GitLabCI: easy build and deploy an image with Kaniko

jphi_baconnais profile image Jean-Phi Baconnais Updated on 1 min read

I read differents post about image build and deployment with GitLab CI and i would like want to share one tip : use Kaniko .

To create an image you can use the usual docker command

docker build -t <your image name>

And to push this image, this one :

docker push <your image name>:latest

All built with the docker image, and the dind services :

image: docker:stable
   - docker:dind

And finally, in your gitlab-ci.yml, you will have this :

  stage: build
  image: docker:stable
    - docker:dind
    - docker login -u GitLabci -p "$CI_SECRET"  registry.GitLab.com
    - docker build -t <your image name> .
    - docker push <your image name>:latest

This work correctly, of course you can use this.

But on my jobs, i prefer use Kaniko. Why ? Simply because in one line you can build and push on a repository.

Juste before this, you need to write in a file your username, password and auths.

That's all

  stage: build
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE

In this example i deploy my image on the GitLab registry but you can deploy on others repositories.

Don't hesitate to give me comments

Posted on by:

jphi_baconnais profile

Jean-Phi Baconnais


Tech Lead la DSI de P繫le emploi | #GitLabHeroes


Editor guide

Hi, where do you put the credential file ?
Info : I work personnaly with a selfhosted Gitlab omnibus running via docker-compose
And i have windows/linux workstations for my tests/devs working


Hi, mmh what's your problem?


Hi Jean-Phi, how do you handle custom certificates in your scenario? E.g. when using a self-hosted instance with a private Root-CA? Would you build your own kaniko image?


Hi, i don't used custom certificates. In my case, i've use kaniko in GitLab public instance and private instance but without private Root-CA, sorry.