It would be nice if you could specify a tag format, such as date +%s, so you can keep tags in dockerhub instead of always using latest

##[error]/home/runner/work/_actions/elgohr/Publish-Docker-Github-Action/master/action.yml:
##[error]/home/runner/work/_actions/elgohr/Publish-Docker-Github-Action/master/action.yml: (Line: 34, Col: 2, Idx: 1103) - (Line: 34, Col: 2, Idx: 1103): While parsing a block mapping, did not find expected key.
##[error]Unexpected type '' encountered while reading 'action manifest root'. The type 'MappingToken' was expected.
##[error]Fail to load /home/runner/work/_actions/elgohr/Publish-Docker-Github-Action/master/action.yml

Testing out actions for the first time, and this one fits perfectly into my flow. Great work! At some point I came across an issue where I needed to change the working directory based on needs in the dockerfile. I tried to search for it as a generic feature in actions, but it seems like this is something that each action must solve internally? I forked your repo and added:

if [ ! -z "${INPUT_WORKDIR}" ]; then
  cd ${INPUT_WORKDIR}
fi

to entrypoint.sh. This allowed me to set the correct directory when running the action. Not sure if this is the correct way to solve this. Any input would be much appreciated.

Thanks!

The Bug
Error pushing to docker.pkg.github.com. Pushing to this registry gives the following error:

error parsing HTTP 404 response body: invalid character 'p' after top-level value: "404 page not found\n"

To Reproduce
The following YAML was used in .github/workflows/main.yml

name: Push To Package Registry
on: [push]
jobs:
  publish_docker:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: Publish to Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: ${{ github.GITHUB_REPOSITORY }}project_odin_backend
        username: ${{ secrets.DOCKER_USERNAME }}
        password: ${{ secrets.DOCKER_PASSWORD }}
        tag: $(echo $GITHUB_SHA | head -c7)
        registry: ${{ secrets.DOCKER_REGISTRY_URL }}
        dockerfile: ./ops/images/django.Dockerfile

Output

2019-12-27T12:24:12.9291454Z Successfully built 1046babade11
2019-12-27T12:24:12.9613004Z Successfully tagged ***/project_odin_backend:deployment
2019-12-27T12:24:12.9805217Z The push refers to repository [***/project_odin_backend]
2019-12-27T12:24:13.0121391Z befe63b0f688: Preparing
2019-12-27T12:24:13.0121583Z 3f2736cb5bbb: Preparing
2019-12-27T12:24:13.0121717Z 99347eebf044: Preparing
2019-12-27T12:24:13.0121852Z a12cae9dcc97: Preparing
2019-12-27T12:24:13.0121984Z 44caa05ec880: Preparing
2019-12-27T12:24:13.0122117Z bee6c961bff1: Preparing
2019-12-27T12:24:13.0122246Z 852a1bb5386c: Preparing
2019-12-27T12:24:13.0122375Z 9437609235f0: Preparing
2019-12-27T12:24:13.0122505Z bee1c15bf7e8: Preparing
2019-12-27T12:24:13.0122635Z 423d63eb4a27: Preparing
2019-12-27T12:24:13.0122799Z 7f9bf938b053: Preparing
2019-12-27T12:24:13.0122927Z f2b4f0674ba3: Preparing
2019-12-27T12:24:13.0123056Z 852a1bb5386c: Waiting
2019-12-27T12:24:13.0123189Z 9437609235f0: Waiting
2019-12-27T12:24:13.0123330Z bee1c15bf7e8: Waiting
2019-12-27T12:24:13.0123465Z 423d63eb4a27: Waiting
2019-12-27T12:24:13.0123601Z 7f9bf938b053: Waiting
2019-12-27T12:24:13.0123751Z bee6c961bff1: Waiting
2019-12-27T12:24:13.0123882Z f2b4f0674ba3: Waiting
2019-12-27T12:24:13.0407896Z error parsing HTTP 404 response body: invalid character 'p' after top-level value: "404 page not found\n"
2019-12-27T12:24:13.2949894Z ##[error]Docker run failed with exit code 1
2019-12-27T12:24:13.2969908Z Cleaning up orphan processes

Since you already have the logic to generate the tag name, would it be possible to add an output variable where those tag names can be referenced in later actions?

