Cloudsmith’s container registry fully complies with the Open Container Initiative (OCI) v1.1 standard, letting customers store, secure, and distribute OCI container images and arbitrary artifacts such as Helm charts, binaries, and custom formats. This is an evolution of how Cloudsmith helps organizations streamline Kubernetes workflows and will future-proof our platform as ecosystems and standards evolve. It is a significant milestone that expands our capabilities to manage container images and associated artifacts, enabling organizations to establish and maintain comprehensive relationships across their entire Software Supply Chain.
Cloudsmith's OCI v1.1 implementation goes beyond traditional container registry functionality by enabling organizations to establish explicit relationships between container images and their associated artifacts.
With our support for the referrers API, you can link supply chain artifacts such as SBOMs, signatures, attestations, or other artifacts associated with a container image or another OCI artifact.
Our early access support allows you to store, secure, and distribute generic OCI images and artifacts, including Helm V3 charts.
Interoperability: Easily integrate with any OCI-compliant tools and services, ensuring you can choose the right tools for your workflows and desired outcomes.
Standardization: Benefit from industry-standard specifications for container formats and image distribution, providing greater consistency and reliability.
Future-proofing: As more technologies and ecosystems use the OCI specification, Cloudsmith will support them.
Cloudsmith currently supports early access for its OCI registry, so stay tuned for updates as we work toward full OCI support, enhanced Helm capabilities, and advanced security features for all supported artifact types.
Please refer to our updated documentation for detailed information on how to get started. As always, please contact us with questions or feedback 💙