Skip to content

Commit ee44e94

Browse files
jackluo923jackluo923
committed
Switch from DockerHub to GitHub Container Registry (ghcr.io) for all image publishing
- Update all workflows to use ghcr.io instead of DockerHub - Replace DockerHub authentication with GitHub token authentication - Update base image references to use ghcr.io paths - Add package write permissions to base workflow
1 parent 4b399b3 commit ee44e94

File tree

2 files changed

+48
-43
lines changed

2 files changed

+48
-43
lines changed

.github/workflows/base.yml

Lines changed: 27 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,10 @@ on:
1212
- cron: '0 22 * * *'
1313
workflow_dispatch:
1414

15+
permissions:
16+
contents: read
17+
packages: write
18+
1519
jobs:
1620
ubuntu_base_tests:
1721
runs-on: ubuntu-latest
@@ -43,11 +47,12 @@ jobs:
4347
- name: set testable image environment variable
4448
id: testvars
4549
run: echo "GH_RUNNER_IMAGE=ubuntu-${{ matrix.release }}-${{ env.GIT_SHA }}-${{ matrix.platform }}" >> $GITHUB_ENV
46-
- name: Login to DockerHub
50+
- name: Login to GitHub Container Registry
4751
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
4852
with:
49-
username: ${{ secrets.DOCKER_USER }}
50-
password: ${{ secrets.DOCKER_TOKEN }}
53+
registry: ghcr.io
54+
username: ${{ github.actor }}
55+
password: ${{ secrets.GITHUB_TOKEN }}
5156
- name: Retry build and load
5257
uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2
5358
with:
@@ -107,11 +112,12 @@ jobs:
107112
- name: set testable image environment variable
108113
id: testvars
109114
run: echo "GH_RUNNER_IMAGE=debian-${{ matrix.release }}-${{ env.GIT_SHA }}-${{ matrix.platform }}" >> $GITHUB_ENV
110-
- name: Login to DockerHub
115+
- name: Login to GitHub Container Registry
111116
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
112117
with:
113-
username: ${{ secrets.DOCKER_USER }}
114-
password: ${{ secrets.DOCKER_TOKEN }}
118+
registry: ghcr.io
119+
username: ${{ github.actor }}
120+
password: ${{ secrets.GITHUB_TOKEN }}
115121
- name: Retry build
116122
uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2
117123
with:
@@ -156,11 +162,12 @@ jobs:
156162
image: tonistiigi/binfmt:qemu-v7.0.0
157163
- name: Set up Docker Buildx
158164
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
159-
- name: Login to DockerHub
165+
- name: Login to GitHub Container Registry
160166
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
161167
with:
162-
username: ${{ secrets.DOCKER_USER }}
163-
password: ${{ secrets.DOCKER_TOKEN }}
168+
registry: ghcr.io
169+
username: ${{ github.actor }}
170+
password: ${{ secrets.GITHUB_TOKEN }}
164171
- name: Retry build and push
165172
uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2
166173
with:
@@ -170,7 +177,7 @@ jobs:
170177
docker buildx build \
171178
--file Dockerfile.base \
172179
--platform linux/amd64,linux/arm64 \
173-
--tag ${{ env.ORG }}/github-runner-base:latest \
180+
--tag ghcr.io/${{ github.repository }}-base:latest \
174181
--push \
175182
--pull \
176183
--cache-from type=gha \
@@ -196,11 +203,12 @@ jobs:
196203
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
197204
- name: Copy Dockerfile
198205
run: cp Dockerfile.base Dockerfile.base.ubuntu-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM ubuntu:${{ matrix.release }}/' Dockerfile.base.ubuntu-${{ matrix.release }}
199-
- name: Login to DockerHub
206+
- name: Login to GitHub Container Registry
200207
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
201208
with:
202-
username: ${{ secrets.DOCKER_USER }}
203-
password: ${{ secrets.DOCKER_TOKEN }}
209+
registry: ghcr.io
210+
username: ${{ github.actor }}
211+
password: ${{ secrets.GITHUB_TOKEN }}
204212
- name: Retry build and push
205213
uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2
206214
with:
@@ -210,7 +218,7 @@ jobs:
210218
docker buildx build \
211219
--file Dockerfile.base.ubuntu-${{ matrix.release }} \
212220
--platform linux/amd64,linux/arm64 \
213-
--tag ${{ env.ORG }}/github-runner-base:ubuntu-${{ matrix.release }} \
221+
--tag ghcr.io/${{ github.repository }}-base:ubuntu-${{ matrix.release }} \
214222
--push \
215223
--pull \
216224
--cache-from type=gha \
@@ -236,11 +244,12 @@ jobs:
236244
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
237245
- name: Copy Dockerfile
238246
run: cp Dockerfile.base Dockerfile.base.debian-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM debian:${{ matrix.release }}/' Dockerfile.base.debian-${{ matrix.release }}
239-
- name: Login to DockerHub
247+
- name: Login to GitHub Container Registry
240248
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
241249
with:
242-
username: ${{ secrets.DOCKER_USER }}
243-
password: ${{ secrets.DOCKER_TOKEN }}
250+
registry: ghcr.io
251+
username: ${{ github.actor }}
252+
password: ${{ secrets.GITHUB_TOKEN }}
244253
- name: Retry build and push
245254
uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2
246255
with:
@@ -250,7 +259,7 @@ jobs:
250259
docker buildx build \
251260
--file Dockerfile.base.debian-${{ matrix.release }} \
252261
--platform linux/amd64,linux/arm64 \
253-
--tag ${{ env.ORG }}/github-runner-base:debian-${{ matrix.release }} \
262+
--tag ghcr.io/${{ github.repository }}-base:debian-${{ matrix.release }} \
254263
--push \
255264
--pull \
256265
--cache-from type=gha \

