Gitlab hero border pattern left svg Gitlab hero border pattern right svg

Category Direction - Container Registry

Container Registry

The GitLab Container Registry is a secure and private registry for Docker images. Built on open source software and completely integrated within GitLab. Use GitLab CI/CD to create and publish branch/release specific images. Use the GitLab API to manage the registry across groups and projects. Use the user interface to discover and manage your team's images. GitLab will provide a Lovable container registry experience by being the single location for the entire DevOps Lifecycle, not just a portion of it. We will provide many of the features expected of a container registry, but without the weight and complexity of a single-point solution.

If you have any feedback about what's working well for you or what you would like to see us improve, please reach out to me directly via E-mail.

This page is maintained by the Product Manager for Package, Tim Rizzi (E-mail)

What's Next & Why

GitLab's Container Registry is robust, and integrated into your CI/CD process. It meets the needs of most container-based application development teams. As a result, our highest priority for the Container Registry is to lower the cost of storage on behalf of our customers and for GitLab.com. Those costs tend to grow without sufficient container registry management.

gitlab-#2313 will allow Administrators to run garbage collection without requiring any downtime or setting the registry to read-only mode.

gitlab-#2270, expands the utility of the Cleanup policies for tags. gitlab-#208193 will improve the performance of the tag deletion process, so that we can enable the feature for all projects on GitLab.com.

gitlab-#219915 will resolve a bug in which cleanup policies do not delete image/tags.

Maturity Plan

This category is currently at the "Viable" maturity level, and our next maturity target is Complete (see our definitions of maturity levels).

For a list of key deliverables and expected outcomes, check out the epic, Make the Container Registry Complete, which includes links and expected timing for each issue.

Competitive Landscape

Open source container registries such as Docker Hub and Red Hat's Quay offer users a single location to build, analyze and distribute their container images.

The primary reason people don’t use DockerHub is that they need a private registry and one that lives alongside their source code and pipelines. They like to be able to use pre-defined environment variables for cataloging and discovering images. Often DockerHub is used as a base image for a test, but if you are building an app, you will likely customize an image to fit your application and save it GitLab's private registry alongside your source code.

JFrog and Sonatype both offer support for building and deploying Docker images. JFrog offers their container registry as part of their community edition as well.

JFrog integrates with several different CI servers through dedicated plug-ins, including Jenkins and Azure DevOps, but does not yet support GitLab. However, you can still connect to your Artifactory repository from GitLab CI. Here is an example of how to deploy Maven projects to Artifactory with GitLab CI/CD.

GitHub has recently released an open beta of their container registry. Currently, the GitHub Container Registry only supports Docker image formats. During the beta, storage and bandwidth are free. After the beta, you can expect each tier to come with an included amount of storage and data transfers. Once you pass those limits, you will pay $0.25 USD per GB of storage and $0.50 USD per GB of data transfer. One concern worth raising is that we don't see a way to programmatically delete images. Given the cost of storing images, this could be a concern for organizations that heavily use GitHub's registry. Another limitation is that they only support authentication using your Personal Access Token. This is not ideal for organizations taht would like to avoid using individual-level credentials. With the GitLab Container Registry, you may use a PAT, Deploy, or Job token to authenticate to the registry.

There are several nice features that they've included. One nice feature is that you can publish images to your namespace or your user account. We would like to create that same functionality via gitlab-#241027. Also, their user interface includes helpful metadata, such as how often it's downloaded and a readme.

JetBrains offers a container registry that allows you to add a project repository and publish images and tags using the Docker client or your JetBrains project. Although they do not currently have any documentation for administrative features, such as cleanup policies or garbage collection.

Codefresh has deprecated support for their registry

Top Customer Success/Sales Issue(s)

The top Customer Success/Sales issue is gitlab-#196124, which will enable support of the cleanup policies for all projects.

Top Customer Issue(s)

The top customer issue is gitlab-2313, which will remove the requirement for down time and unblock all of our customers (and GitLab) from running garbage collection.

Top Internal Customer Issue(s)

The top internal customer issue is tied to storage optimization. gitlab-#2313 will allow the Infrastructure team to lower the total cost of the GitLab.com Container Registry by implementing online garbage collection and removal of blobs.

Top Vision Item(s)

We've learned from a recent survey and subsequent user interviews, that users navigate to the Container Registry user interface for one of three reasons.

Our top vision item, gitlab-#3211 which will redesign the user interface of the Container Registry. This epic also includes gitlab-#15489 and gitlab-#216933, which will allow you to sort and filter your images and tags in the registry UI.

Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license