diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index dab5a87aab15dd6525a1d9090339cab34d762ff1..1c1c227e4f226a8efdd98fc7dd7cdbfa549ed7f2 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,11 +1,20 @@
-stages:
-  - build
-  - scan
-  - deploy
-  - rebuild
-
 include:
-  # build and publish _this_ image
-  - local: '.gitlab/ci/build.yml'
-  # trigger rebuilds of downstream images
-  - local: '.gitlab/ci/trigger.yml'
+  # configure build/scan/test/push jobs
+  - component: git.ligo.org/computing/gitlab/components/docker/all@1
+    inputs:
+      # path of main project
+      upstream_project_path: docker/base
+      # compare container_scanning results of new images to this one
+      default_image_name: "docker/base:bullseye-backports"
+      # run these commands to test the image
+      test_script:
+        - apt-get -yqq update
+        - apt-cache show --no-all-versions lalsuite
+      # this project deploys all branches of the main project
+      deploy_when: all
+      # remote registry repositories:
+      docker_io_repository: igwn/base
+      quay_io_repository: igwn/base
+      # trigger rebuilds of the same branch in other projects
+      trigger_projects:
+        - docker/builder
diff --git a/.gitlab/ci/build.yml b/.gitlab/ci/build.yml
deleted file mode 100644
index f8115aeff95cb25abc0aca8c240d098761a9e9b8..0000000000000000000000000000000000000000
--- a/.gitlab/ci/build.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-# ---------------------------
-# Build workflow
-# ---------------------------
-
-include:
-  # https://computing.docs.ligo.org/gitlab-ci-templates/
-  - project: computing/gitlab-ci-templates
-    # https://computing.docs.ligo.org/gitlab-ci-templates/docker/
-    file: docker.yml
-  # https://docs.gitlab.com/ee/user/application_security/container_scanning/
-  - template: Security/Container-Scanning.gitlab-ci.yml
-
-# -- build the image --------
-
-build:
-  stage: build
-  extends:
-    # https://computing.docs.ligo.org/gitlab-ci-templates/docker/#.docker:build
-    - .docker:build
-  variables:
-    # use the branch name as the tag
-    CI_REGISTRY_TAG: '$CI_COMMIT_REF_SLUG'
-
-# -- scan the image ---------
-
-# check the image for vulnerabilities, see
-# https://docs.gitlab.com/ee/user/application_security/container_scanning/
-container_scanning:
-  stage: scan
-  needs: [build]
-  variables:
-    DOCKER_IMAGE: '$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG'
-
-# -- push the image ---------
-
-.push:
-  stage: deploy
-  needs: [build]
-  variables:
-    # pull the branch image
-    PULL_IMAGE: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
-    # push to igwn namespace
-    PUSH_IMAGE: "igwn/$CI_PROJECT_NAME:$CI_COMMIT_REF_SLUG"
-  rules:
-    # only run on pushes to the upstream repo (not on forks)
-    - if: '$CI_PROJECT_NAMESPACE == "docker" && $CI_COMMIT_BRANCH'
-
-push:docker_io:
-  extends:
-    # https://computing.docs.ligo.org/gitlab-ci-templates/docker/#.docker:push:docker_io
-    - .docker:push:docker_io
-    - .push
-
-push:quay_io:
-  extends:
-    # https://computing.docs.ligo.org/gitlab-ci-templates/docker/#.docker:push:quay_io
-    - .docker:push:quay_io
-    - .push
diff --git a/.gitlab/ci/trigger.yml b/.gitlab/ci/trigger.yml
deleted file mode 100644
index 1fdbe5f615d51d33b32e1c1ac2f01c0c971f6096..0000000000000000000000000000000000000000
--- a/.gitlab/ci/trigger.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-# ---------------------------
-# Downstream trigger workflow
-# ---------------------------
-
-.rebuild:
-  stage: rebuild
-  rules:
-    # only run on pushes to the upstream repo (not on forks)
-    - if: '$CI_PROJECT_NAMESPACE == "docker" && $CI_COMMIT_BRANCH'
-  trigger:
-    # default rebuilds to trigger on the same branch
-    branch: $CI_COMMIT_BRANCH
-
-rebuild:builder:
-  extends: [.rebuild]
-  trigger:
-    project: docker/builder
-#
-# -- NOT required for bullseye-backports
-# rebuild:lalsuite-dev:
-#   extends: [.rebuild]
-#   trigger:
-#     project: docker/lalsuite-dev