Artifact Registry implements version 1.1 of the Open Container Initiative (OCI) Distribution Specification so that you can push and pull images directly with Docker clients, including the Docker command-line tool.
Google Cloud services that typically integrate with Artifact Registry, such as Cloud Build and Google Kubernetes Engine, are configured by with default permissions to access repositories in the same project and don't require a separate client.
If you want to interact with Artifact Registry without the Docker client, then we recommend using the gcrane tool. The tool provides:
- Simple commands that work with Artifact Registry, Container Registry, and other registries.
- Useful commands for Artifact Registry and Container Registry tasks that don't have an equivalent command in the Google Cloud CLI or the Docker command-line tool, such as listing untagged images or copying images across registry hosts.
If gcrane isn't an appropriate option, then you can use the OCI Distribution Specification:
- Refer to the OCI Distribution Specification for information about the OCI request format.
- See Authenticating using the Docker Registry API for information about authentication using the API.
Make requests to Artifact Registry using the OCI Distribution Specification
If using Docker or the gcrane tool isn't an option, then you can use the
OCI Distribution Specification.
First, grant the required permissions to your user account. You can then use the Google Cloud CLI to create an access token for requests.
The following example shows the command for listing tags, using
my-image as the image and my-project as the Google Cloud project. This
example also uses the jq command to filter and format the output returned by
requests, but it's optional. The jq tool is included in Cloud Shell.
curl -H "Authorization: Bearer $(gcloud auth print-access-token)" \
"https://us-docker.pkg.dev/v2/my-project/my-repo/my-image/tags/list" | jq ".tags"