The Agent Registry is a centralized storage and distribution system for AI agents. It enables sharing, versioning, and discovery of agents across teams and organizations.
The registry provides:
- Agent Storage: Secure storage for agent packages and metadata
- Version Management: Semantic versioning and release tracking
- Distribution: Easy sharing and discovery of agents
- Access Control: Authentication and authorization
- Search & Discovery: Find agents by capabilities, tags, and metadata
The registry integrates with:
- Docker Registry: Standard Docker registry compatibility
- Agent Registry: Custom agent-specific registry
- Authentication: Token-based authentication
- Storage: Distributed storage backend
type Registry struct {
dockerClient *client.Client
registryURL string
authToken string
}type PushOptions struct {
Image string // Image to push
Registry string // Target registry
AllTags bool // Push all tags
}type PullOptions struct {
Image string // Image to pull
Registry string // Source registry
Quiet bool // Quiet mode
}type ListOptions struct {
Filter []string // Filter criteria
All bool // Show all images
}type PushResult struct {
Repository string // Image repository
Tag string // Image tag
Digest string // Image digest
Size string // Image size
RegistryURL string // Registry URL
}type PullResult struct {
ImageID string // Docker image ID
Size string // Image size
Digest string // Image digest
RegistryURL string // Registry URL
}type ImageInfo struct {
ID string // Image ID
Repository string // Repository name
Tag string // Image tag
Created time.Time // Creation time
Size int64 // Image size in bytes
}# Push to default registry
agent push my-agent:latest
# Push to specific registry
agent push my-agent:latest --registry myregistry.com
# Push all tags
agent push my-agent --all-tagspackage main
import (
"fmt"
"github.com/pxkundu/agent-as-code/internal/registry"
)
func main() {
// Create registry instance
r := registry.New()
// Push options
options := ®istry.PushOptions{
Image: "my-agent:latest",
Registry: "myregistry.com",
AllTags: false,
}
// Push image
result, err := r.Push(options)
if err != nil {
fmt.Printf("Push failed: %v\n", err)
return
}
fmt.Printf("Push successful: %s\n", result.Repository)
fmt.Printf("Tag: %s\n", result.Tag)
fmt.Printf("Digest: %s\n", result.Digest)
}- Validation: Verify local image exists
- Authentication: Authenticate with registry
- Upload: Stream image layers to registry
- Verification: Confirm successful upload
- Metadata: Update registry metadata
# Pull from default registry
agent pull my-agent:latest
# Pull from specific registry
agent pull my-agent:latest --registry myregistry.com
# Quiet pull (minimal output)
agent pull my-agent:latest --quiet// Pull options
options := ®istry.PullOptions{
Image: "my-agent:latest",
Registry: "myregistry.com",
Quiet: false,
}
// Pull image
result, err := r.Pull(options)
if err != nil {
fmt.Printf("Pull failed: %v\n", err)
return
}
fmt.Printf("Pull successful: %s\n", result.ImageID)
fmt.Printf("Size: %s\n", result.Size)- Authentication: Authenticate with registry
- Download: Stream image layers from registry
- Verification: Verify image integrity
- Storage: Store locally with metadata
- Cleanup: Remove temporary files
# List all images
agent images
# List with filters
agent images --filter "my-agent"
# Show all images (including untagged)
agent images --all// List options
options := ®istry.ListOptions{
Filter: []string{"my-agent"},
All: false,
}
// List images
images, err := r.ListLocal(options)
if err != nil {
fmt.Printf("List failed: %v\n", err)
return
}
for _, image := range images {
fmt.Printf("ID: %s\n", image.ID)
fmt.Printf("Repository: %s\n", image.Repository)
fmt.Printf("Tag: %s\n", image.Tag)
fmt.Printf("Size: %s\n", formatSize(image.Size))
fmt.Printf("Created: %s\n", image.Created.Format("2006-01-02 15:04:05"))
fmt.Println("---")
}Standard Docker registry compatibility:
- Docker Hub: Public Docker registry
- ECR: AWS Elastic Container Registry
- ACR: Azure Container Registry
- GCR: Google Container Registry
Custom agent-specific registry:
- myagentregistry.com: Official agent registry
- Custom Registries: Self-hosted registries
- Enterprise Registries: Corporate registries
# Registry URL
export AGENT_REGISTRY_URL="https://myregistry.com"
# Authentication token
export AGENT_REGISTRY_TOKEN="your-auth-token"
# Docker credentials (for Docker registries)
export DOCKER_USERNAME="your-username"
export DOCKER_PASSWORD="your-password"- Token Authentication: Bearer token for API access
- Username/Password: Basic authentication
- OAuth2: OAuth2 token flow
- Service Account: Kubernetes service accounts
- Use environment variables for secrets
- Rotate tokens regularly
- Implement least privilege access
- Monitor authentication attempts
# Tag local image
docker tag my-agent:latest myregistry.com/my-agent:v1.0.0
# Tag with specific registry
docker tag my-agent:latest myregistry.com/team/my-agent:latest
# Tag multiple versions
docker tag my-agent:latest my-agent:v1.0.0
docker tag my-agent:latest my-agent:latest# Semantic versioning
agent push my-agent:1.0.0
agent push my-agent:1.0.1
agent push my-agent:1.1.0
agent push my-agent:2.0.0
# Latest tag
agent push my-agent:latest
# Development tags
agent push my-agent:dev
agent push my-agent:staging# Remove local images
docker rmi my-agent:old-version
# Remove untagged images
docker image prune
# Remove all unused images
docker image prune -a
# Remove specific registry images
docker rmi myregistry.com/my-agent:old-version# ~/.aac/config.yaml
