artifact-management

仓库: aj-geddes/useful-ai-prompts
安装量: 121
排名: #7069

安装

npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill artifact-management

Artifact Management Overview

Implement comprehensive artifact management strategies for storing, versioning, and distributing built binaries, Docker images, and packages across environments.

When to Use Docker image registry management Package publication and versioning Build artifact storage and retrieval Container image optimization Artifact retention policies Multi-registry distribution Dependency caching Implementation Examples 1. Docker Registry Configuration

Dockerfile with multi-stage build for optimization

FROM node:18-alpine AS dependencies WORKDIR /app COPY package*.json ./ RUN npm ci --only=production

FROM node:18-alpine AS builder WORKDIR /app COPY package*.json ./ RUN npm ci COPY . . RUN npm run build

FROM node:18-alpine AS runtime WORKDIR /app COPY --from=dependencies /app/node_modules ./node_modules COPY --from=builder /app/dist ./dist COPY package*.json ./

EXPOSE 3000 HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \ CMD node healthcheck.js

CMD ["node", "dist/server.js"]

LABEL org.opencontainers.image.version="1.0.0" \ org.opencontainers.image.description="Production application" \ org.opencontainers.image.authors="DevOps Team"

  1. GitHub Container Registry (GHCR) Push

.github/workflows/publish-image.yml

name: Publish to GHCR

on: push: tags: ['v*'] branches: [main]

env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }}

jobs: publish: runs-on: ubuntu-latest permissions: contents: read packages: write

steps:
  - uses: actions/checkout@v3

  - name: Set up Docker Buildx
    uses: docker/setup-buildx-action@v2

  - name: Log in to registry
    uses: docker/login-action@v2
    with:
      registry: ${{ env.REGISTRY }}
      username: ${{ github.actor }}
      password: ${{ secrets.GITHUB_TOKEN }}

  - name: Extract metadata
    id: meta
    uses: docker/metadata-action@v4
    with:
      images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
      tags: |
        type=ref,event=branch
        type=semver,pattern={{version}}
        type=semver,pattern={{major}}.{{minor}}
        type=sha

  - name: Build and push
    uses: docker/build-push-action@v4
    with:
      context: .
      file: ./Dockerfile.prod
      push: true
      tags: ${{ steps.meta.outputs.tags }}
      labels: ${{ steps.meta.outputs.labels }}
      cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache
      cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max

  1. npm Package Publishing { "name": "@myorg/awesome-library", "version": "1.2.3", "description": "Awesome library for developers", "main": "dist/index.js", "types": "dist/index.d.ts", "files": [ "dist", "README.md", "LICENSE" ], "publishConfig": { "registry": "https://npm.pkg.github.com", "access": "public" }, "repository": { "type": "git", "url": "https://github.com/myorg/awesome-library.git" }, "scripts": { "prepublishOnly": "npm run build && npm run test", "prepack": "npm run build" } }

  2. Artifact Retention Policy

.github/workflows/cleanup-artifacts.yml

name: Cleanup Old Artifacts

on: schedule: - cron: '0 2 * * *' # Daily at 2 AM workflow_dispatch:

jobs: cleanup: runs-on: ubuntu-latest steps: - name: Delete artifacts older than 30 days uses: geekyeggo/delete-artifact@v2 with: name: '*' minCreatedTime: 30d failOnError: false

  1. Artifact Versioning

!/bin/bash

artifact-version.sh

BUILD_DATE=$(date -u +'%Y%m%d') GIT_HASH=$(git rev-parse --short HEAD) VERSION=$(grep '"version"' package.json | sed 's/."version": "([^"])".*/\1/')

Full version tag

FULL_VERSION="${VERSION}-${BUILD_DATE}.${GIT_HASH}"

Create artifact with version

docker build -t myapp:${FULL_VERSION} . docker tag myapp:${FULL_VERSION} myapp:latest

echo "Built artifact version: ${FULL_VERSION}"

  1. GitLab Package Registry

.gitlab-ci.yml

publish-package: stage: publish script: - npm config set @myorg:registry https://gitlab.example.com/api/v4/packages/npm/ - npm config set '//gitlab.example.com/api/v4/packages/npm/:_authToken' "${CI_JOB_TOKEN}" - npm publish only: - tags

Best Practices ✅ DO Use semantic versioning for artifacts Implement image scanning before deployment Set retention policies for old artifacts Use multi-stage builds for Docker images Sign and verify artifacts Implement artifact immutability Document artifact metadata Use specific base image versions Implement vulnerability scanning Cache layers aggressively Tag images with commit SHA Compress artifacts for storage ❌ DON'T Use latest tag as sole identifier Store secrets in artifacts Push artifacts without scanning Use untrusted base images Skip artifact verification Overwrite published artifacts Mix binary and source artifacts Ignore image layer optimization Store build logs with sensitive data Artifact Storage Standards

Naming convention

{registry}/{org}/{repo}/{service}:{version}-{build}-{commit}

Examples

docker.io/myorg/web-app:1.2.3-123-abc1234 ghcr.io/myorg/api-service:2.0.0-456-def5678 artifactory.example.com/releases/core:3.1.0-789-ghi9012

Resources Docker Registry API npm Registry GitHub Artifact Management Artifactory Documentation

返回排行榜