Build and push artifacts and images

You can use Harness CI to upload artifacts, such as Docker images or test results. Build and Push steps build your codebase and then push the resulting artifact to a container registry or cloud storage repo. Upload Artifact steps upload any artifact.

Build and Push

Build and Push steps build your codebase and then push the artifact to a repo. You can:

• Build and push to Docker Hub or a Docker registry
• Build and push to Azure Container Registry (ACR)
• Build and push to Amazon Elastic Container Registry (ECR)
• Build and push to Google Artifact Registry (GAR)
• Build and push to Google Container Registry (GCR)
• Build and push to GitHub Container Registry (GHCR)
• Build and push to a JFrog Artifactory Docker registry

For other non-Docker upload locations, you can use a script in a Run step to build and upload the artifact.

tip

You can also:

• Build images without pushing
• Build multi-architecture images

Video: Add a Build and Push step

The following video demonstrates how to add a Build and Push step to a Harness CI pipeline.

Kubernetes cluster build infrastructures require root access

With Kubernetes cluster build infrastructures, Build and Push steps use kaniko. Other build infrastructures use drone-docker. Kaniko requires root access to build the Docker image. It doesn't support non-root users.

If your build runs as non-root (runAsNonRoot: true), and you want to run the Build and Push step as root, you can set Run as User to 0 on the Build and Push step to use the root user for that individual step only.

If your security policy doesn't allow running as root, go to Build and push with non-root users.

Upload Artifacts

Upload Artifact steps upload artifacts. These steps don't include build commands. You can:

• Upload artifacts to JFrog Artifactory non-Docker registry
• Upload artifacts to GCS
• Upload artifacts to S3
• Upload artifacts to Sonatype Nexus

For other upload locations, you can use a script in a Run step to upload the artifact. You can also send artifacts by email.

Artifacts tab

Regardless of how you upload artifacts, you can publish any URL to the Artifacts tab.

Troubleshoot building and pushing artifacts and images

Go to the CI Knowledge Base for questions and issues related to building and pushing images or uploading artifacts, such as:

• What drives the Build and Push steps? What is kaniko?
• Does a kaniko build use images cached locally on the node? Can I enable caching for kaniko?
• Can I run Build and Push steps as root if my build infrastructure runs as non-root? What if my security policy doesn't allow running as root?
• Can I set kaniko and drone-docker runtime flags, such as skip-tls-verify or custom-dns?
• Is remote caching supported in Build and Push steps?
• Build and Push to ECR step fails with error building image, failed to execute command, exec format error.
• Where does the Build and Push to ECR step pull the base images specified in the Dockerfile?
• Can I send artifacts by email?
• Can I run the Upload Artifacts to JFrog Artifactory step with a non-root user?
• How do I show content on the Artifacts tab?
• Does the Upload Artifacts to S3 step compress files before uploading them?