Skip to main content

Push and pull artifacts in Artifactory

After you've set up your Artifactory service account, you can pull artifacts from the platform's caching repositories. If you wish to push to Artifactory, you will need an Artifactory project and private repository first. After your set up your private repository, follow these instructions to pull from them.

On this page

Pull Docker images from Artifactory

These steps apply to all Docker-type repositories, not just DockerHub. These steps work for any private docker registry, not just Artifactory. Change out the Artifactory URL for the URL of your preferred registry.

Test your account and pull locally

To test your account and start to pull locally, do the following:

  1. On the command line, log in to the registry. Type the following:
docker login -u <USER_NAME> -p <USER_PASSWORD><REPO_NAME>

For example, the DockerHub caching repository looks like this:

docker login -u <USER_NAME> -p <USER_PASSWORD>
  1. Pull from the registry on your local machine. Do this for local development and to test your account credentials. Type the following:
docker pull<REPO_NAME>/<IMAGE>:<TAG>

Note: The REPO_NAME is unique to each docker repository and must be a part of the URL to pull or push from docker registries hosted in Artifactory.

Pull from Artifactory in OpenShift

To pull from Artifactory in OpenShift, you need the following:

  1. A pull secret in the correct namespace.
  2. A reference to that pull secret in your build/deployment configuration.
  3. A reference to the Artifactory URL wherever you reference your image.

Make your pull secret.

  1. Use the following command:
oc create secret docker-registry <pull-secret-name> \ \
    --docker-username=<username> \
    --docker-password=<password> \

Make sure you have the correct username and password from the artifacts-[ASAname]-[random] secret.

  1. Add the secret to the default and builder OpenShift service account to allow the account to use this pull secret:
oc secrets link default <pull_secret_name>
oc secrets link builder <pull_secret_name>

Note: Some OpenShift documentation implies that linking the secrets in this way is the only necessary step, without having to add the pull secret to your deployment/build configurations as below. You can try this method, but we've found that users often run into problems. We recommend you specify the pull secret in your configurations to avoid problems.

  1. Add your pull secret to your deployment configuration. Do the following:
apiVersion: v1
kind: Pod
  name: <pod-name>
  - name: <container-name>
  - name: <pull-secret-name>

You can also use the following:

apiVersion: v1
kind: BuildConfig
  name: <build-name>
          name: artifactory-creds
          kind: DockerImage

You don't need to use dockerStrategy here. It works the same way under other types of strategy as well.

Don't forget that you need to update the image URL to point explicitly at Artifactory. If there's no URL, it will default to DockerHub.

You can now use this image in your build or deployment.

Node Package Manager (NPM)

The npm-remote repository in Artifactory points to the public default NPM repository. If you wish to pull from a different repository, such as a private one, replace all references to npm-remote below with your repository's name.

  1. Set the NPM registry:
$ npm config set registry
  1. Authenticate to the registry:
$ npm login
Username: <username>
Email: <username>@<namespace>.local
  1. Once the authentication is complete, you can pull artifacts from this registry:
$ npm install inspectpack --registry
+ inspectpack@4.5.2
updated 1 package in 3.131s
4 packages are looking for funding
  run `npm fund` for details

Note: The user that has authenticated to Artifactory must have appropriate permissions to pull from the repository. Otherwise, this command returns with permissions errors. For example:

npm ERR! code E403
npm ERR! 403 403 Forbidden - GET
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy.

When you're ready to build and deploy on OpenShift, add the following to your assemble file:

npm config set registry
curl -u $AF_USERID:$AF_PASSWD >> ~/.npmrc

For example, you can check out the Repo-Mountie assemble file.


To deploy build artifacts through Artifactory you need to add a deployment element with the URL of a target local repository where you want to deploy your artifacts. For example:


Pull other package types from Artifactory

There are many different repository types in Artifactory. This documentation covers only those package types which are used commonly or for which teams have written documentation. If you are looking for instructions on how to pull other types of artifacts from Artifactory, see JFrog's documentation on various repository types for instructions.

If your team uses a specific package type not shown here, consider creating a pull request for this document to share your knowledge.

Related links: