Contact UsTry it for free
© 2026 Direct Cursus Technology L.L.C.

Pushing a binary artifact to a registry

Written by
Updated at January 20, 2026

  1. Create the following environment variables depending on the authentication method:

    1. Get an IAM token for the Yandex account or service account you are going to use for authentication.

    2. Create the REGISTRY_USERNAME and REGISTRY_PASSWORD environment variables:

      export REGISTRY_USERNAME="iam"
export REGISTRY_PASSWORD="<IAM_token>"

      Where:

      • REGISTRY_USERNAME: Authentication method.
      • REGISTRY_PASSWORD: Body of the previously obtained IAM token.

    Note

    The IAM token's lifetime is limited to 12 hours.

    1. Get an OAuth token for the Yandex account you are going to use for authentication.

    2. Create the REGISTRY_USERNAME and REGISTRY_PASSWORD environment variables:

      export REGISTRY_USERNAME="oauth"
export REGISTRY_PASSWORD="<OAuth_token>"

      Where:

      • REGISTRY_USERNAME: Authentication method.
      • REGISTRY_PASSWORD: Body of the previously obtained OAuth token.

    Note

    The OAuth token is valid for one year.

    1. Create an API key for the service account you are going to use for authentication.

    2. Create the REGISTRY_USERNAME and REGISTRY_PASSWORD environment variables:

      export REGISTRY_USERNAME="api_key"
export REGISTRY_PASSWORD="<API_key>"

      Where:

      • REGISTRY_USERNAME: Authentication method.
      • REGISTRY_PASSWORD: Body of the previously created API key.

    Note

    The API key maximum lifetime is set manually when you create the key.

  2. To push a binary artifact, use a POST HTTP request:

    curl \
  --request PUT \
  --user "$REGISTRY_USERNAME:$REGISTRY_PASSWORD" \
  --header "X-Checksum-SHA256: <file_hash>" \
  --upload-file <local_path_to_file> \
  https://registry.yandexcloud.net/binaries/<registry_ID>/<artifact_name>/<artifact_version>/<file_name_in_registry>

    Where:

    • --request: Method.

    • --user: Authentication data.

    • --header: API request header. This is an optional setting.

      In the X-Checksum-SHA256 header, you can specify the hash of the file you are pushing to check the file’s integrity after it is pushed. You can generate the hash, e.g., using this command:

      openssl dgst -sha256 <file_path> | awk '{print $2}'

    • --upload-file: Local path to the file to upload. Maximum size: 100 MB.

    • The request URL contains the registry URL, the artifact name and version, as well as the file name in the registry. Here is an example:

      https://registry.yandexcloud.net/binaries/cn15fqbr806r********/sample-package/3.5.4/agent-installer.sh
Previous
Setting up PyPI
Next
Pulling a binary artifact from a registry