Use Azure Pipelines to build and push container images to registries

Azure DevOps Services

This article guides you through the creation of a pipeline to build and push a Docker image to an Azure Container Registry or Docker Hub.

Prerequisites

Product	Requirements
Azure DevOps	- An Azure DevOps project. - Permissions:     - To grant access to all pipelines in the project: You must be a member of the Project Administrators group.     - To create service connections: You must have the Administrator or Creator role for service connections. - If you're using a self-hosted agent, ensure Docker is installed and the Docker engine is running with elevated privileges. Microsoft-hosted agents have Docker preinstalled.
GitHub	- A GitHub account. - A GitHub repository with a Dockerfile. Use the sample repository if you don't have your own project. - A GitHub service connection to authorize Azure Pipelines.
Azure	- An Azure subscription. - An Azure Container Registry.

Product	Requirements
Azure DevOps	- An Azure DevOps project. - Permissions:     - To grant access to all pipelines in the project: You must be a member of the Project Administrators group.     - To create service connections: You must have the Administrator or Creator role for service connections. - If you're using a self-hosted agent, ensure Docker is installed and the Docker engine is running with elevated privileges. Microsoft-hosted agents have Docker preinstalled.
GitHub	- A GitHub account. - A GitHub repository with a Dockerfile. Use the sample repository if you don't have your own project. - A GitHub service connection to authorize Azure Pipelines.
Docker Hub	- A Docker Hub account. - A Docker Hub image repository.

Create a Docker registry service connection

Before pushing container images to a registry, you need to create a service connection in Azure DevOps. This service connection stores the credentials required to securely authenticate with the container registry. For more information, see Docker Registry service connections.

1. In your Azure DevOps project, select Project settings > Service connections.

   

2. Select New service connection and Docker Registry.

   

3. Select Docker Hub and enter the following information:

   Field	Description
   Docker ID	Enter your Docker ID.
   Docker Password	Enter your Docker password.
   Service connection name	Enter a name for the service connection.
   Grant access permission to all pipelines	Select this option to grant access to all pipelines.

   

4. Select Verify and save.

Create a pipeline to build and push a Docker image

YAML

The Docker@2 task is used to build and push the image to the container registry. The Docker@2 task is designed to streamline the process of building, pushing, and managing Docker images within your Azure Pipelines. This task supports a wide range of Docker commands, including build, push, login, logout, start, stop, and run.

Use the following steps to create a YAML pipeline that uses the Docker@2 task to build and push the image.

1. In to your Azure DevOps project, select Pipelines and New pipeline.

2. Select GitHub as the location of your source code and select your repository.

   • If you're redirected to GitHub to sign in, enter your GitHub credentials.
   • If you're redirected to GitHub to install the Azure Pipelines app, select Approve and install.

3. Select your repository.

4. Select the Starter pipeline template to create a basic pipeline configuration.

5. Replace the contents of azure-pipelines.yml with the following code:

   
   trigger:
   - main
   
   pool:
     vmImage: 'ubuntu-latest' 
   
   variables:
     repositoryName: '<target repository name>' 
   
   steps:
   - task: Docker@2
     inputs:
       containerRegistry: '<docker registry service connection>'
       repository: $(repositoryName)
       command: 'buildAndPush'
       Dockerfile: '**/Dockerfile'
   
   

6. Edit the pipeline YAML file as follows:

   • Replace <target repository name> with the name of the repository in the container registry where you want to push the image.
   • Replace <docker registry service connection> with the name of the Docker registry service connection you created earlier.

7. When you're done, select Save and run > Save and run.

8. Select Job to view the logs and verify the pipeline ran successfully.

Classic

Create a pipeline using the classic editor

1. From your Azure DevOps project, select Pipelines and New pipeline

2. Select Use the classic editor from the Where is your code? page.

3. On the Select a source page, select GitHub.

4. Choose your repository and select Continue.

5. On the Select a template page, select Empty pipeline and Apply.

6. Select ubuntu latest for the Agent Specification.

   

Add the Docker@2 task to the pipeline

To build and push the image to the container registry, add the Docker@2 task to the pipeline.

