Skip to content
Latchkey

How to Build and Push to the GitLab Container Registry in GitLab CI/CD

The built-in CI_REGISTRY variables let a job log in and push to the project Container Registry with no extra secrets.

Authenticate with CI_REGISTRY_USER/CI_REGISTRY_PASSWORD, tag the image with CI_REGISTRY_IMAGE, then push. The token is scoped to the job automatically.

Steps

  • Log in with docker login using the predefined registry variables.
  • Tag the image as $CI_REGISTRY_IMAGE:tag.
  • Push it to the project registry.

Pipeline

.gitlab-ci.yml
build-push:
  image: docker:27
  services:
    - docker:27-dind
  variables:
    DOCKER_TLS_CERTDIR: "/certs"
  script:
    - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"
    - docker build -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA" .
    - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA"

Gotchas

  • The job token authenticates only to the project registry; pushing elsewhere needs your own credentials.
  • Tag with the commit SHA for traceability and add :latest only on the default branch.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →