Artifact Repository
Definition
Centralized storage for managing build outputs, software packages, container images, and deployment artifacts throughout the software delivery lifecycle.
Use Cases
- Spotify: Microservices Artifact Management — Manages thousands of container images and internal packages through centralized artifact repositories (Supports 2,000+ microservices with consistent versioning and automated vulnerability scanning of all artifacts)
Provider Equivalents
- AWS: AWS CodeArtifact, Amazon ECR
- Azure: Azure Artifacts, Azure Container Registry
- GCP: Google Artifact Registry
- OCI: OCI Container Registry, OCI Artifact Registry
Frequently Asked Questions
- What is the difference between an artifact repository and a container registry?
- A container registry is a specialized type of artifact repository focused on Docker/OCI container images. General artifact repositories also support language packages (npm, Maven, pip), Helm charts, and generic binaries.
- Why not just use public registries like Docker Hub or npmjs?
- Private artifact repositories provide security scanning, access control, proximity to your compute (reducing pull times), caching of public packages, and compliance with data residency requirements.
Category: devops
Difficulty: intermediate
Related Terms
See Also