Introduction:
With the deprecation of Container Registry, Google introduces Artifact Registry as the new solution for hosting images in the gcr.io domain. This article provides a step-by-step guide on how to proxy a private Google Artifact Docker Registry using Artifactory. By configuring a remote repository in Artifactory, users can seamlessly access and manage their Docker images stored in Artifact Registry.
Please note that the following instructions assume familiarity with Google Cloud Platform (GCP) and Artifactory.
Step 1: Creating a Docker Remote Repository in Artifactory
To begin, create a Docker remote repository in Artifactory. Set the URL of the repository to point to the respective region's Artifact Registry endpoint.
The endpoint URLs typically follow the format "https://region-docker.pkg.dev," where the region corresponds to the location where the Docker registry is created (e.g., "https://europe-docker.pkg.dev," "https://asia-south1-docker.pkg.dev").

Step 2: Configuring Service Account Permissions
In the GCP UI, navigate to IAM & Admin → Service Accounts. Select the relevant service account and go to the "Keys" tab. Ensure that the chosen service account has the necessary permissions.
Click on "ADD KEY," then select "Create a new key" and choose the JSON format. Save the downloaded JSON file in a convenient location for future use.

Step 3: Authenticating the Docker Remote Repository
Authenticate the Docker remote repository in Artifactory using the previously downloaded JSON file. Use the following credentials:
Username: _json_key
Password: <service account key JSON> (copy the contents of the JSON file and paste it as the password)
Note: It is recommended to use a tool like 'cat' to maintain the JSON file's format during the copy-paste process. Copying directly from a browser may lead to authentication issues.

Step 4: Pulling Docker Images from Artifact Registry
With the remote repository configured and authenticated, you can now pull Docker images from the Google Artifact Registry. Follow these steps using the Docker client:
a) Perform a docker login against the Artifactory.
b) Pull the Docker image from the Google Artifact registry via JFrog Artifactory:
docker pull artifactoryurl:8082/remoterepokey/googleprojectid/googleartifactoryreponame/imagename:tag
In the example command, replace the placeholders with your specific details. For instance:
Here, "demo" represents the Artifactory remote name, "demo--381308" corresponds to the Google project ID, and "demo" denotes the Artifact Registry repository.
With the deprecation of Container Registry, Google introduces Artifact Registry as the new solution for hosting images in the gcr.io domain. This article provides a step-by-step guide on how to proxy a private Google Artifact Docker Registry using Artifactory. By configuring a remote repository in Artifactory, users can seamlessly access and manage their Docker images stored in Artifact Registry.
Please note that the following instructions assume familiarity with Google Cloud Platform (GCP) and Artifactory.
Step 1: Creating a Docker Remote Repository in Artifactory
To begin, create a Docker remote repository in Artifactory. Set the URL of the repository to point to the respective region's Artifact Registry endpoint.
The endpoint URLs typically follow the format "https://region-docker.pkg.dev," where the region corresponds to the location where the Docker registry is created (e.g., "https://europe-docker.pkg.dev," "https://asia-south1-docker.pkg.dev").
Step 2: Configuring Service Account Permissions
In the GCP UI, navigate to IAM & Admin → Service Accounts. Select the relevant service account and go to the "Keys" tab. Ensure that the chosen service account has the necessary permissions.
Click on "ADD KEY," then select "Create a new key" and choose the JSON format. Save the downloaded JSON file in a convenient location for future use.
Step 3: Authenticating the Docker Remote Repository
Authenticate the Docker remote repository in Artifactory using the previously downloaded JSON file. Use the following credentials:
Username: _json_key
Password: <service account key JSON> (copy the contents of the JSON file and paste it as the password)
Note: It is recommended to use a tool like 'cat' to maintain the JSON file's format during the copy-paste process. Copying directly from a browser may lead to authentication issues.
Step 4: Pulling Docker Images from Artifact Registry
With the remote repository configured and authenticated, you can now pull Docker images from the Google Artifact Registry. Follow these steps using the Docker client:
a) Perform a docker login against the Artifactory.
docker login artifactoryurl:8082
b) Pull the Docker image from the Google Artifact registry via JFrog Artifactory:
docker pull artifactoryurl:8082/remoterepokey/googleprojectid/googleartifactoryreponame/imagename:tag
In the example command, replace the placeholders with your specific details. For instance:
docker pull artifactoryurl:8082/demo/demo--381308/demo/nginx:latest
Here, "demo" represents the Artifactory remote name, "demo--381308" corresponds to the Google project ID, and "demo" denotes the Artifact Registry repository.