Create a dedicated service account for Jenkins to use with Artifact Registry.
Run the following command to create a service account named jenkins-sa:
gcloudiamservice-accountscreatejenkins-sa
This creates a service account named
jenkins-sa@PROJECT.iam.gserviceaccount.com, where
PROJECT is your project ID.
In the project that contains the repository, grant the Artifact Registry Writer role to the Jenkins service account that you created.
You can either grant the role for all repositories in the project or you can
grant the role for the specific repositories that service account needs to
access.
PROJECT is the project ID. If this flag is omitted, the current
or default project is used.
REPOSITORY is the ID of the repository. If you configured a
default Artifact Registry
repository, it is used when this flag is omitted from the command.
LOCATION is the regional or multi-regional
location for the repository.
Create a YAML file as the pod template for Jenkins agents.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[[["\u003cp\u003eThis guide outlines how to configure Jenkins to store built Maven packages in an Artifact Registry repository, starting with setting up a dedicated service account for Jenkins.\u003c/p\u003e\n"],["\u003cp\u003eIt details granting the Artifact Registry Writer role to the Jenkins service account for repository access, either project-wide or for specific repositories.\u003c/p\u003e\n"],["\u003cp\u003eThe process includes creating a Google Kubernetes Engine (GKE) cluster or node pool using the dedicated service account, or configuring the default Compute Engine service account as an alternative.\u003c/p\u003e\n"],["\u003cp\u003eThe guide covers setting up a Maven project, including forking and cloning a sample project, creating a Jenkins pipeline, and configuring the repository connection within the \u003ccode\u003epom.xml\u003c/code\u003e file.\u003c/p\u003e\n"],["\u003cp\u003eFinally, it explains how to start a build, push changes to GitHub, and verify that artifacts are successfully stored in the Artifact Registry repository.\u003c/p\u003e\n"]]],[],null,["# Integrating with Jenkins\n\nThis page guides you through configuring Jenkins to store built Maven\npackages in an Artifact Registry repository.\n\nBefore you begin\n----------------\n\nIf the target repository does not exist,\n[create a new repository](/artifact-registry/docs/repositories/create-repos).\n\nConfiguring access to your repository\n-------------------------------------\n\n1. Create a dedicated service account for Jenkins to use with Artifact Registry.\n\n Run the following command to create a service account named `jenkins-sa`: \n\n gcloud iam service-accounts create jenkins-sa\n\n This creates a service account named\n jenkins-sa@\u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e.iam.gserviceaccount.com, where\n \u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e is your project ID.\n2. In the project that contains the repository, grant the **Artifact Registry Writer** role to the Jenkins service account that you created.\n You can either grant the role for all repositories in the project or you can\n grant the role for the specific repositories that service account needs to\n access.\n\n For details on permissions and granting access by role, see\n [Configuring access control](/artifact-registry/docs/access-control).\n\nSetting up a GKE cluster\n------------------------\n\nWhen you set up a new Google Kubernetes Engine cluster or node pool, use the service account\nthat you created for Jenkins to use. \n\n### Console\n\nTo create a cluster using Google Cloud console, perform the following\nsteps:\n\n1. Visit the Artifact Registry menu in Google Cloud console.\n\n [Visit the Artifact Registry menu](https://console.cloud.google.com/kubernetes/list)\n2. Click **Create cluster**.\n\n3. Configure the cluster as desired. Don't click **Create** yet.\n\n4. Click **More options** in the default node pool.\n\n5. In the **Security** section, select the [Jenkins service account](#configuring_access_to_your_repository)\n that you created.\n\n | **Note:** If you want to use the default Compute Engine service account instead, select **Set access for each API** in the **Access scopes** section. In the Cloud Platform **Read Write** drop-down list, select **Enabled**.\n6. Click **Save** to exit the overlay.\n\n7. Click **Create**.