.github/workflows/deploy.yml

Lines changed: 21 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ jobs:
3535
- name: Set up Docker Buildx
3636
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
3737
- name: Copy Dockerfile
38-
run: cp Dockerfile Dockerfile.ubuntu-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:ubuntu-${{ matrix.release }}/" Dockerfile.ubuntu-${{ matrix.release }}
38+
run: cp Dockerfile Dockerfile.ubuntu-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ghcr.io\/${{ github.repository }}-base:ubuntu-${{ matrix.release }}/" Dockerfile.ubuntu-${{ matrix.release }}
3939
- name: Install Goss and dgoss
4040
run: |
4141
curl -fsSL https://goss.rocks/install | sh
@@ -46,11 +46,12 @@ jobs:
4646
- name: set testable image environment variable
4747
id: testvars
4848
run: echo "GH_RUNNER_IMAGE=ubuntu-${{ matrix.release }}-${{ env.GIT_SHA }}-${{ matrix.platform }}" >> $GITHUB_ENV
49-
- name: Login to DockerHub
49+
- name: Login to GitHub Container Registry
5050
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
5151
with:
52-
username: ${{ secrets.DOCKER_USER }}
53-
password: ${{ secrets.DOCKER_TOKEN }}
52+
registry: ghcr.io
53+
username: ${{ github.actor }}
54+
password: ${{ secrets.GITHUB_TOKEN }}
5455
- name: Retry build and load
5556
uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2
5657
with:
@@ -147,7 +148,7 @@ jobs:
147148
- name: Set up Docker Buildx
148149
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
149150
- name: Copy Dockerfile
150-
run: cp Dockerfile Dockerfile.debian-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:debian-${{ matrix.release }}/" Dockerfile.debian-${{ matrix.release }}
151+
run: cp Dockerfile Dockerfile.debian-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ghcr.io\/${{ github.repository }}-base:debian-${{ matrix.release }}/" Dockerfile.debian-${{ matrix.release }}
151152
- name: Install Goss and dgoss
152153
run: |
153154
curl -fsSL https://goss.rocks/install | sh
@@ -158,11 +159,12 @@ jobs:
158159
- name: set testable image environment variable
159160
id: testvars
160161
run: echo "GH_RUNNER_IMAGE=debian-${{ matrix.release }}-${{ env.GIT_SHA }}-${{ matrix.platform }}" >> $GITHUB_ENV
161-
- name: Login to DockerHub
162+
- name: Login to GitHub Container Registry
162163
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
163164
with:
164-
username: ${{ secrets.DOCKER_USER }}
165-
password: ${{ secrets.DOCKER_TOKEN }}
165+
registry: ghcr.io
166+
username: ${{ github.actor }}
167+
password: ${{ secrets.GITHUB_TOKEN }}
166168
- name: Retry build and load
167169
uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2
168170
with:
@@ -246,12 +248,13 @@ jobs:
246248
- name: Set up Docker Buildx
247249
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
248250
- name: Update Dockerfile FROM org
249-
run: sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:latest/" Dockerfile
250-
- name: Login to DockerHub
251+
run: sed -i.bak "s/FROM.*/FROM ghcr.io\/${{ github.repository }}-base:latest/" Dockerfile
252+
- name: Login to GitHub Container Registry
251253
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
