Getting Started with GitHub Container Registry

Like Docker Hub, Azure Container Registry and others, GitHub has its own container registry. GitHub Container Registry, is located at ghcr.io

Here are a series of steps to getting underway with publishing container images within your GitHub Organisation.

Enabling GitHub Container Registry

In order to publish container images to the registry, the feature for managing containers must be enabled in the GitHub organisation.

To do this, open Settings in your GitHub organisation (github.com/<<your-organisation-name>>)

Choose Packages

Check Enable improved container support

Authenticating with GitHub Container Registry

A simple yet secure method of authenticating, from your laptop, to the GitHub Container Registry is to use a Personal Access Token (PAT).

First, obtain a PAT.

Obtaining a PAT from GitHub

1. On GitHub.com, expand your profile menu and choose Settings

2. From the menu, choose Developer settings

3. From the menu, choose Person access tokens

4. Choose Generate new token

5. Give a meaningful description for the token – this can be used to identify which service ought to be renewed or revoked, when applicable

6. Select write:packages and delete:packages at the Select scopes section

7. Select Generate token

8. Copy the token

Connecting to GHCR

Using the PAT obtained in the previous section, save your PAT as an environment variable

export CR_PAT=<<Your-PAT>>

With your GitHub username, run the docker login command consuming the value of the environment variable as your password

echo $CR_PAT | docker login ghcr.io -u <<Your-GitHub-Username>> --password-stdin

Working with Images on GHCR

Tag your Container Image

Below shows an example of building a contained image and tagging it for GHCR. Here are the assets for building an Azure DevOps Agent container image

drwxr-xr-x  5 markpatton  staff   160 23 Dec 01:09 .
drwxr-xr-x  5 markpatton  staff   160 23 Dec 01:10 ..
-rw-r--r--  1 markpatton  staff  2268 20 Jan 23:43 Dockerfile
-rw-r--r--  1 markpatton  staff   201 21 Oct 15:24 ms-packs.sh
-rw-r--r--  1 markpatton  staff  2581  9 Dec 12:13 start.sh

Build and Tag the image

Avoid the use of latest to denote the tag

docker build --no-cache -t ghcr.io/mark-patton-cloud/ado-linux-agent:1.1.0 .

List the docker images to show the latest created version

REPOSITORY                                     TAG                IMAGE ID    
ghcr.io/mark-patton-cloud/ado-linux-agent      1.1.0              69ece9a5ca5d

Publish Images on GHCR

When the image is ready, push to GHCR

docker push ghcr.io/mark-patton-cloud/ado-linux-agent:1.1.0

Open GitHub Packages and note the published image