1. Add a task to the Agent job 1.

   

2. Select the Docker task, and Add.

3. Select the buildAndPush task.

4. For Container Registry, select the service connection you created earlier. If you don't have one, select +New to create a new Docker Hub service connection.

   

Run the pipeline

1. Select Save and queue > Save and Queue.
2. On the Run pipeline page, select Save and run.
3. Select Job to view the logs and verify the pipeline ran successfully.

YAML

1. Go to your Azure DevOps project and select Pipelines from the left-hand menu.

2. Select New pipeline.

3. Select GitHub as the location of your source code and select your repository.

   • If you're redirected to GitHub to sign in, enter your GitHub credentials.
   • If you're redirected to GitHub to install the Azure Pipelines app, select Approve and install.

4. Select the Docker - Build and push an image to Azure Container Registry template.

5. Select your Azure subscription and Continue.

6. Select your Container Registry, and then select Validate and configure.

   Example YAML pipeline:

   # Docker
   # Build and push an image to Azure Container Registry
   # https://docs.microsoft.com/azure/devops/pipelines/languages/docker
   
   trigger:
   - main
   
   resources:
   - repo: self
   
   variables:
     # Container registry service connection established during pipeline creation
     dockerRegistryServiceConnection: '7f9dc28e-5551-43ee-891f-33bf61a995de'
     imageRepository: 'usernamepipelinesjavascriptdocker'
     containerRegistry: 'repoistoryname.azurecr.io'
     dockerfilePath: '$(Build.SourcesDirectory)/app/Dockerfile'
     tag: '$(Build.BuildId)'
   
     # Agent VM image name
     vmImageName: 'ubuntu-latest'
   
   stages:
   - stage: Build
     displayName: Build and push stage
     jobs:
     - job: Build
       displayName: Build
       pool:
         vmImage: $(vmImageName)
       steps:
       - task: Docker@2
         displayName: Build and push an image to container registry
         inputs:
           command: buildAndPush
           repository: $(imageRepository)
           dockerfile: $(dockerfilePath)
           containerRegistry: $(dockerRegistryServiceConnection)
           tags: |
             $(tag)
   
   

7. Select Save and run and Save and run again.

8. Select Job to view the logs and verify the pipeline ran successfully.

The Docker template creates the service connection to your Azure Container Registry and uses the Docker@2 task to build and push the Docker image to the registry.

The Docker@2 task is designed to streamline the process of building, pushing, and managing Docker images within your Azure Pipelines. This task supports a wide range of Docker commands, including build, push, login, logout, start, stop, and run.

Classic

Create a pipeline using the classic editor

1. From your Azure DevOps project, select Pipelines and New pipeline.

2. Select Use the classic editor from the Where is your code? page.

3. On the Select a source page, select GitHub.

4. Choose your repository and select Continue.

5. On the Select a template page, select Empty pipeline and Apply.

6. Select ubuntu latest for the Agent Specification.

   

Add the Docker@2 task to the pipeline

Add a Docker@2 task to the pipeline to build and push the image to the container registry.

1. Add a task to Agent job 1.

   

2. Select the Docker task, and Add.

3. Select the buildAndPush task.

4. Create a service connection select +New.

   

5. Fill in the following fields:

   Field	Description
   Subscription	Select your Azure subscription.
   Azure container registry	Select your Azure container registry.
   Service connection name	Enter a name for the service connection.
   Grant access permission to all pipelines	Select this option to grant access to all pipelines.

   

6. Select Save.

Run the pipeline

1. Select Save and queue > Save and Queue.
2. On the Run pipeline page, select Save and run.
3. Select Job to view the logs and verify the pipeline ran successfully.

When using self-hosted agents, be sure that Docker is installed on the agent's host, and the Docker engine/daemon is running with elevated privileges.

Related articles

• Build a container image
• Docker content trust