I need to specify to kubernetes which docker tag to use. I can write my own shell script to duplicate your logic, but it would be awesome if I could just grab it using a variable such as

${{ steps.upload_docker.outputs.tag }}

See https://twitter.com/lagohr/status/1181275079088443392?s=20

Are there plans to add support for a specified dockerfile? For example in one of my projects I have 3 dockerfiles inside of a directory. It would be great if there was an option to specify a specific dockerfile path as an optional argument. It could default to Dockerfile in the root of the repository.

Is your feature request related to a problem? Please describe.
When using this tool for GitHub Packages, use of the {{ github.repository }} variable is tricky. For starters, image names can only be lowercase. However, {{ github.repository }} can have uppercase letters.

Here's an example of a naive use of {{ github.repository }}. The push fails as it has uppercase letters.

https://github.com/nelsonjchen/CamelCaseGhpRepoName/runs/385360225

Repo names can have capital letters (like elgohr/Publish-Docker-Github-Action!) as well as users/organizations like my day job's. That's kind of how I discovered this annoying issue.

Describe the solution you'd like
Maybe just handle implicitly lowercasing the name? Should this be a "just do what I mean"?

I think names must be lowercase anyway as you can see from this search:

https://github.com/search?q=invalid+reference+format%3A+repository+name+must+be+lowercase&type=Code

It seems many tools enforce lowercasing.

This shouldn't cause any backwards compatibility issues if that's the case.

Describe alternatives you've considered

Here we use a small bashism to just lowercase the name and set a variable that the publishing step can use. I script kiddied this thing that's barely even a one-liner from Stackoverflow here to set a variable that the publishing step could use.

https://github.com/nelsonjchen/CamelCaseGhpRepoName/runs/385360230

Following the readme, I am trying to build and publish an image to dockerhub. I'm using the custom image feature, but it never is able to build. Inside my repository I have a directory Dockerfiles with multiple dockerfiles inside. So I am passing in dockerfile optional arg as Dockerfiles/Dockerfile for one of my build steps and get the following error.

/usr/bin/docker run --name fe0f5d4bdcde88084e97b242923b2f722351_c7a201 --label 29fe0f --workdir /github/workspace --rm -e INPUT_ARGS -e INPUT_SNAPSHOT -e INPUT_DOCKERFILE -e HOME -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/hop/hop":"/github/workspace" 29fe0f:5d4bdcde88084e97b242923b2f722351 ***/hop
 unable to prepare context: unable to evaluate symlinks in Dockerfile path: lstat /github/workspace/Dockerfile: no such file or directory
An image does not exist locally with the tag: ***/hop
The push refers to repository [docker.io/***/hop]
##[error]Docker run failed with exit code 1

Describe the bug
When i try to build and publish a docker image to the Github docker registry i get an error when pulling the base image from the Gtihub docker registry: error pulling image configuration: unknown blob ##[error]Docker run failed with exit code ***

To Reproduce
Create a docker file to build publish based on an already publish docker image in the Github private docker registry.

Output:

