🧱Google Cloud CI/CD에서 Artifacts와 Artifact Repositories 이해하기
Source: Dev.to
What Are Artifacts?
When your CI pipeline builds code, it produces output files. These files — called artifacts — are the deliverables used later during deployment.
Artifacts include:
- JAR files
- Packages
- Binaries
- Docker images
- Configuration files
- Documents or reports
- Any compiled or generated output
Think of artifacts as the results of your build stage (CI), which are then consumed by the deployment stage (CD).
Types of Artifacts
Artifacts generally fall into two categories:
Container Artifacts
Container images — typically Docker images — used to deploy applications in Kubernetes, Cloud Run, Cloud Functions, etc.
Non‑Container Artifacts
- Java
.jarfiles - Node/npm packages
- Python wheels
- Terraform modules
- Helm charts
- Config files
Both types need reliable storage and versioning.
Why Do We Need Artifact Management?
Once the CI pipeline generates artifacts, they must be:
- Stored in a central place
- Versioned properly
- Accessible to CD pipelines
- Secure and scanned for vulnerabilities
- Managed consistently
An Artifact Management System acts as the single source of truth for all build outputs.
Artifact Repositories Explained
An Artifact Repository is a centralized storage system designed for storing and managing artifacts in CI/CD workflows.
Key benefits
- Single source of truth
- Version management
- Vulnerability scanning
- Approval workflows
- Consistency across build and deploy stages
- Improved DevOps efficiency
Artifact repositories are essential for both monolithic and microservices architectures.
Options for Storing Artifacts in Google Cloud
Google Cloud offers two main services for storing artifacts.
1. Artifact Registry (Recommended)
Artifact Registry is the next‑generation Google artifact storage solution, replacing Container Registry and supporting more artifact types.
Key Features
- Stores container and non‑container artifacts
- Native support for multiple formats (Docker, npm, Maven, Python, etc.)
- Fully integrated with Cloud Build, GKE, Cloud Run
- Regional or multi‑regional repositories
- Vulnerability scanning
- Fine‑grained IAM control
- Usage‑based pricing (storage + network egress)
Artifact Registry is now the default and recommended option.
2. Container Registry (Legacy)
Container Registry was Google’s original solution for storing Docker images.
Features
- Private Docker image repositories
- Supports Docker Image Manifest V2 & OCI formats
- Vulnerability scanning
- Compatible with standard Docker CLI (
docker push,docker pull) - Charges for underlying Cloud Storage usage
It still works, but Google Cloud is migrating users to Artifact Registry. For new projects, choose Artifact Registry.
Final Thoughts
Artifacts form the backbone of any CI/CD pipeline. They ensure that:
- Code is transformed into deployable assets
- Build outputs remain consistent and traceable
- Deployment workflows are reliable and secure
Google Cloud’s Artifact Registry provides a modern, unified, secure, and scalable way to manage both container and non‑container artifacts—making it the ideal choice for DevOps teams.