GitHub Actions && GitHub Container Registry
- 3 minutes read - 575 wordsYou know when you start something and then regret it!? I think I’ll be sticking with Google Cloud Build; GitHub Actions appears functional and useful but I found the documentation to be confusing and limited and struggled to get a simple container image build|push working.
I’ve long used Docker Hub but am planning to use it less as a result of the planned changes. I want to see Docker succeed and to do so it needs to find a way to make money but, there are free alternatives including the new GitHub Container Registry and the very very cheap Google Container Registry.
To start you will need to create a Personal access tokens (PAT). The token should have the following scopes only:
write:packagesandread:packagesdelete:packages
The PAT must then be added to the repository (!) in which the GitHub Actions will run as a secret:
https://github.com/${USER}/${REPO}/settings/secrets
Because this secret provides access to GitHub Container Registry, I called the secret GHCR
Then you need to create the GitHub Actions YAML file. In my case, I want to build a container image. It took me some time to get the following to work but this answer is very helpful. Importantly, this adds a step docker/setup-buildx-action@v1 before docker/login-action@v1 that permits the workflow to complete.
name: containers-builder
on:
push:
branches:
- master
jobs:
devices:
name: devices
runs-on: ubuntu-20.04
env:
REPO: dazwilkin/akri-http-devices
steps:
- name: checkout
uses: actions/checkout@v2
- name: setup
uses: docker/setup-buildx-action@v1
- name: login
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR }}
- name: build-push
uses: docker/build-push-action@v2
with:
context: .
file: ./deployment/Dockerfile.devices
tags: ghcr.io/${{ env.REPO }}:${{ github.sha }}
push: true
My GitHub username includes uppercase characters that aren’t permitted in container image names.
If my GitHub username were all lowercase, I could have used tags: ghcr.io/${{ github.repository }}-devices:${{ github.sha }}.
NOTE
${{ github.repository_owner }}would beDazWilkinfor me and${{ github.repository }}would beDazWilkin/akri-http.
So, the essence of this workflow is contained within the steps.
checkoutclones the repo into the workflow VMsetupcreates a new builder instance using (docker buildx create ...)loginlogs the workflow into ghcr.io using the PATbuild-pushperforms thedocker buildx buid ...) which builds the Dockerfile and pushes the image to ghcr.io
There are some post-workflow steps that the service runs too.
I needed to ensure the file ./deployment/Dockerfiles.devices existed as this describes the image build to the workflow:
FROM golang:1.15 as build
ARG PROJECT="akri-http"
ARG MODULE="github.com/DazWilkin/${PROJECT}"
WORKDIR /${PROJECT}
COPY go.mod .
RUN go mod download
COPY . .
RUN GOOS=linux \
go build -a -installsuffix cgo \
-o /bin/devices \
${MODULE}/cmd/devices
FROM gcr.io/distroless/base-debian10
COPY --from=build /bin/devices /
USER 999
ENTRYPOINT ["/devices"]
CMD ["--discovery_port=9999","--starting_port=8000","--num_devices=10"]
Then, I could commit the workflow to my repo, triggering the workflow.
Workflow are located in a .github/workflows folder and can be descriptively named, in my case containers-devices.yaml
I can’t tell you that this was the first attempt in getting this to work but, here are the results.
Here’s what shows on the “Actions” tab of my GitHub account after running the workflow:
Here’s the summary of the run:
And here’s the container image listed under my account’s packages:
There’s a rather neat badges capability with GitHub and GitHub Actions generates badges for the status of Actions.
From “Actions”, choose a specific Workflow and then click the “…” to show “Create status badge”. You can then embed the generated markdown into your repo’s e.g. README.md file:
That’s all!