Skip to main content

Artifactory Binary Repository

Repository Permissions

  • *-public: Read only content is available by everyone without authentication

  • *-internal: Read only content is available by everyone with authentication

  • Team can get write permission available for public and internal repository. The team will be able to push artifact to their autorized path only. e.g. docker-internal/project-name/**

API key

  1. Go to your profile -> Authentication settings
  2. Create a API key

Note: username is your email and password is the API key

Docker

login

Use

docker login artifactory.thalesdigital.io

# use email and API key to login

docker image URL

\<docker-registry-server>/\<repository>/\<image-url>

  • docker-registry-server: artifactory.thalesdigital.io
  • repository: in which repository the docker image is stored into artifactory
  • image-url: Title from Docker Info when a image is selected

Pull image

docker pull artifactory.thalesdigital.io/docker-internal/k8saas/promalertzendesk:latest

Push image

docker push artifactory.thalesdigital.io/docker-internal/k8saas/nginx:latest

Image naming convention

artifactory.thalesdigital.io/docker-internal/\<\k8saas-or-esaas>/\<subgroup>/\<project-name>[:TAG]

  • artifactory.thalesdigital.io: artificatory repository
  • docker-internal: repository not public
  • subgroup: optional Group images under a logical set.
  • k8saas-or-esaas: our subfolder to groups k8saas and essaas docker images
  • \<project-name>: distinction between projet

Convertion examples:

Gitlabartifactory
registry.thalesdigital.io/platform-team-canada/k8saas-innersource/python/reporting/rbac-serviceartifactory.thalesdigital.io/docker-internal/k8saas/rbac-service
$CI_REGISTRY/platform-team-canada/k8saas-innersource/docker-images/pre-commit:0.3.0artifactory.thalesdigital.io/docker-internal/k8saas/pre-commit:0.3.0

Migrate image from repo

# pull original image
docker pull registry.thalesdigital.io/platform-team-canada/k8saas-innersource/python/reporting/data-service:1.18.0
# tag with the new repository
docker tag registry.thalesdigital.io/platform-team-canada/k8saas-innersource/python/reporting/rbac-service:1.18.0 artifactory.thalesdigital.io/docker-internal/k8saas/rbac-service:1.18.0
# push image in the new repository
docker push artifactory.thalesdigital.io/docker-internal/k8saas/rbac-service:1.18.0

Kaniko

There are 2 ways to provide artifactory credentials to kaniko

  1. Using auth
    ARTIFACTORY_AUTH=$(echo -n $ARTIFACTORY_USERNAME:$ARTIFACTORY_API_KEY | base64 | tr -d "\n")
    echo "{\"auths\":{\"$ARTIFACTORY_REPO\":{\"auth\":\"$ARTIFACTORY_AUTH\"}}}" > /kaniko/.docker/config.json
  2. Using username and password
    echo "{\"auths\":{\"$ARTIFACTORY_REPO\":{\"username\":\"$ARTIFACTORY_USERNAME\",\"password\":\"$ARTIFACTORY_API_KEY\"}}}" > /kaniko/.docker/config.json

python

to be completed