Provision Centralized Artifact Repository for Build and Release Artifacts
Summary
Request for provision of centralized storage space for S-CORE build artifacts (e.g. an Artifactory-compatible repository or similar blob storage solution) to securely publish and retain build outputs, release artifacts, container images, and other binary assets.
Steps to reproduce
-
Build artifacts (binaries, container images, archives, SBOMs, etc.) are currently generated in CI pipelines.
-
There is no centralized, officially supported artifact repository for long-term storage and distribution.
-
Teams must either:
-
Use temporary CI artifacts
-
Store binaries inside Git repositories (not recommended)
-
Use external/unofficial storage solutions
What is the current bug behavior?
There is currently no centralized, managed artifact storage solution available for:
- Publishing release binaries
- Storing immutable build artifacts
- Hosting internal dependencies
- Retaining SBOMs and compliance artifacts
- Storing large binary blobs
- Providing controlled access (RBAC) to artifacts
What is the expected correct behavior?
Provision a managed artifact storage solution with the following capabilities:
-
Centralized artifact repository (e.g. Artifactory, Nexus or equivalent)
-
Support for:
-
Generic binary artifacts
-
Docker/container images
-
npm/PyPI-style registries (optional but preferred)
-
-
Role-based access control
-
Immutable artifact retention for releases
-
Backup and retention policy defined
-
API access for CI/CD integration
Sufficient storage capacity for long-term release traceability
- The solution should support production-grade usage and compliance requirement
Relevant logs and/or screenshots
N/A
Priority
-
Urgent -
High -
Medium -
Low
Severity
-
Blocker -
Major -
Normal -
Low
Impact
Lack of centralized artifact storage impacts:
- Release traceability
- SBOM retention
- Reproducible builds
- Compliance requirements
- Long-term maintenance
- Disaster recovery preparedness