diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index bec4076d6e094fb5d7ce9d44f34611fe0bcedaaf..d98ebe2e0f8dfe3f7e4a69d4341b32d1734ca04b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -67,35 +67,30 @@ docker-push:
     AURA_IMAGE_NAME: "autoradio/steering"
   services:
     - docker:dind
-  before_script:
-    # on a feature branch will login to gitlab registry
-    # else to docker hub
-    # hint: feature branches must begin with "feat"
-    - |
-      if expr "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" : ^feat > /dev/null
-        then docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
-      else docker login -u "$DOCKER_ID" -p "$DOCKER_HUB_AUTH"
-      fi
   script:
     # every commit on main branch should build and push image as unstable
-    # elseif its a feature branch build and push to gitlab registry
+    # elseif its a protected branch build and push to gitlab registry
     # else it is from a tag (enforced by gitlab-ci rules)
     # hint: tags are references independent of branches
     # hint: feature branches must begin with "feat"
     - |
       if [ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]
-        then docker build -t $AURA_IMAGE_NAME:unstable .
-        docker push $AURA_IMAGE_NAME:unstable 
-      elif expr "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" : ^feat > /dev/null
-        then docker build -t $AURA_IMAGE_NAME -t $CI_REGISTRY_IMAGE:$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME .
-        docker push $CI_REGISTRY_IMAGE:$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
-      else docker build -t $AURA_IMAGE_NAME -t $AURA_IMAGE_NAME:$CI_COMMIT_TAG .
-      docker push $AURA_IMAGE_NAME:$CI_COMMIT_TAG
+        then docker login -u "$DOCKER_ID" -p "$DOCKER_HUB_AUTH"
+        docker build -t $AURA_IMAGE_NAME:main -t $AURA_IMAGE_NAME:main-$CI_COMMIT_SHORT_SHA .
+        docker push --all-tags $AURA_IMAGE_NAME
+      elif [ "$CI_COMMIT_REF_PROTECTED" = "true" ] && [ "$CI_COMMIT_BRANCH" != "$CI_DEFAULT_BRANCH" ]
+        then docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
+        docker build -t $AURA_IMAGE_NAME -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA .
+        docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
+      else
+        docker login -u "$DOCKER_ID" -p "$DOCKER_HUB_AUTH"
+        docker build -t $AURA_IMAGE_NAME -t $AURA_IMAGE_NAME:$CI_COMMIT_TAG .
+        docker push $AURA_IMAGE_NAME:$CI_COMMIT_TAG
       fi
   rules:
     - *release-rules
     # every commit on master/main or feature branch should trigger a push
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^feat/
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_PROTECTED =~ "true"
       exists:
         - Dockerfile