2019-11-27T09:09:13.3807357Z 000eee***2ec04: Pulling fs layer
2019-11-27T09:09:13.3808178Z 8ae4f9fcfeea: Pulling fs layer
2019-11-27T09:09:13.3808936Z 60f22fbbd07a: Pulling fs layer
2019-11-27T09:09:13.3809701Z ccc7a63ad75f: Pulling fs layer
2019-11-27T09:09:13.3810481Z a2427b8dd6e7: Pulling fs layer
2019-11-27T09:09:13.3811282Z 9***cac3b30***84: Pulling fs layer
2019-11-27T09:09:13.3812067Z d6e400***5fc***0: Pulling fs layer
2019-11-27T09:09:13.3812821Z 395***eb02eb9d: Pulling fs layer
2019-11-27T09:09:13.3813573Z a30c5ce4d825: Pulling fs layer
2019-11-27T09:09:13.3814391Z ***d2fc8e***9e4d: Pulling fs layer
2019-11-27T09:09:13.3815708Z 9b97f2ec9d5a: Pulling fs layer
2019-11-27T09:09:13.3816463Z 47***8e44d224b: Pulling fs layer
2019-11-27T09:09:13.3817268Z 2634bc7ec724: Pulling fs layer
2019-11-27T09:09:13.3818023Z 5***d00***66dc4f: Pulling fs layer
2019-11-27T09:09:13.3818801Z ***3a***304***27c0: Pulling fs layer
2019-11-27T09:09:13.3819607Z ***fb535e65775: Pulling fs layer
2019-11-27T09:09:13.3820385Z c988***d4***bdd9: Pulling fs layer
2019-11-27T09:09:13.3821141Z 326cc764***807: Pulling fs layer
2019-11-27T09:09:13.3821897Z 6***589e***c422: Pulling fs layer
2019-11-27T09:09:13.3822720Z 23dbb9***f7e9b: Pulling fs layer
2019-11-27T09:09:13.3823490Z 4edd7***5c7cbc: Pulling fs layer
2019-11-27T09:09:13.3824242Z 75d7aa334fbc: Pulling fs layer
2019-11-27T09:09:13.3846430Z 430c2a9f46d6: Pulling fs layer
2019-11-27T09:09:13.3847511Z d24b5da0d***b8: Pulling fs layer
2019-11-27T09:09:13.3848819Z e58a4d3bb828: Pulling fs layer
2019-11-27T09:09:13.3849558Z 7f90cc***7778a: Pulling fs layer
2019-11-27T09:09:13.3850589Z f9682dffeb2b: Pulling fs layer
2019-11-27T09:09:13.3851322Z ***8ad7f00beb8: Pulling fs layer
2019-11-27T09:09:13.3852289Z ***3a***304***27c0: Waiting
2019-11-27T09:09:13.3853017Z ***fb535e65775: Waiting
2019-11-27T09:09:13.3853686Z c988***d4***bdd9: Waiting
2019-11-27T09:09:13.3854347Z 326cc764***807: Waiting
2019-11-27T09:09:13.3855191Z 6***589e***c422: Waiting
2019-11-27T09:09:13.3856121Z 23dbb9***f7e9b: Waiting
2019-11-27T09:09:13.3857740Z 4edd7***5c7cbc: Waiting
2019-11-27T09:09:13.3858746Z 75d7aa334fbc: Waiting
2019-11-27T09:09:13.3859392Z 430c2a9f46d6: Waiting
2019-11-27T09:09:13.3860070Z d24b5da0d***b8: Waiting
2019-11-27T09:09:13.3860734Z ccc7a63ad75f: Waiting
2019-11-27T09:09:13.3861367Z a2427b8dd6e7: Waiting
2019-11-27T09:09:13.3862033Z e58a4d3bb828: Waiting
2019-11-27T09:09:13.3862681Z 7f90cc***7778a: Waiting
2019-11-27T09:09:13.3863340Z f9682dffeb2b: Waiting
2019-11-27T09:09:13.3863987Z 9***cac3b30***84: Waiting
2019-11-27T09:09:13.3864658Z ***8ad7f00beb8: Waiting
2019-11-27T09:09:13.3865323Z d6e400***5fc***0: Waiting
2019-11-27T09:09:13.3865970Z 395***eb02eb9d: Waiting
2019-11-27T09:09:13.3866614Z a30c5ce4d825: Waiting
2019-11-27T09:09:13.3867266Z ***d2fc8e***9e4d: Waiting
2019-11-27T09:09:13.3867917Z 47***8e44d224b: Waiting
2019-11-27T09:09:13.3868558Z 2634bc7ec724: Waiting
2019-11-27T09:09:13.3869243Z 5***d00***66dc4f: Waiting
2019-11-27T09:09:13.3869890Z 9b97f2ec9d5a: Waiting
2019-11-27T09:09:14.0416601Z error pulling image configuration: unknown blob
2019-11-27T09:09:14.7297431Z ##[error]Docker run failed with exit code ***
2019-11-27T09:09:14.7324363Z Cleaning up orphan processes

Expected behavior
What i expect to happen is that it can pull the image and build it. Localy on my pc the build and publish proces works.

