How to Build and Push to the GitLab Container Registry in GitLab CI/CD
The built-in CI_REGISTRY variables let a job log in and push to the project Container Registry with no extra secrets.
Authenticate with CI_REGISTRY_USER/CI_REGISTRY_PASSWORD, tag the image with CI_REGISTRY_IMAGE, then push. The token is scoped to the job automatically.
Steps
- Log in with
docker loginusing the predefined registry variables. - Tag the image as
$CI_REGISTRY_IMAGE:tag. - Push it to the project registry.
Pipeline
.gitlab-ci.yml
build-push:
image: docker:27
services:
- docker:27-dind
variables:
DOCKER_TLS_CERTDIR: "/certs"
script:
- echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"
- docker build -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA" .
- docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA"Gotchas
- The job token authenticates only to the project registry; pushing elsewhere needs your own credentials.
- Tag with the commit SHA for traceability and add
:latestonly on the default branch.
Related guides
How to Build Docker Images With Docker-in-Docker in GitLab CI/CDBuild Docker images in GitLab CI/CD using the docker:dind service and a docker client image, configuring DOCK…
How to Deploy to Kubernetes With the GitLab Agent in GitLab CI/CDDeploy from GitLab CI/CD to a cluster using the GitLab agent for Kubernetes, getting a kubeconfig context fro…