registries:
default:
url: "https://myregistry.com"
auth:
type: "token"
token: "${AGENT_REGISTRY_TOKEN}"
production:
url: "https://prod.registry.com"
auth:
type: "oauth2"
client_id: "${OAUTH_CLIENT_ID}"
client_secret: "${OAUTH_CLIENT_SECRET}"
development:
url: "https://dev.registry.com"
auth:
type: "username"
username: "${DEV_USERNAME}"
password: "${DEV_PASSWORD}"# Use specific registry profile
agent push my-agent:latest --profile production
# Override registry URL
agent push my-agent:latest --registry https://custom.registry.com
# Use default registry
agent push my-agent:latest# Search by name
agent search my-agent
# Search by tag
agent search my-agent:latest
# Search by capability
agent search --capability "text-generation"
# Search by author
agent search --author "ai-team"- Name: Exact or partial name matching
- Tag: Specific version or tag
- Capability: Agent capabilities
- Author: Image creator
- Date: Creation or update date
- Size: Image size range
{
"images": [
{
"name": "my-agent",
"tag": "latest",
"description": "Advanced text generation agent",
"author": "ai-team",
"capabilities": ["text-generation", "chat"],
"size": "150MB",
"created": "2024-01-01T00:00:00Z",
"downloads": 150,
"rating": 4.8
}
],
"total": 1,
"page": 1,
"per_page": 10
}# Registry caching configuration
cache:
enabled: true
max_size: "10GB"
ttl: "24h"
strategies:
- layer_caching: true
- metadata_caching: true
- search_caching: true- CDN Integration: Content delivery networks
- Mirror Registries: Geographic mirrors
- Connection Pooling: Reuse connections
- Compression: Layer compression
- Layer Deduplication: Shared layers
- Compression: Image compression
- Cleanup Policies: Automatic cleanup
- Storage Tiers: Hot/cold storage
# View registry metrics
agent registry metrics
# Monitor specific metrics
agent registry metrics --metric "push_count" --period "24h"
# Custom metric queries
agent registry metrics --query "rate(push_operations_total[5m])"- Push Operations: Images pushed per time period
- Pull Operations: Images pulled per time period
- Storage Usage: Registry storage consumption
- Authentication: Login attempts and failures
- Performance: Response times and throughput
# Check registry health
agent registry health
# Detailed health check
agent registry health --detailed
# Health check with timeout
agent registry health --timeout 30s- Authentication Failed: "authentication failed"
- Image Not Found: "image not found in registry"
- Network Error: "failed to connect to registry"
- Storage Full: "insufficient storage space"
- Rate Limited: "rate limit exceeded"
// Retry logic for registry operations
func pushWithRetry(options *PushOptions, maxRetries int) (*PushResult, error) {
var lastErr error
for i := 0; i < maxRetries; i++ {
result, err := r.Push(options)
if err == nil {
return result, nil
}
lastErr = err
// Exponential backoff
backoff := time.Duration(i+1) * time.Second
time.Sleep(backoff)
}
return nil, fmt.Errorf("failed after %d retries: %v", maxRetries, lastErr)
}# Check registry connectivity
curl -I https://myregistry.com/v2/
# Verify authentication
agent registry auth test
# Check image existence
agent registry image info my-agent:latest
# View registry logs
agent registry logs --level error --since 1h# Sign image before push
agent push my-agent:latest --sign
# Verify image signature on pull
agent pull my-agent:latest --verify-signature
# View image signatures
agent registry image signatures my-agent:latest# Scan image for vulnerabilities
agent push my-agent:latest --security-scan
# View scan results
agent registry image scan-results my-agent:latest
# Block vulnerable images
agent registry policy set --block-vulnerabilities high# Set image visibility
agent push my-agent:latest --visibility private
# Manage permissions
agent registry permission add my-agent:latest --user john --permission read
# View access logs
agent registry access-logs --user john --since 24h# GitHub Actions example
- name: Build and Push Agent
run: |
agent build -t my-agent:${{ github.sha }} .
agent push my-agent:${{ github.sha }}
agent push my-agent:latest# Kubernetes deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-agent
spec:
template:
spec:
containers:
- name: agent
image: myregistry.com/my-agent:latest
imagePullPolicy: Always# docker-compose.yml
version: '3.8'
services:
agent:
image: myregistry.com/my-agent:latest
ports:
- "8080:8080"
environment:
- OPENAI_API_KEY=${OPENAI_API_KEY}- Use semantic versioning
- Tag images consistently
- Clean up old images
- Monitor image sizes
- Sign all images
- Scan for vulnerabilities
- Use private registries
- Implement access controls
- Use caching effectively
- Optimize image sizes
- Monitor registry performance
- Implement cleanup policies
- Monitor registry health
- Set up alerting
- Document procedures
- Regular backups
-
Authentication Problems
- Verify token validity
- Check environment variables
- Test with curl commands
-
Network Issues
- Check firewall rules
- Verify DNS resolution
- Test connectivity
-
Storage Issues
- Check available space
- Verify storage permissions
- Review cleanup policies
# Enable debug mode
export AAC_LOG_LEVEL=debug
# Test registry connection
agent registry ping
# View registry configuration
agent registry config show
# Test authentication
agent registry auth test
# View detailed logs
agent registry logs --level debug- Parser - Configuration parsing
- Builder - Container building
- Runtime - Agent execution
- CLI Overview - Command-line usage
- Agent Configuration - Configuration reference