252254
with:
253-
username: ${{ secrets.DOCKER_USER }}
254-
password: ${{ secrets.DOCKER_TOKEN }}
255+
registry: ghcr.io
256+
username: ${{ github.actor }}
257+
password: ${{ secrets.GITHUB_TOKEN }}
255258
- name: Login to GitHub Container Registry
256259
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
257260
with:
@@ -267,7 +270,6 @@ jobs:
267270
docker buildx build \
268271
--file Dockerfile \
269272
--platform linux/amd64,linux/arm64 \
270-
--tag ${{ env.ORG }}/github-runner:latest \
271273
--tag ghcr.io/${{ github.repository }}:latest \
272274
--push \
273275
--pull \
@@ -294,12 +296,13 @@ jobs:
294296
- name: Set up Docker Buildx
295297
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
296298
- name: Copy Dockerfile
297-
run: cp Dockerfile Dockerfile.ubuntu-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:ubuntu-${{ matrix.release }}/" Dockerfile.ubuntu-${{ matrix.release }}
298-
- name: Login to DockerHub
299+
run: cp Dockerfile Dockerfile.ubuntu-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ghcr.io\/${{ github.repository }}-base:ubuntu-${{ matrix.release }}/" Dockerfile.ubuntu-${{ matrix.release }}
300+
- name: Login to GitHub Container Registry
299301
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
300302
with:
301-
username: ${{ secrets.DOCKER_USER }}
302-
password: ${{ secrets.DOCKER_TOKEN }}
303+
registry: ghcr.io
304+
username: ${{ github.actor }}
305+
password: ${{ secrets.GITHUB_TOKEN }}
303306
- name: Login to GitHub Container Registry
304307
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
305308
with:
@@ -315,7 +318,6 @@ jobs:
315318
docker buildx build \
316319
--file Dockerfile.ubuntu-${{ matrix.release }} \
317320
--platform linux/amd64,linux/arm64 \
318-
--tag ${{ env.ORG }}/github-runner:ubuntu-${{ matrix.release }} \
319321
--tag ghcr.io/${{ github.repository }}:ubuntu-${{ matrix.release }} \
320322
--push \
321323
--pull \
@@ -342,12 +344,7 @@ jobs:
342344
- name: Set up Docker Buildx
343345
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
344346
- name: Copy Dockerfile
345-
run: cp Dockerfile Dockerfile.debian-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ${ORG}\/github-runner-base:debian-${{ matrix.release }}/" Dockerfile.debian-${{ matrix.release }}
346-
- name: Login to DockerHub
347-
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
348-
with:
349-
username: ${{ secrets.DOCKER_USER }}
350-
password: ${{ secrets.DOCKER_TOKEN }}
347+
run: cp Dockerfile Dockerfile.debian-${{ matrix.release }}; sed -i.bak "s/FROM.*/FROM ghcr.io\/${{ github.repository }}-base:debian-${{ matrix.release }}/" Dockerfile.debian-${{ matrix.release }}
351348
- name: Login to GitHub Container Registry
352349
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
353350
with:
@@ -363,7 +360,6 @@ jobs:
363360
docker buildx build \
364361
--file Dockerfile.debian-${{ matrix.release }} \
365362
--platform linux/amd64,linux/arm64 \
366-
--tag ${{ env.ORG }}/github-runner:debian-${{ matrix.release }} \
367363
--tag ghcr.io/${{ github.repository }}:debian-${{ matrix.release }} \
368364
--push \
369365
--pull \

0 commit comments

Comments
 (0)