How to push docker image to gitlab registry using gitlab CI

Introduction

In this tutorial post, we are going to explain how to build and publish a docker image using gitlab ci. In particular, we are going to publish the image to the gitlab registry.

With the Docker Container Registry integrated into GitLab, every project can have its own space to store its Docker images. You can read more about this in gitlab container registry documentation.

Summary: First we will configure a gitlab runner that will be able to create a docker image. Then we will create a deploy token. Finally, we create the required jobs to build the image and then push it to the gitlab registry.

Configure gitlab runner

There are three possible ways to configure the runner:

Use the runner in shell mode Use the runner in privileged mode (gitlab runner user in docker group) Use docker mode and give access to the docker socket.

In this tutorial, we are going to the docker socket way.

Access to your gitlab runner instance and setup the runner with the following command:

gitlab-runner register -n \
 --url https://gitlab.com/ \
 --registration-token <TOKEN> \ 
--executor docker \
 --description "A gitlab runner using Docker socket bind" \
 --docker-image "docker:stable" \
 --docker-volumes /var/run/docker.sock:/var/run/docker.sock

Create a Deploy Token

  1. Go to the project you want to create Deploy Tokens for.
  2. Go to Settings > Repository.
  3. Click on “Expand” on Deploy Tokens section.
  4. Choose a name, expiry date (optional), and username (optional) for the token.
  5. Choose the desired scopes.
  6. Click on Create deploy token.
  7. Save the deploy token somewhere safe. Once you leave or refresh the page, you won’t be able to access it again.

When you complete the form use the username gitlab-deploy-token. When using the specified username, the jobs will have access to the environment variables CI_DEPLOY_USER and CI_DEPLOY_PASSWORD.

Example gitlab-ci.yml configuration

In our example configuration we have two stages, build and push. The first stage will generate the docker image that will be used in the next stage to push it to the gitlab registry. In the build stage we use docker info to have useful information on the logs. In the push stage we first login using the gitlab environment variables $CI_DEPLOY_USER and $CI_DEPLOY_PASSWORD $CI_REGISTRY. Remember to use the username gitlab-deploy-token to have those env variables!

image: docker:stable

stages:
  - build
  - push

docker build:
  stage: build
  script:
  - docker info
  - >
     docker build
     --pull
     --build-arg http_proxy=$http_proxy
     --build-arg https_proxy=$https_proxy
     --build-arg no_proxy=$no_proxy
     --build-arg VCS_REF=$CI_COMMIT_SHA
     --build-arg VCS_URL=$CI_PROJECT_URL
     --cache-from $CI_REGISTRY_IMAGE:latest
     --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
  - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA

docker push latest:
  stage: push
  only:
  - master
  script:
  - echo -n $CI_JOB_TOKEN | docker login -u gitlab-ci-token --password-stdin $CI_REGISTRY
  - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
  - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
  - docker push $CI_REGISTRY_IMAGE:latest

Please leave comments!