Google Cloud Artifact Registry Module
This module simplifies the creation of repositories using Google Cloud Artifact Registry.
Simple Docker Repository
module "docker_artifact_registry" {
source = "./fabric/modules/artifact-registry"
project_id = "myproject"
location = "europe-west1"
name = "myregistry"
format = { docker = { standard = {} } }
iam = {
"roles/artifactregistry.admin" = ["group:cicd@example.com"]
}
}
# tftest modules=1 resources=2
Remote and Virtual Repositories
module "registry-local" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "local"
format = {
python = {
standard = true
}
}
}
module "registry-remote" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "remote"
format = {
python = {
remote = {
public_repository = "PYPI"
}
}
}
}
module "registry-virtual" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "virtual"
format = {
python = {
virtual = {
remote = {
repository = module.registry-remote.id
priority = 1
}
local = {
repository = module.registry-local.id
priority = 10
}
}
}
}
}
# tftest modules=3 resources=3 inventory=remote-virtual.yaml
Additional Docker and Maven Options
module "registry-docker" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "docker"
format = {
docker = {
standard = {
immutable_tags = true
}
}
}
}
module "registry-maven" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "maven"
format = {
maven = {
standard = {
allow_snapshot_overwrites = true
version_policy = "RELEASE"
}
}
}
}
# tftest modules=2 resources=2
Other Formats
module "apt-registry" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = var.region
name = "apt-registry"
format = { apt = { standard = true } }
}
module "generic-registry" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = var.region
name = "generic-registry"
format = { generic = { standard = true } }
}
module "go-registry" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = var.region
name = "go-registry"
format = { go = { standard = true } }
}
module "googet-registry" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = var.region
name = "googet-registry"
format = { googet = { standard = true } }
}
module "kfp-registry" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = var.region
name = "kfp-registry"
format = { kfp = { standard = true } }
}
module "npm-registry" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = var.region
name = "npm-registry"
format = { npm = { standard = true } }
}
module "yum-registry" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = var.region
name = "yum-registry"
format = { yum = { standard = true } }
}
# tftest modules=7 resources=7 inventory=other-formats.yaml
Cleanup Policies
module "registry-docker" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "docker-cleanup-policies"
format = { docker = { standard = {} } }
cleanup_policy_dry_run = false
cleanup_policies = {
keep-5-versions = {
action = "KEEP"
most_recent_versions = {
package_name_prefixes = ["test"]
keep_count = 5
}
}
keep-tagged-release = {
action = "KEEP"
condition = {
tag_state = "TAGGED"
tag_prefixes = ["release"]
package_name_prefixes = ["webapp", "mobile"]
}
}
}
}
# tftest modules=1 resources=1 inventory=cleanup-policies.yaml
Variables
name |
description |
type |
required |
default |
cleanup_policies |
Object containing details about the cleanup policies for an Artifact Registry repository. |
map(object({…default = null |
✓ |
|
format |
Repository format. |
object({…}) |
✓ |
|
location |
Registry location. Use `gcloud beta artifacts locations list' to get valid values. |
string |
✓ |
|
name |
Registry name. |
string |
✓ |
|
project_id |
Registry project id. |
string |
✓ |
|
cleanup_policy_dry_run |
If true, the cleanup pipeline is prevented from deleting versions in this repository. |
bool |
|
null |
description |
An optional description for the repository. |
string |
|
"Terraform-managed registry" |
encryption_key |
The KMS key name to use for encryption at rest. |
string |
|
null |
iam |
IAM bindings in {ROLE => [MEMBERS]} format. |
map(list(string)) |
|
{} |
labels |
Labels to be attached to the registry. |
map(string) |
|
{} |
Outputs
name |
description |
sensitive |
id |
Fully qualified repository id. |
|
name |
Repository name. |
|
repository |
Repository object. |
|