# How to Use CI/CD Systems with Your Container Registry The DigitalOcean Container Registry (DOCR) is a private Docker image registry that lets you store and manage private container images. DOCR integrates natively with Docker environments and DigitalOcean Kubernetes clusters. You can push images from your CI/CD system to DigitalOcean Container Registry. For example, you can push a new image to the registry whenever a build with your commit is successful on your source control system. **Note**: Your CI/CD setup may fail to push images during [garbage collection](https://docs.digitalocean.com/products/container-registry/how-to/clean-up-container-registry/index.html.md) when the container registry is in read-only mode. To start using your CI/CD system with the registry, you first need to authenticate it to push images to the registry. Depending on your CI system, you can use one of the following methods to authenticate it: - Using a Docker configuration file - Using a username and password - Using `doctl` You can then run `docker` commands to [push an image to the registry](https://docs.digitalocean.com/products/container-registry/getting-started/quickstart/index.html.md#push-to-your-registry), or you can configure your CI system to specify what to build and push the image automatically. ## Authenticate Using a Docker Configuration File Many CI systems support configuring authentication using a Docker `config.json` file. You can fetch this JSON file for your container registry using one of the following methods: - In the DigitalOcean Control Panel, [navigate to the registry page](https://cloud.digitalocean.com/registry). Then, click **Actions** and select **Download Docker Credentials** to download the credentials JSON file. - Run `doctl registries docker-config --read-write`. If you do not provide the `--read-write` flag, you will receive read-only credentials, which are usually undesirable for CI. - Use the [DigitalOcean Container Registry API](https://developers.digitalocean.com/documentation/v2/#get-docker-credentials-for-container-registry). ## Authenticate Using a Username and Password For CI systems that support configuring registry authentication via username and password, use a [DigitalOcean API token](https://docs.digitalocean.com/reference/api/create-personal-access-token/index.html.md) as both the username and the password. The API token must have read/write privileges to push to your registry. ## Authenticate Using doctl If you can run `doctl` in your CI environment, run [the `registry login` command](https://docs.digitalocean.com/reference/doctl/reference/registry/login/index.html.md) to authenticate before pushing images: ```shell doctl registries login --expiry-seconds