sudo usermod -a -G docker ${USER}
IAM & Admin -> Service Accounts -> Create service account
- Add a key and save the key file on your local machine
IAM & Admin -> IAM -> Add
- Enter the created service account
- Select role as Artifact Registry Reader
gcloud auth activate-service-account ACCOUNT --key-file=KEY-FILE
ACCOUNT
: the service accountKEY-FILE
: the path of the key file- You should see the message after activation:
Activated service account credentials for: [xxxxxx]
gcloud auth configure-docker HOSTNAME-LIST
HOSTNAME-LIST
: a comma-separated list of repository hostnames to add to the credential helper configuration, e.g.asia-docker.pkg.dev,us-central1-docker.pkg.dev
docker pull [LOCATION]-docker.pkg.dev/[PROJECT-ID]/[REPOSITORY]/[IMAGE]:[TAG]
or
docker pull [LOCATION]-docker.pkg.dev/[PROJECT-ID]/[REPOSITORY]/[IMAGE]@[IMAGE_DIGEST]
where:
[LOCATION]
is the regional or multi-regional location of the repository where the image is stored, e.g.asia
,us-central1
.[PROJECT-ID]
is your Google Cloud Console project ID. If your project ID contains a colon (:), see Domain-scoped projects.[REPOSITORY]
is the name of the repository where the image is stored.[IMAGE]
is the image's name in Container Registry.[TAG]
is the tag applied to the image. In a registry, tags are unique to an image.[IMAGE_DIGEST]
is the sha256 hash value of the image contents. In the console, click on the specific image to see its metadata. The digest is listed as the Image digest.