Skip to content
Latchkey

How to Publish a Docker Image to the GitLab Registry in GitLab CI

GitLab injects registry credentials so a dind job can build and push with no extra secrets.

Every project has a Container Registry reachable via CI_REGISTRY_IMAGE. Log in with the CI-provided job token, build your image, and push it tagged with the commit SHA.

Build and push with the job token

Use the dind service for a Docker daemon and the predefined registry variables to authenticate.

.gitlab-ci.yml
build-image:
  image: docker:24
  services:
    - docker:24-dind
  variables:
    DOCKER_TLS_CERTDIR: "/certs"
  script:
    - echo "${CI_REGISTRY_PASSWORD}" | docker login -u "${CI_REGISTRY_USER}" --password-stdin "${CI_REGISTRY}"
    - docker build -t "${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHORT_SHA}" .
    - docker push "${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHORT_SHA}"

Notes

  • CI_REGISTRY_USER and CI_REGISTRY_PASSWORD are set automatically from the job token; no PAT is needed.
  • Tag with CI_COMMIT_SHORT_SHA for traceability and add a :latest tag on the default branch if you want a moving pointer.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →