Artifact Registry Overview
Oracle Cloud Infrastructure Artifact Registry is a repository service for storing, sharing, and managing software development packages.
With Artifact Registry, you can manage your artifacts as follows:
- Make them immutable.
- Identify them with secure hash.
- Add versions.
- Upload and download.
- Fetch the latest.
- Control visibility and permissions.
Artifact Registry Concepts
Review the key concepts to learn about Artifact Registry.
An artifact is a software package, library, zip file, or any other type of file used for deploying applications. Examples are Python or Maven libraries. Artifacts are grouped into repositories, which are collections of related artifacts. For example, you could group several versions of a Maven artifact in a Maven repository, or upload your Python libraries to a Python repository.
Repository and Artifact Names
When you create a repository in which to group similar artifacts, you give it
<repo-name>. The name must start with a letter or underscore,
followed by letters, numbers, hyphens, or underscores. Length can be 1–255
characters. Avoid entering confidential information.
If you leave the name blank, the system automatically generates a name that you can
change later. An automatically generated name has the following pattern:
When you upload an artifact to a repository, you specify a path and version for it. Based on your input, an artifact name is assigned to the artifact in the following format:
- The artifact path
<artifact-path>is a user-defined path that describes the location of the artifact in the repository. Slashes do not create a directory structure, but you can use slashes to organize the repository.
- The version
<version>is the artifact version. Because of incremental updates to artifacts, you can assign versions to artifacts. This way, you can associate builds with the artifact versions and roll back to previous versions.
An artifact name is truncated to a maximum length of 255.
When you create a repository, you can designate it as immutable, which means that the artifacts uploaded to it become immutable. These artifacts are used as-is and cannot be replaced. Immutable repositories ensure the integrity of the artifacts. Following are some common use cases for immutable artifacts:
- Rolling back a deployment: For a rollback, you use the exact files of the previous working version of a deployment. Immutable artifacts ensure that no one has changed the last working version after the artifacts were uploaded to the repository.
- Contributing code: In a deployment project, to ensure that a developer's
code change doesn't affect others, the best practice is to make all artifacts
immutable. For example, if you have an image of a rabbit in
website-image.png, no one can overwrite it with an image of a fox. Replacing an image doesn't break the code, but it changes the outcome. Instead of replacing an immutable artifact, you upload a new artifact.
Deleting an artifact and then using the same artifact name to upload a new artifact is the same as overwriting that artifact's content.
An immutable artifact can be deleted but cannot be replaced. If you delete an immutable artifact, you cannot assign its name to another artifact. Therefore, you cannot upload a new artifact and assign it the deleted artifact's path and version. However, you can give it the same path with a new version.
If a repository is not immutable, then the artifacts in it can be overwritten. For example, you can use mutable snapshots of immutable repositories for testing.
You can filter the artifacts in a repository for their state. Possible states are:
For example, before you name your artifact, you can filter for artifacts with a
DELETED state. This way, you can ensure that when
you upload a new artifact, you don't use a deleted artifact's name.
Identifying Artifacts with Secure Hash
When you upload an artifact to a repository, Artifact Registry calculates the SHA256 digest for the artifact and adds it to the artifact's properties. The SHA256 digest is a 256-bit Secure Hash Algorithm.
When you roll back or use an artifact in your code, compare its SHA256 digest to the artifact's SHA256 digest in the repository. If the artifacts have different SHA256 digests, then their content is different.
Artifact Registry resources, like most types of resources in Oracle Cloud Infrastructure, have a unique, Oracle-assigned identifier called an Oracle Cloud ID (OCID).
For information about the OCID format and other ways to identify your resources, see Resource Identifiers.
Ways to Access Artifact Registry
You can access Artifact Registry by using the Console (a browser-based interface), Oracle Cloud Infrastructure CLI, or REST APIs.
Instructions for all three methods are included throughout this guide.
- To access the Console, you must use a supported browser. To sign in to the Console, go to the Console sign in page. You are prompted to enter your cloud account name (your tenancy), your user name, and your password.
- To use the OCI CLI or REST APIs, you can either set up your environment, or use Oracle Cloud Infrastructure Cloud Shell.
Regions and Availability Domains
OCI services are hosted in Regions and Availability Domains. A region is a localized geographic area, and an availability domain is one or more data centers in that region.
Regions with Artifact Registry are listed and updated here:
For region names and their identifiers, refer to the table on the Regions and Availability Domains page.
Authentication and Authorization
Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, SDK or CLI, and REST API).
An administrator in your organization needs to set up groups, compartments , and policies that control which users can access which services, and which resources, and the type of access they have. For example, policies control who can create users, groups, and compartments, or who can create and manage repositories and artifacts.
In each region that is enabled for your tenancy, you can create up to 500 repositories in Artifact Registry consuming a maximum of 500 GB in total.
You are charged for stored artifacts, as shown in the Cloud Price List .
Integration with the DevOps Service
In the DevOps service, you can include artifacts from Artifact Registry or Container Registry:
- Create a deployment pipeline in the DevOps service.
- Define stages for delivering artifacts to a target environment.
- Point to the artifacts stored in Artifact Registry or Container registry.
- Run the DevOps deployment and deliver the artifacts to the target environment.
For more information, see:
Artifact Registry does not display the history of artifacts uploaded to other services. To view which artifacts are delivered through DevOps pipelines, check the DevOps deployment history.