I built an image docker and push it (manually) to my Github packages (private package) then I pull it and run it and it works fine, now I want to share this image with a friend who wants to run it on his PC, I gave him the pull command but he got the following error: docker pull "url" Error response from demon : Head unauthorized
I know it is an authentication issue but since im new to GitHub package I don't know what I have to do to share the image correctly.
any idea about this issue please?
name: Publish Docker image
on:
release:
types: [published]
jobs:
push_to_registry:
name: Push Docker image to Docker Hub
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout#v3
- name: Log in to Docker Hub
uses: docker/login-action#f054a8b539a109f9f41c372932f1ae047eff08c9
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action#98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: my-docker-hub-namespace/my-docker-hub-repository
- name: Build and push Docker image
uses: docker/build-push-action#ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }
Related
I built and pushed a image from the dockerfile using github actions, here is the worflow file
name: Create and publish a Docker image
on:
push:
branches: ['temp']
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-and-push-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout#v3
- name: Log in to the Container registry
uses: docker/login-action#f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action#98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push Docker image
uses: docker/build-push-action#ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
Now when I go to the package, I get link saying
"install from command line -> docker pull ghcr.io/<OWNER_NAME>/<IMAGE_NAME>:"
However on using this command to actually pull the image, I get an error message saying I am not authorized.
NOTE: I am able to pull the image if I make the package public, but not once it is private
A quick google search tells me I need to use PAT to authenticate, I did that but still get the same error. For example on following this (https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry#authenticating-to-the-container-registry)
I get an error saying: Error response from daemon: Get "https://ghcr.io/v2/": denied: denied
I am not sure how to proceed now.
I have a github workflow to build a docker image. The workflow runs after another one that runs semantic release on the repository, so that the code version is updated and a new tag is created.
What I want to achieve is to build the docker image and push it to the registry both with the main tag and with the updated version tag (i.e., an image tag equal to the git tag).
I'm using the docker/metadata-action for this. I've read the documentation and other relevant (1, 2), but I can't understand how the tags parameter works.
What I tried is the following:
name: Build
on:
workflow_run:
workflows: ["Semantic Release"]
types:
- completed
env:
REGISTRY: <azure-registry>
IMAGE_NAME: ${{ github.repository }}
jobs:
build-app:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout#v3
- name: Log in to the Container registry
uses: docker/login-action#f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action#98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# Catching tag is not working
tags: |
type=ref,event=branch
type=semver,pattern={{raw}}
type=ref,event=tag
- name: Build and push Docker image
uses: docker/build-push-action#ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
push: true
file: docker/Dockerfile
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
The job is correctly running after the commit done by the semantic release action, so that I think that all needed information (branch main and latest version tag) are available for the build job, but the metadata-action doesn't catch the tag at all. The output of the relevant step is the following:
and the only tag that is created for the docker image is main.
Maybe it's a simple issue, but what am I missing?
I want to achieve GitHub action only run with specific tag commit check.
Here is my current yml
name: Docker Image CI
on:
push:
branches:
- 'master'
tags:
- 'v*'
jobs:
push_to_registry:
name: Push Docker image to Docker Hub
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout#v2
- name: Log in to Docker Hub
uses: docker/login-action#f054a8b539a109f9f41c372932f1ae047eff08c9
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action#98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: xx/xx
- name: Build and push Docker image
uses: docker/build-push-action#ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: ./aspnet-core/
file: ./aspnet-core/Dockerfile
push: true
tags: server.${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
But, the action run with every master commit, and I want to update the tags with something like server.${{ steps.meta.outputs.tags }}, it will throw error. If I only use ${{ steps.meta.outputs.tags }}, the error is gone.
But, I want to achieve auto tag the docker image like server.v1.0.1 which server is hardcode and v1.0.1 is from commit tag.
I have a simple pipeline in GitHub Actions. I'm trying to build and publish a Docker image to Docker Hub within the same. I would also like to build the image for different platforms (read: operating systems), hence I'm using strategy.matrix. This is how it looks like so far:
name: Build and Publish Docker image(s)
jobs:
publish:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout#v2
- name: Log in to Docker Hub
uses: docker/login-action#v1
with:
password: ${{ secrets.DOCKERHUB_TOKEN }}
registry: docker.io
username: ${{ secrets.DOCKERHUB_USERNAME }}
- name: Build and push
uses: docker/build-push-action#v2
env:
platform: ${{ matrix.platforms }}
with:
context: ./${platform}/
push: true
tags: oscarotero/lume:1.3.0-${platform} # TODO: Parameterize version once this is finally working
strategy:
matrix:
platforms:
- alpine
- debian
on:
push:
branches:
- main
This is currently failing because it doesn't recognize platform when running the Build and push step. I have a similar one and it works with this approach.
Anyone more knowledgeable in GitHub Actions can shred some light here? All I can think of is that docker/build-push-action#v2 doesn't support that, but in that case, how can I approach this problem?
Removing the environment variable and using the matrix values directly solved the problem:
jobs:
publish:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout#v2
- name: Log in to Docker Hub
uses: docker/login-action#v1
with:
password: ${{ secrets.DOCKERHUB_TOKEN }}
registry: docker.io
username: ${{ secrets.DOCKERHUB_USERNAME }}
- name: Build and push
uses: docker/build-push-action#v2
with:
context: ./${{ matrix.platform }}/
push: true
tags: oscarotero/lume:1.3.0-${{ matrix.platform }}
strategy:
matrix:
platform:
- alpine
- debian
I'm new to Docker and trying to perform CI using GitHub Actions.
Here's my .yml file on GitHub.
name: CI to Docker Hub
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Check Out Repo
uses: actions/checkout#v2
- name: Login to Docker Hub
uses: docker/login-action#v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#v1
- name: Build and push
id: docker_build
uses: docker/build-push-action#v2
with:
context: .
file: ./Dockerfile
push: true
tags: your-order-backend:latest
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
I have added Secrets in my Github too of Docker Hub.
I'm not sure why, but it is failing at > exporting to image:
It is resloved!
In my case, there was no repo in the Docker Hub created whose tag I have passed here in the yml file.
I created the repo and it worked
for me I fixed it by changing "push: true" to "load: true"
In my case, Id needed to create the repo in dockerhub as in the response of Sagar, but the problem still were there. I'd recognized I was passing the tags incorrectly, fix it and the problem was gone. (You can See the official examples)
Before:
tags: ${{ github.sha }}, latest
After (correctly):
tags: |
henriqueholtz/fullcycle-gitops:${{ github.sha }}
henriqueholtz/fullcycle-gitops:latest