\n\n### gcloud\n\nUse one of the following commands to create the cluster with the Jenkins\nservice account. In the commands, \u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e is your project ID.\n\nTo create a cluster with the service account, run the command. \n\n```\ngcloud container clusters create example-cluster --service-account=jenkins-sa@PROJECT.iam.gserviceaccount.com\n```\n\nTo create a node pool in an existing cluster: \n\n```\ngcloud container node-pools create example-pool --service-account=jenkins-sa@PROJECT.iam.gserviceaccount.com\n```\n\nSee the [gcloud container clusters create](/sdk/gcloud/reference/container/clusters/create)\ndocumentation for details about the command.\n| **Note:** If you want to use the default Compute Engine service account instead, omit the `--service-account` option and add `--scopes cloud-platform` to apply the Cloud Platform access scope.\n\nSetting up Jenkins on GKE\n-------------------------\n\n1. Follow the tutorial for setting up [Jenkins on GKE](/solutions/jenkins-on-kubernetes-engine-tutorial).\n Use the cluster that you created in the previous section.\n\n2. In Jenkins, update the GKE plugin to the latest version.\n Click **Manage Jenkins** \\\u003e **Manage Plugins** \\\u003e **Updates**.\n\nSet up a Maven project\n----------------------\n\n1. Fork the [sample Maven project](https://github.com/jenkins-docs/simple-java-maven-app)\n in the Jenkins documentation GitHub repository.\n\n2. Clone the forked repository.\n\n ```\n git clone git@github.com:USER_NAME/simple-java-maven-app.git\n ```\n3. Set up a new pipeline in the Jenkins interface.\n\n 1. Click **New Item**.\n 2. Select **Pipeline**.\n 3. Set a name for the pipeline and click **OK**.\n4. On the **General** tab, configure the following options in the Pipeline\n section:\n\n - Select **Pipeline script from SCM**.\n - In the SCM drop-down list, select **Git** and then specify the URL and credentials to connect to your GitHub repository.\n\n5. Click **Save**.\n\nConfiguring the connection to the repository\n--------------------------------------------\n\nConfigure Jenkins with the repository and credentials to connect to the repository.\n\n1. Add your repository to the Maven `pom.xml`. Use the following command to\n print a snippet to add.\n\n gcloud artifacts print-settings mvn [--project=\u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e] \\\n [--repository=\u003cvar translate=\"no\"\u003eREPOSITORY\u003c/var\u003e] [--location=\u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e]\n\n Where\n - \u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e is the project ID. If this flag is omitted, the current or default project is used.\n - \u003cvar translate=\"no\"\u003eREPOSITORY\u003c/var\u003e is the ID of the repository. If you configured a [default](/artifact-registry/docs/gcloud-defaults) Artifact Registry repository, it is used when this flag is omitted from the command.\n - \u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e is the regional or multi-regional [location](/artifact-registry/docs/repo-locations) for the repository.\n2. Create a YAML file as the pod template for Jenkins agents.\n\n mkdir jenkins\n cat \u003e jenkins/maven-pod.yaml \u003c\u003c EOF\n apiVersion: v1\n kind: Pod\n spec:\n containers:\n - name: maven\n image: maven:3.3.9-jdk-8-alpine\n command: ['cat']\n tty: true\n EOF\n\n3. Modify the file `Jenkinsfile`.\n\n pipeline {\n agent none\n stages {\n stage('Deploy') {\n steps {\n agent {\n kubernetes {\n label 'mavenpod'\n yamlFile 'jenkins/maven-pod.yaml'\n }\n }\n container('maven') {\n sh \"mvn -B clean deploy\"\n }\n }\n }\n }\n }\n\nStarting a build\n----------------\n\n1. Push the changes you made to GitHub project.\n\n git add . && git commit -m \"Configure my Jenkins pipeline\" && git push\n\n2. In the Jenkins interface, start a new build for the application in your\n sample Maven project.\n\nWhen the build completes successfully, the artifacts are added to the\nArtifact Registry Java package repository that you created.\n\nRun the following command to list packages in the repository: \n\n gcloud artifacts packages list --repository=mvn-jenkins --location=\u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e\n\nThe output looks similar to the following example: \n\n Listing items under project {YOUR_PROJECT}, repository mvn-jenkins.\n\n PACKAGE CREATE_TIME UPDATE_TIME\n com.mycompany.app:my-app 2019-06-25T17:09:44 2019-06-25T17:09:44"]]
