API Reference
Complete API reference for Alien Artifact Registry bindings.
createRepository
Creates a new container image repository within the registry. The behavior varies per platform — some create an explicit cloud resource (AWS ECR), others return a routable name for implicit creation on first push (GCP, Azure). See What Gets Provisioned vs What Happens at Runtime.
const repo = await registry.createRepository(name: string): Promise<RepositoryResponse>async fn create_repository(&self, repo_name: &str) -> Result<RepositoryResponse>| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Logical repository name. Automatically sanitized per platform (see Repository Naming). |
Returns: RepositoryResponse — name is the routable name (the full, platform-specific path). Use this for subsequent API calls. The uri may be undefined if the repository is not yet ready.
getRepository
Gets information about an existing repository.
const repo = await registry.getRepository(repoId: string): Promise<RepositoryResponse>async fn get_repository(&self, repo_id: &str) -> Result<RepositoryResponse>deleteRepository
Deletes a repository and all its images.
await registry.deleteRepository(repoId: string): Promise<void>async fn delete_repository(&self, repo_id: &str) -> Result<()>generateCredentials
Generates temporary, scoped credentials for Docker push/pull operations.
const creds = await registry.generateCredentials(
repoId: string,
permissions: "pull" | "push-pull",
ttlSeconds?: number
): Promise<ArtifactRegistryCredentials>async fn generate_credentials(
&self,
repo_id: &str,
permissions: ArtifactRegistryPermissions,
ttl_seconds: Option<u32>,
) -> Result<ArtifactRegistryCredentials>| Parameter | Type | Required | Description |
|---|---|---|---|
repoId | string | Yes | Repository identifier (the name returned by createRepository). |
permissions | "pull" | "push-pull" | Yes | Access level. |
ttlSeconds | number | No | Credential lifetime in seconds. If omitted, uses the platform default. GCP caps at 3,600s (1 hour). ECR caps at 43,200s (12 hours). |
Returns: ArtifactRegistryCredentials — { username, password, expiresAt? }
addCrossAccountAccess
Grants another cloud account permission to access images. AWS and GCP only.
await registry.addCrossAccountAccess(
repoId: string,
access: CrossAccountAccess
): Promise<void>async fn add_cross_account_access(
&self,
repo_id: &str,
access: CrossAccountAccess,
) -> Result<()>removeCrossAccountAccess
Revokes previously granted cross-account access.
await registry.removeCrossAccountAccess(
repoId: string,
access: CrossAccountAccess
): Promise<void>getCrossAccountAccess
Returns current cross-account access configuration.
const perms = await registry.getCrossAccountAccess(repoId: string): Promise<CrossAccountPermissions>Types
RepositoryResponse
interface RepositoryResponse {
name: string
uri?: string // Image URI, undefined if still creating
createdAt?: string // ISO8601 timestamp
}ArtifactRegistryCredentials
interface ArtifactRegistryCredentials {
authMethod: "basic" | "bearer" // How to present credentials to the registry
username: string // Empty for Bearer auth
password: string // Password (Basic) or token (Bearer)
expiresAt?: string // ISO8601 timestamp
}CrossAccountAccess
type CrossAccountAccess =
| {
type: "aws"
accountIds: string[]
regions: string[]
roleArns: string[]
allowedServiceTypes: ("worker")[]
}
| {
type: "gcp"
projectNumbers: string[]
serviceAccountEmails: string[]
allowedServiceTypes: ("worker")[]
}CrossAccountPermissions
interface CrossAccountPermissions {
access: CrossAccountAccess
lastUpdated?: string
}