321a4c5e98
* Make input username and password optional since user can use podman login * Add cron triggers to workflows * Group podman version output Signed-off-by: divyansh42 <diagrawa@redhat.com> |
||
|---|---|---|
| .github/workflows | ||
| dist | ||
| git-hooks | ||
| src | ||
| .eslintrc.js | ||
| .gitignore | ||
| action.yml | ||
| CHANGELOG.md | ||
| LICENSE | ||
| package-lock.json | ||
| package.json | ||
| README.md | ||
| tsconfig.json | ||
push-to-registry
Push-to-registry is a GitHub Action for pushing a container image to an image registry, such as Dockerhub, quay.io, the GitHub Container Registry, or an OpenShift integrated registry.
This action only runs on Linux, as it uses podman to perform the push. GitHub's Ubuntu action runners come with Podman preinstalled. If you are not using those runners, you must first install Podman.
To log in to a container image registry, podman-login action can be used.
Action Inputs
Refer to the podman push documentation for more information.
| Input Name | Description | Default |
|---|---|---|
| image | Name of the image you want to push. | Required |
| tags | The tag or tags of the image to push. For multiple tags, seperate by a space. For example, latest ${{ github.sha }} |
latest |
| registry | URL of the registry to push the image to. Eg. quay.io/<username> |
Required |
| username | Username with which to authenticate to the registry. Required unless already logged in to the registry | None |
| password | Password, encrypted password, or access token with which to authenticate to the registry. Required unless already logged in to the registry | None |
| tls-verify | Verify TLS certificates when contacting the registry. Set to false to skip certificate verification. |
true |
| digestfile | After copying the image, write the digest of the resulting image to the file. The contents of this file are the digest output. | Auto determined from image and tag |
| extra-args | Extra args to be passed to podman push. Separate arguments by newline. Do not use quotes. | None |
Action Outputs
digest: The pushed image digest, as written to the digestfile.
For example, sha256:66ce924069ec4181725d15aa27f34afbaf082f434f448dc07a42daa3305cdab3.
For multiple tags, the digest is the same.
registry-paths: A JSON array of registry paths to which the tag(s) were pushed.
For example, [ quay.io/username/spring-image:v1, quay.io/username/spring-image:latest ].
registry-path: The first element of registry-paths, as a string.
Examples
The example below shows how the push-to-registry action can be used to push an image created by the buildah-build action.
name: Build and Push Image
on: [ push ]
jobs:
build:
name: Build and push image
runs-on: ubuntu-20.04
env:
IMAGE_NAME: my-app
IMAGE_TAGS: latest v1
REGISTRY_USER: quayuser
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
steps:
- uses: actions/checkout@v2
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.IMAGE_NAME }}
tags: ${{ env.IMAGE_TAGS }}
base-image: some_image
dockerfiles: |
./Dockerfile
# Podman Login action (https://github.com/redhat-actions/podman-login) can be used
# in the previous step to log in to a container registry. In that case input "username"
# "password" can be omitted in this push action.
- name: Push To quay.io
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ secrets.QUAY_REPO }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
- name: Use the image
run: echo "New image has been pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
Note about images built with Docker
This action uses Podman to push, but can also push images built with Docker. However, Docker and Podman store their images in different locations, and Podman can only push images in its own storage.
If the image to push is present in the Docker image storage but not in the Podman image storage, it will be pulled into Podman's storage.
If the image to push is present in both the Docker and Podman image storage, the action will push the image which was more recently built, and log a warning.
If the action pulled an image from the Docker image storage into the Podman storage, it will be cleaned up from the Podman storage before the action exits.
Note about GitHub runners and Podman
We recommend using runs-on: ubuntu-20.04 since it has a newer version of Podman.
If you are on ubuntu-18.04 (which is currently aliased to ubuntu-latest) your workflow will use an older version of Podman and may encounter issues such as #26.
Troubleshooting
Note that quay.io repositories are private by default.
This means that if you push an image for the first time, you will have to authenticate before pulling it, or go to the repository's settings and change its visibility.