Learn how to set up gcloud auth configure-docker for Artifact Registry. Our Google Cloud Support team is here to help you with your questions and concerns.

How to Set Up gcloud auth configure-docker for Artifact Registry

Artifact Registry by Google Cloud offers a unified platform for storing, managing, and securing packages and container images, ensuring smooth CI/CD integration.

Some of the key features of Artifact Registry include:

• Store, manage, and secure artifacts efficiently.
• Compatible with existing CI/CD tools, Cloud Identity and Access Management, and other Google Cloud services.
• Create multiple regional repositories within a single Google Cloud project.
• Manage permissions at the project or repository level.

Setting Up Authentication for Artifact Registry

1. First, run the following command to authenticate with Artifact Registry:

   gcloud beta auth configure-docker us-central1-docker.pkg.dev
2. Docker requires authentication to interact with the Artifact Registry. So, use the standalone Docker credential helper tool to configure access without `gcloud`:

   
VERSION=2.0.0
OS=linux # Use "darwin" for macOS, "windows" for Windows.
ARCH=amd64 # Use "386" for 32-bit systems.
curl -fsSL "https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${VERSION}/docker-credential-gcr_${OS}_${ARCH}-${VERSION}.tar.gz" \
| tar xz --to-stdout ./docker-credential-gcr \
> /usr/bin/docker-credential-gcr && chmod +x /usr/bin/docker-credential-gcr

3. Then, we have to configure Docker to use the Artifact Registry credentials when interacting with Artifact Registry

   docker-credential-gcr configure-docker –registries=us-central1-docker.pkg.dev

   After completing these steps, we can use Docker commands like `docker push`, `docker tag`, and `docker pull` with Artifact Registry.

Creating and Using a Maven Repository in Artifact Registry

1. First, grant Cloud SDK authorization

   gcloud auth application-default login
2. Then, create a Maven Repository:

   
gcloud beta artifacts repositories create quickstart-maven-repo --repository-format=maven \
--location=us-central1 [--description="Maven repository"]


   To create a Docker repository instead, modify `–repository-format=docker`.

   We can verify repository creation with this command:

   gcloud beta artifacts repositories list

   Also, set the default repository and location for simplified commands:

   
gcloud config set artifacts/repository quickstart-maven-repo
gcloud config set artifacts/location us-central1

3. Now, generate configuration for `pom.xml`:

   gcloud beta artifacts print-settings mvn
4. Push artifacts using:

   mvn deploy
mvn release


Setting Up DevZero DevBox with Google Artifact Registry Access

1. First, we have to configure the DevZero environment. So, add the following to the template to install Docker and Google Cloud CLI:

   
scriptpolicy:
- script: |
apt-get install apt-transport-https ca-certificates curl gnupg lsb-release -y
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \
gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update -y
apt-get install docker-ce docker-ce-cli containerd.io -y
usermod -aG docker devzero
- script: |
cd /home/devzero && curl https://sdk.cloud.google.com > install.sh
bash install.sh --disable-prompts
source /home/devzero/google-cloud-sdk/path.bash.inc
runas: devzero

2. Then, start a DevBox and run this command:

   source /home/devzero/google-cloud-sdk/path.bash.inc

   Add it to `.bashrc` or `.zshrc` to make this permanent.
3. Next, authenticate with Google Cloud:

   gcloud init
4. Finally, run the following command to configure Docker for Artifact Registry:

   gcloud auth configure-docker us-west1-docker.pkg.dev

Pull and Push Docker Images from Artifact Registry

1. Pull an image:

   docker pull us-docker.pkg.dev/google-samples/containers/gke/hello-app:1.0
2. Then, tag and push the image to the repository:

   
docker tag us-docker.pkg.dev/google-samples/containers/gke/hello-app:1.0 \
us-central1-docker.pkg.dev/PROJECT/quickstart-docker-repo/quickstart-image:tag1
docker push us-central1-docker.pkg.dev/PROJECT/quickstart-docker-repo/quickstart-image:tag1


Troubleshooting Authentication Errors with Artifact Registry

Our experts have a quick fix if you run into the following error.

failed to authorize: failed to fetch anonymous token: unexpected status: 403 Forbidden

If authentication fails when pushing to Artifact Registry, resetting Docker may resolve the issue.


pkill Docker
sudo rm -rf "/usr/local/lib/Docker"
sudo rm -rf "/Library/PrivilegedHelperTools/com.docker.vmnetd"
sudo rm -rf "/Library/LaunchDaemons/com.docker.vmnetd.plist"
rm -rf "~/.docker"
rm -rf "~/Library/Containers/com.docker.docker"
rm -rf "~/Library/Application Support/Docker Desktop"
rm -rf "~/Library/Preferences/com.docker.docker.plist"
rm -rf "~/Library/Saved Application State/com.electron.docker-frontend.savedState"
rm -rf "~/Library/Group Containers/group.com.docker"
rm -rf "~/Library/Logs/Docker Desktop"
rm -rf "~/Library/Preferences/com.electron.docker-frontend.plist"
rm -rf "~/Library/Cookies/com.docker.docker.binarycookies"


Then, restart the machine and reinstall Docker.

Alternatively, we can downgrade the Docker version if the issue arises after an update.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

With the above steps, we can resolve most authentication and registry-related issues, ensuring smooth interaction with Google Artifact Registry.

In brief, our Support Experts demonstrated how to set up gcloud auth configure-docker for Artifact Registry.