I have link a github repo with my docker hub account. When there is a push to github master branch, a new image will be built in docker hub. But the image only has LATEST tag. How can I make the version increased automatically?
Ideally, I'd like it follow the sversion 1.0.0. And increase for every push 1.0.1, 1.0.2 1.0.3 etc.
Is there a way to make it follow this pattern?
You could associate a GitHub Action workflow to your repository, like docker/metadata-action
GitHub Action to extract metadata (tags, labels) for Docker. This action is particularly useful if used with Docker Build Push action.
You can see it used here. Warning: the tag name (as generated by the GitHub Action) will contain the branch name as well.
I was having the same problem, solved with this GitHub Action Code:
Create a secret called MAJOR to save your mayor version
Create a secret called MINOR to save your minor version
You will need a token to update you repo secrets, so... create a secret called REPO_ACCESS_TOKEN to grant your action dose his work.
name: Docker Image CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
-
name: Build the Docker image
run: docker build . --file src/MasterReport.UI/Dockerfile --tag eriksongm/master-report:${{ secrets.MAJOR }}.${{ secrets.MINOR }}
-
name: Login to DockerHub
uses: docker/login-action#v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Push to DockerHub
run: docker push eriksongm/master-report:${{ secrets.MAJOR }}.${{ secrets.MINOR }}
-
name: Update Minor version
uses: hmanzur/actions-set-secret#v2.0.0
with:
name: 'MINOR'
value: $((${{ secrets.MINOR }}+1))
repository: EriksonGM/MasterReport
token: ${{ secrets.REPO_ACCESS_TOKEN }}
This was my final code, as you can see, I have a last step just to update the minor version, only if all the other jobs run ok.
Related
I'd like to have the following workflow:
Draft a new Release on GitHub
Add a release tag in the format YY.MM.DD
Publish the release
What Should happen is
A release is created with the mentioned release tag in the format YY.MM.DD
The release on GitHub is tagged as latest and YY.MM.DD
A docker image is created and published to DockerHub
The docker image on DockerHub contains tags latest, the current sha and the release tag in the format YY.MM.DD
Currently I have this workflow which publishes a new release and image to DockerHub, but what I'm missing is:
The release on GitHub is NOT tagged as latest
The docker image on DockerHub does NOT contain the release tag in the format YY.MM.DD
Any help would be appreciated!
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# GitHub recommends pinning actions to a commit SHA.
# To get a newer version, you will need to update the SHA.
# You can also reference a tag or branch, but the action may change without warning.
name: Publish Docker image
on:
release:
types: [published]
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout#v3
- name: Set up QEMU
uses: docker/setup-qemu-action#v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action#v2
- name: Set up dynamic build ARGs
id: getargs
run: echo "version=$(cat ./stable/VERSION)" >> $GITHUB_OUTPUT
- name: Docker meta
id: meta
uses: docker/metadata-action#v3
with:
# list of Docker images to use as base name for tags
images: |
jokobsk/pi.alert
# generate Docker tags based on the following events/attributes
tags: |
type=raw,value=latest
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action#v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action#v3
with:
context: .
platforms: linux/amd64,linux/arm64,linux/arm/v7
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
I want to be able to run a Github action that would build, automatically & uniquely tag and push an image to Docker hub.
I want it to also be that another Github action that deploys to the server will automatically know the image's tag and adds it to the image name to pull that specific image automatically.
Try the Publish Docker GitHub Action.
Example workflow that will trigger on new GH Release creation and will use the GH release version for tagging the Docker image:
name: Publish to Registry
on:
release:
types: [published]
jobs:
update:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
- id: pre-step
shell: bash
run: echo "release-version=$(echo ${GITHUB_REF:10})" >> $GITHUB_OUTPUT
- name: Publish to Registry
uses: elgohr/Publish-Docker-Github-Action#v5
with:
name: myDocker/repository
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
tags: "latest,${{ steps.pre-step.outputs.release-version }}"
Also, you can use tag_names when you want to push tags/release by their git name (e.g. refs/tags/MY_TAG_NAME):
with:
name: myDocker/repository
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
tag_names: true
For more details visit the Usage section.
I am currently trying to run a docker GitHub Action which builds and pushes a docker image to the GitHub Packages but I am receiving an error which I have never seen. For some reason it fails to push the docker image because write_permission is denied but I have a token allowing me to write so I don't understand what the problem is.
This is my action file:
name: Docker Image CI
on:
workflow_dispatch:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Set up JDK 16
uses: actions/setup-java#v1
with:
java-version: 16
- name: Build with Maven
run: mvn -f ACS/pom.xml clean install dependency:copy-dependencies
- name: Login to GitHub Package Registry
run: echo ${{ secrets.GITHUB_TOKEN }} | docker login docker.pkg.github.com -u ${{ github.repository }} --password-stdin
- name: Build the Docker image
run: docker build -t image:latest .
