Artifact Registry is a universal package management service that supports containers and other formats. Learn about transitioning from Container Registry to gain greater flexibility and control over your artifacts.

Container analysis and vulnerability scanning

Container Analysis provides vulnerability scanning and metadata storage for containers through Container Analysis. The scanning service performs vulnerability scans on images in Container Registry and Artifact Registry, then stores the resulting metadata and makes it available for consumption through an API. Metadata storage allows storing information from different sources, including vulnerability scanning, other Cloud services, and third-party providers.

Container Analysis as a strategic information API

Container Analysis is a Cloud infrastructure component that enables you to store and retrieve structured metadata for Google Cloud resources. In the context of your CI/CD pipeline, Container Analysis can be integrated to store metadata about your deployment process and make decisions based on that metadata.

Container Analysis in
CI/CD

Figure 1. Diagram that shows Container Analysis as CI/CD pipeline component that interacts with metadata across source, build, storage, and deployment stages as well as runtime environments.

To learn about using Container Analysis see the Container Analysis documentation.