docker/push¶
Configure jobs to push newly-built images from the GitLab Container Registry to other registries, notably Docker Hub and Quay.io, or to apply production-like tags to existing images on the GitLab Container Registry.
Usage¶
include:
- component: git.ligo.org/computing/gitlab/components/docker/push@<VERSION>
inputs:
stage: publish
Inputs¶
| Input | Default value | Description |
|---|---|---|
stage | publish | The pipeline stage to add jobs to |
job_name_prefix | docker_push | Prefix to use for all job names |
image_name | $CI_REGISTRY_IMAGE | The name of the image to push to the container registry. |
pull_image_tag | The image to pull, should match the image_tag passed to the build component | |
push_image_tag | The new tag to apply and push, defaults to the git tag or branch name | |
push_when | "tags" | When to push tagged images to registries, one of "tags" (only for git tags), "default" (pushes to the default git branch), "all" (pushes to all git branches) |
tag_latest | true | If true tag the new image as 'latest' and push to registries |
gitlab_registry_repository | $CI_PROJECT_PATH | Path of target project on GitLab Container Registry (default is the parent project) |
docker_io_repository | Name of target repository on Docker Hub | |
quay_io_repository | Name of target repository on Quay.io | |
upstream_project_path | Path of the upstream project (to ensure that push jobs don't run on pipelines for forks of the upstream project). |
Notes:
-
In all pipelines, this component creates a job called
{job_name_prefix}_gitlabthat will push a tagged image to the local gitlab container regsitry. See Pushing to Gitlab Container Registry below for details of how to push to the container registry of a different project. -
With the
tag_latestinput, alatestimage is only tagged for git tag or default branch pipelines. -
For details on pushing to Docker Hub see Pushing to Docker Hub.
-
For details on pushing to Quay.io see Pushing to Quay.io.
Pushing to Gitlab Container Registry¶
By default containers are deployed to the GitLab Container Registry in the same project as the CI/CD pipeline. Pushing to the parent project's container registry does not require any special credentials.
The docker/push component can be configured to push to the container registry of a different project, by supplying the gitlab_registry_repository input with the path of the target project, and creating a deploy token in the target project. The token username and password (token value) should then be configured as masked, protected project variables in the source project:
Pushing to Docker Hub¶
If the docker_io_repository input is specified, this component creates a job called {job_name_prefix}_docker_io that will push a tagged image to the designated repository on the Docker Hub container registry.
This job requires the following additional variables to be defined as masked, protected project variables:
| Name | Purpose |
|---|---|
DOCKER_HUB_USER | The username to user when authenticating to https://hub.docker.com with docker login |
DOCKER_HUB_TOKEN | The access token to use when authenticating |
Pushing to Quay.io¶
If the quay_io_repository input is specified, this component creates a job called {job_name_prefix}_quay_io that will push a tagged image to the designated repository on the Quay.io container registry.
This job requiress the following additional variables to be defined as masked, protected project variables:
| Name | Purpose |
|---|---|
QUAY_USER | The username to user when authenticating to https://quay.io with docker login |
QUAY_TOKEN | The robot account password to use when authenticating |