- name: Tag the Docker image
run: docker tag image:latest docker.pkg.github.com/organization/repository/image:latest
- name: Push the Docker image to the registry
run: docker push docker.pkg.github.com/organization/repository/image:latest
This is my error:
Run docker push docker.pkg.github.com/organization/repository/image:latest
The push refers to repository
[docker.pkg.github.com/organization/repository/image]
f0eaf014e806: Preparing 7d0bad636b3f: Preparing aa0870e7c621:
Preparing 36d2f9f005e6: Preparing 22bb3686ee25: Preparing
05e198868a20: Preparing b5cea4a3dd43: Preparing 93c7a8a0e1f4:
Preparing 7f4b55b885b0: Preparing 05e198868a20: Waiting b5cea4a3dd43:
Waiting 93c7a8a0e1f4: Waiting 7f4b55b885b0: Waiting denied:
permission_denied: write_package
I was facing the same issue. To resolve this
Go to USER/ORG home page and click on Packages tab
Click on the package for which you are getting the permission_denied error
On the bottom of right sidebar click on Package settings option
On the Manage Actions access change the package role to write
Done. Now rerun the the action and you will find the problem is resolved.
The solution presented did not work for me, I had to add my repository to the package settings as documented in the issue https://github.community/t/unable-to-push-to-ghcr-io-from-github-actions/191761/3
Go to Package settings (to the right / bottom) of the package
And configure "Manage Actions access" section to allow the git repository in question write permissions on this package/docker repository - so making sure to also select "Write" when adding the repository.
For those interested, I managed to solve my issue although not quite sure how or more precisely which of the steps that I used, did help me solve the issue.
So basically, I first revoked my tokens and made a new one. Then I logged in to docker like this docker login -u USERNAME -p TOKEN ghcr.io while before I would use docker.pkg.github.com and then managed to push my docker image manually to GitHub Package Registry which then made the GitHub Action flow works as well, although I did change nothing there.
I hope that helps people who have the same issue.
Try adding login step to your job:
- name: Login to GitHub Container Registry
uses: docker/login-action#v1
with:
registry: ghcr.io
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
I just wanted to add an alternative solution for people who are running into this error and finding this page from Google results.
If you've created a package previously from a forked repo, and then forked a different repo with the same package name, Github actions will fail like this. Go into your package settings and delete the package, and it should succeed again.
currently you precise your github token but not the secrets for DOCKERHUB_USERNAME and DOCKERHUB_TOKEN. You need define in your repositories a new secrets DOCKERHUB_USERNAME and DOCKERHUB_TOKEN as indicated in https://docs.github.com/en/actions/reference/encrypted-secrets.
You must also create a dockerhub token on dockerhub website portal.
You also need to add this sample code before build and push action.
name: Login to DockerHub
uses: docker/login-action#v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
guys!
I need you help to run docker-compose build on github action. I have a docker-compose file and I can't understand how to build and deploy it in correct way besides of just copying docker-compose by ssh and run scripts there.
There's docker/build-push-action#v2 but it's not working with docker-compose.yml.
This strongly depends where do you want to push your images. But for instance if you use Azure ACR you can use this action
on: [push]
name: AzureCLISample
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Azure Login
uses: azure/login#v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Azure CLI script
uses: azure/CLI#v1
with:
azcliversion: 2.0.72
inlineScript: |
az acr login --name <acrName>
docker-compose up
docker-compose push
And then just build and push your images. But this is an example. If you use ECR it would be similar I guess.
For DigitialOcean it would be like this:
steps:
- uses: actions/checkout#v2
- name: Build image
run: docker-compose up
- name: Install doctl # install the doctl on the runner
uses: digitalocean/action-doctl#v2
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
- name: push image to digitalocean
run: |
doctl registry login
docker-compose push
You can find more details about this here
I am setting up a Github action to push a Docker image to Docker Hub following Github official README.md for docker/build-push-action#v2.
This is my action inside directory .github/workflows/
name: Publish Docker image
on:
push:
branches: master
jobs:
push_to_registry:
name: Push Docker image to Docker Hub
runs-on: ubuntu-latest
steps:
-
name: Set up QEMU
uses: docker/setup-qemu-action#v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action#v1
-
name: Login to DockerHub
uses: docker/login-action#v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
-
name: Build and push
id: docker_build
uses: docker/build-push-action#v2
with:
push: true
tags: user/app:latest
-
name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
Having tested the action worked in my fork branch I then merged the branch to the main repo. To my surprise the login step failed showing the following error inside Github actions log
Run docker/login-action#v1
with:
logout: true
Error: Username and password required
At first I thought I could have wrongly defined (or even not defined) the secrets inside the main repo but after a request with octokit I found out that they are there
{
total_count: 2,
secrets: [
{
name: 'DOCKER_PASSWORD',
created_at: '2020-11-04T15:28:55Z',
updated_at: '2020-11-16T13:11:27Z'
},
{
name: 'DOCKER_USERNAME',
created_at: '2020-11-04T15:28:55Z',
updated_at: '2020-11-16T13:11:27Z'
}
]
}
I guess that docker/login-action#v1 is not using username and password provided after the with: keyword. I am very puzzled by this as it did work on my fork branch and do not understand why with: is sending the keyword logout: true instead which I did not set.
Does someone have more insight into this ?
Could you check that in the repository's settings the secrets are there like this:
Also, when you say
Having tested the action worked in my fork branch I then merged the branch to the main repo.
does this mean the main repo is also yours?
Because secrets don't transfer between repos. If you've forked another user's repository and want to contribute workflow changes requiring secrets, the main repo's owner(s) will have to add secrets with the same name.
Additionally, secrets aren't used in Pull Requests workflow runs. Hence you'll only see if it's working after the changes have been merged into the repository.
I have run into the same issue please check where you are giving your secret, now GitHub has two types of secrets, you should use Actions as shown in the image. If you use depependabot.