artifact-management
Manage build artifacts, Docker images, and package registries. Configure artifact repositories, versioning, and distribution strategies.
Best use case
artifact-management is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Manage build artifacts, Docker images, and package registries. Configure artifact repositories, versioning, and distribution strategies.
Teams using artifact-management should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/artifact-management/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How artifact-management Compares
| Feature / Agent | artifact-management | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Manage build artifacts, Docker images, and package registries. Configure artifact repositories, versioning, and distribution strategies.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Artifact Management
## Overview
Implement comprehensive artifact management strategies for storing, versioning, and distributing built binaries, Docker images, and packages across environments.
## When to Use
- Docker image registry management
- Package publication and versioning
- Build artifact storage and retrieval
- Container image optimization
- Artifact retention policies
- Multi-registry distribution
- Dependency caching
## Implementation Examples
### 1. **Docker Registry Configuration**
```dockerfile
# Dockerfile with multi-stage build for optimization
FROM node:18-alpine AS dependencies
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
FROM node:18-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build
FROM node:18-alpine AS runtime
WORKDIR /app
COPY --from=dependencies /app/node_modules ./node_modules
COPY --from=builder /app/dist ./dist
COPY package*.json ./
EXPOSE 3000
HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \
CMD node healthcheck.js
CMD ["node", "dist/server.js"]
LABEL org.opencontainers.image.version="1.0.0" \
org.opencontainers.image.description="Production application" \
org.opencontainers.image.authors="DevOps Team"
```
### 2. **GitHub Container Registry (GHCR) Push**
```yaml
# .github/workflows/publish-image.yml
name: Publish to GHCR
on:
push:
tags: ['v*']
branches: [main]
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha
- name: Build and push
uses: docker/build-push-action@v4
with:
context: .
file: ./Dockerfile.prod
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max
```
### 3. **npm Package Publishing**
```json
{
"name": "@myorg/awesome-library",
"version": "1.2.3",
"description": "Awesome library for developers",
"main": "dist/index.js",
"types": "dist/index.d.ts",
"files": [
"dist",
"README.md",
"LICENSE"
],
"publishConfig": {
"registry": "https://npm.pkg.github.com",
"access": "public"
},
"repository": {
"type": "git",
"url": "https://github.com/myorg/awesome-library.git"
},
"scripts": {
"prepublishOnly": "npm run build && npm run test",
"prepack": "npm run build"
}
}
```
### 4. **Artifact Retention Policy**
```yaml
# .github/workflows/cleanup-artifacts.yml
name: Cleanup Old Artifacts
on:
schedule:
- cron: '0 2 * * *' # Daily at 2 AM
workflow_dispatch:
jobs:
cleanup:
runs-on: ubuntu-latest
steps:
- name: Delete artifacts older than 30 days
uses: geekyeggo/delete-artifact@v2
with:
name: '*'
minCreatedTime: 30d
failOnError: false
```
### 5. **Artifact Versioning**
```bash
#!/bin/bash
# artifact-version.sh
BUILD_DATE=$(date -u +'%Y%m%d')
GIT_HASH=$(git rev-parse --short HEAD)
VERSION=$(grep '"version"' package.json | sed 's/.*"version": "\([^"]*\)".*/\1/')
# Full version tag
FULL_VERSION="${VERSION}-${BUILD_DATE}.${GIT_HASH}"
# Create artifact with version
docker build -t myapp:${FULL_VERSION} .
docker tag myapp:${FULL_VERSION} myapp:latest
echo "Built artifact version: ${FULL_VERSION}"
```
### 10. **GitLab Package Registry**
```yaml
# .gitlab-ci.yml
publish-package:
stage: publish
script:
- npm config set @myorg:registry https://gitlab.example.com/api/v4/packages/npm/
- npm config set '//gitlab.example.com/api/v4/packages/npm/:_authToken' "${CI_JOB_TOKEN}"
- npm publish
only:
- tags
```
## Best Practices
### ✅ DO
- Use semantic versioning for artifacts
- Implement image scanning before deployment
- Set retention policies for old artifacts
- Use multi-stage builds for Docker images
- Sign and verify artifacts
- Implement artifact immutability
- Document artifact metadata
- Use specific base image versions
- Implement vulnerability scanning
- Cache layers aggressively
- Tag images with commit SHA
- Compress artifacts for storage
### ❌ DON'T
- Use `latest` tag as sole identifier
- Store secrets in artifacts
- Push artifacts without scanning
- Use untrusted base images
- Skip artifact verification
- Overwrite published artifacts
- Mix binary and source artifacts
- Ignore image layer optimization
- Store build logs with sensitive data
## Artifact Storage Standards
```bash
# Naming convention
{registry}/{org}/{repo}/{service}:{version}-{build}-{commit}
# Examples
docker.io/myorg/web-app:1.2.3-123-abc1234
ghcr.io/myorg/api-service:2.0.0-456-def5678
artifactory.example.com/releases/core:3.1.0-789-ghi9012
```
## Resources
- [Docker Registry API](https://docs.docker.com/registry/spec/api/)
- [npm Registry](https://docs.npmjs.com/cli/v8/using-npm/registry)
- [GitHub Artifact Management](https://docs.github.com/en/actions/managing-workflow-runs/removing-workflow-artifacts)
- [Artifactory Documentation](https://jfrog.com/help/artifactory/)Related Skills
dotnet-secrets-management
Manages secrets and sensitive config. User secrets, environment variables, rotation.
dependencies-management-rules
Mandates the usage of UV when installing dependencies to ensure consistency and efficiency across all environments.
cloud-infrastructure-istio-traffic-management
Configure Istio traffic management including routing, load balancing, circuit breakers, and canary deployments. Use when implementing service mesh traffic policies, progressive delivery, or resilience patterns. Use when: the task directly matches istio traffic management responsibilities within plugin cloud-infrastructure. Do not use when: a more specific framework or task-focused skill is clearly a better match.
azure-mgmt-apimanagement-py
Azure API Management SDK for Python. Use for managing APIM services, APIs, products, subscriptions, and policies.
aws-s3-management
Manage S3 buckets with versioning, encryption, access control, lifecycle policies, and replication. Use for object storage, static sites, and data lakes.
artifact-lifecycle
Unified lifecycle management for all framework artifacts (skills, agents, hooks, workflows, templates, schemas)
alert-management
Implement comprehensive alert management with PagerDuty, escalation policies, and incident coordination. Use when setting up alerting systems, managing on-call schedules, or coordinating incident response.
adhd-task-management-skill
ADHD-optimized task tracking with abandonment detection, intervention strategies, and completion accountability
web-artifacts-builder
Suite of tools for creating elaborate, multi-component claude.ai HTML artifacts using modern frontend web technologies (React, Tailwind CSS, shadcn/ui). Use for complex artifacts requiring state ma...
track-management
Use this skill when creating, managing, or working with Conductor tracks - the logical work units for features, bugs, and refactors. Applies to spec.md, plan.md, and track lifecycle operations.
poetry-rye-dependency-management
Specifies Poetry or Rye for dependency management in Python projects.
plans-management
Manages Plans.md tasks and marker operations. Use when user mentions タスクを追加, Plans.md更新, 完了マーク, タスク状態変更, add task, update plans, mark complete. Do NOT load for: 実装作業, レビュー, Plans.md以外のファイル操作.