googleapis.com \
container.googleapis.com \
artifactregistry.googleapis.com \
containerregistry.googleapis.com \
containerscanning.googleapis.com
Get the source code
The source code for this lab is located in the GoogleCloudPlatform org on GitHub. Clone it with the command below then change into the directory.
git clone https://github.com/GoogleCloudPlatform/cloud-code-samples/
3. Working with container images
Create a Docker Repository on Artifact registry
Artifact Registry supports managing container images and language packages. Different artifact types require different specifications. For example the requests for Maven dependencies are different from requests for Node dependencies.
To support the different API specifications, Artifact Registry needs to know what format you want the API responses to follow. To do this you will create a repository and pass in the --repository-format
flag indicating the type of repository desired
From Cloud Shell run the following command to create a repository for Docker images:
gcloud artifacts repositories create container-dev-repo --repository-format=docker \
--location=us-central1 --description="Docker repository for Container Dev Workshop"
Click Authorize if the Cloud Shell authorization prompt appears
Go to Google Cloud Console - Artifact Registry - Repositories and notice your newly created Docker repository named container-dev-repo
, if you click on it you can see that it's empty at the moment
Configure Docker Authentication to Artifact Registry
When connecting to Artifact Registry credentials are required in order to provide access. Rather than set up separate credentials, Docker can be configured to use your gcloud credentials seamlessly.
From Cloud Shell run the following command to configure Docker to use the Google Cloud CLI to authenticate requests to Artifact Registry in the us-central1
region,
gcloud auth configure-docker us-central1-docker.pkg.dev
The command will prompt for a confirmation to change the Cloud Shell docker configuration, hit enter.
Explore the sample Application
A sample application is provided in the git repository you cloned in an earlier step. Change into the java directory and review the application code.
cd cloud-code-samples/java/java-hello-world
The folder contains an example Java application that renders a simple web page: in addition to various files not relevant for this specific lab, it contains the source code, under the src
folder, and a Dockerfile we will use to build a container image locally.
Build the Container Image
Before you can store container images in Artifact Registry you will need to create one.
Run the following command to build the container image and tag it properly to push it to your repository in the next step:
docker build -t us-central1-docker.pkg.dev/$PROJECT_ID/container-dev-repo/java-hello-world:tag1 .
Push the Container Image to Artifact Registry
Run the following command to push the container image to the repository created previously:
docker push us-central1-docker.pkg.dev/$PROJECT_ID/container-dev-repo/java-hello-world:tag1
Review the image in Artifact Registry
Go to Google Cloud Console - Artifact Registry - Repositories.
Click into container-dev-repo
and check that the java-hello-world
image is there. Click on the image and note the image tagged tag1
. You can see that Vulnerability Scanning is running or already completed and the number of vulnerabilities detected is visible.
Click on the number of vulnerabilities and you will see the list of vulnerabilities detected in the image, with the CVE bulletin name and the severity, you can click VIEW on each listed vulnerability to get more details:
4. Working with language packages
In this section you will see how to set up an Artifact Registry Java repository and upload packages to it, leveraging them in different applications.
Create a Java package repository
From Cloud Shell run the following command to create a repository for Java artifacts:
gcloud artifacts repositories create container-dev-java-repo \
--repository-format=maven \
--location=us-central1 \
--description="Java package repository for Container Dev Workshop"
Click Authorize if the Cloud Shell authorization prompt appears
Go to Google Cloud Console - Artifact Registry - Repositories and notice your newly created Maven repository named container-dev-java-repo
, if you click on it you can see that it's empty at the moment.
Set up authentication to Artifact Repository
Use the following command to update the well-known location for Application Default Credentials (ADC) with your user account credentials so that the Artifact Registry credential helper can authenticate using them when connecting with repositories:
gcloud auth login --update-adc
Configure Maven for Artifact Registry
Run the following command, from the java-hello-world
folder to open Cloud Shell Editor and add the application folder to his workspace:
cloudshell workspace .
Enable third-party cookies by clicking on "Site now working?" and then "Allow cookies".
After Browser will reload, open Cloud Shell and run the command above one more time to load application folder.
Open the pom.xml in Cloud Shell Editor, click "Open Editor"
Open terminal from Cloud Shell Editor and run the following command to print the repository configuration to add to your Java project:
gcloud artifacts print-settings mvn \
--repository=container-dev-java-repo \
--location=us-central1
and add the returned settings to the appropriate sections in the pom.xml
file.
Cloud Editor view with built-in terminal:
Update the distributionManagement section
<distributionManagement>
<snapshotRepository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/<PROJECT>/container-dev-java-repo</url>
</snapshotRepository>
<repository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/<PROJECT>/container-dev-java-repo</url>
</repository>
</distributionManagement>
Update the repositories section
<repositories>
<repository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/<PROJECT>/container-dev-java-repo</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
Update the extensions
<extensions>
<extension>
<groupId>com.google.cloud.artifactregistry</groupId>
<artifactId>artifactregistry-maven-wagon</artifactId>
<version>2.1.0</version>
</extension>
</extensions>
Here's an example of the complete file for your reference. Ensure to replace <PROJECT> with your project id.
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>hello-world</artifactId>
<packaging>jar</packaging>
<name>Cloud Code Hello World</name>
<description>Getting started with Cloud Code</description>
<version>1.0.0</version>
<distributionManagement>
<snapshotRepository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/<PROJECT>/container-dev-java-repo</url>
</snapshotRepository>
<repository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/<PROJECT>/container-dev-java-repo</url>
</repository>
</distributionManagement>
<repositories>
<repository>
<id>artifact-registry</id>
<url>artifactregistry://us-central1-maven.pkg.dev/<PROJECT>/container-dev-java-repo</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.6.3</version>
</parent>
<properties>
<java.version>1.8</java.version>
<checkstyle.config.location>./checkstyle.xml</checkstyle.config.location>
</properties>
<build>
<plugins>
<plugin>
<groupId>com.google.cloud.tools</groupId>
<artifactId>jib-maven-plugin</artifactId>
<version>3.2.0</version>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
<version>3.1.2</version>
</plugin>
</plugins>
<extensions>
<extension>
<groupId>com.google.cloud.artifactregistry</groupId>
<artifactId>artifactregistry-maven-wagon</artifactId>
<version>2.1.0</version>
</extension>
</extensions>
</build>
<!-- The Spring Cloud GCP BOM will manage spring-cloud-gcp version numbers for you. -->
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-gcp-dependencies</artifactId>
<version>1.2.8.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jetty</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-gcp-starter-logging</artifactId>
</dependency>
</dependencies>
</project>
Upload your Java package to Artifact Registry
With Artifact Registry configured in Maven, you can now use Artifact Registry to store Java Jars for use by other projects in your organization.
Run the following command to upload your Java package to Artifact Registry:
mvn deploy
Check the Java package in Artifact Registry
Go to Cloud Console - Artifact Registry - Repositories Click into container-dev-java-repo
and check that the hello-world
binary artifact is there:
5. Congratulations!
Congratulations, you finished the codelab!
What you've covered
- Created Repositories for Containers and Language Packages
- Managed container images with Artifact Registry
- Configured Maven to use Artifact Registry for Java Dependencies
Cleanup
Run the following command to delete the project
gcloud projects delete $PROJECT_ID