Currently the action uses the repository for the image name. I love the tagging features, but for my use case I have 2 images associated with my repository. Could we specify a custom image name so I can differentiate between these 2 images?

It is quite a common convention to name branches like feature/foo - unfortunately, having a slash in the branch name seems to break docker tagging:

I get an error like:

invalid argument "batpad/fake-repo-name:feature/foo" for "-t, --tag" flag: invalid reference format

I am fairly certain this is caused due to the / in the branch name -- in the above scenario, the branch is feature/foo.

Honestly, I'm not sure what the best thing to do here might be - just stripping slashes or replacing them with dashes seems like it would fix it, but it also seems like a bit of an awkward solution.

Happy to work on a PR if there is an agreement on whether this is an actual issue and what the best solution is.

Of course, my apologies if I missed an existing issue about this. Thank you for this project.

Hi all,

Anyone had any success getting this working with GitHub's Registry? I'm just getting auth errors...

denied: requested access to the resource is denied
##[error]Docker run failed with exit code 1

Is it possible to specific a DockerFile within the repository?

Example: src/Web/DockerFile

Running the example to push to ECR but when the push command runs it doesn't seem to be pointing to the correct repository

The push refers to repository [docker.io/***]

- name: Login to ECR
      id: ecr
      uses: elgohr/ecr-login-action@master
      with:
        access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
        secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        region: ${{ secrets.AWS_REGION }}
    - name: Publish to Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: ${{ secrets.IMAGE_NAME_PRODUCTION }}
        username: ${{ steps.ecr.outputs.username }}
        password: ${{ steps.ecr.outputs.password }}
        registry: ${{ steps.ecr.outputs.registry }}
        dockerfile: Dockerfile.production

My Dockerfile does FROM from a private ECR repo
Docker is not able to pull from that repo.

Docker file

FROM 1234.dkr.ecr.***.amazonaws.com/insight/base:latest as buildStage

ADD . .

action file

    steps:
    - uses: actions/checkout@v1
    - name: Login to ECR
      id: ecr
      uses: elgohr/ecr-login-action@master
      with:
        access_key: ${{ secrets.AWS_ACCESS_KEY }}
        secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        region: ${{ secrets.AWS_REGION }}
    - name: Build the Docker image
      run: docker build . --file ./operator-ui/deployment.Dockerfile --tag latest-staging
    - name: Publish to Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: insight/in_operator-ui
        username: ${{ steps.ecr.outputs.username }}
        password: ${{ steps.ecr.outputs.password }}
        registry: ${{ steps.ecr.outputs.registry }}
        snapshot: true
        tag_names: true
        cache: true

Am I doing something wrong or is this functionality not possible in the current release?

Using the action in a build. When the action is triggered, the publish to registry has "ADD failed" occur.
This stops the dockerfile execution, then

An image does not exist locally with the tag: ***/repo
The push refers to repository [docker.io/***/repo]
Removing login credentials for https://index.docker.io/v1/

and then the step (and thus job) is marked as check passed.

Here's the sample repo to reproduce this: https://github.com/turbo/actions-docker-env-test

The Dockerfile contains this:

ARG RUSTC_WRAPPER
ENV RUSTC_WRAPPER="${RUSTC_WRAPPER}"

ARG SCCACHE_AZURE_BLOB_CONTAINER
ENV SCCACHE_AZURE_BLOB_CONTAINER="${SCCACHE_AZURE_BLOB_CONTAINER}"

and then simply echos them during the build.

The action definition includes this:

    env:
        RUSTC_WRAPPER: "sccache"
        SCCACHE_AZURE_BLOB_CONTAINER: "cargo"

Here's the build log. The build succeeded, but that's just because it doesn't do anything, the important thing is that the env vars are not actually visible in the build:

• build invokes docker build here, the env vars are passed with -e, at least it appears to be the case
• here they're supposed to be echoed, but aren't.

It behaves the same with and without ARG (I've tested that elsewhere).

What do I need to do to make this work?

Is your feature request related to a problem? Please describe.
Currently in order to authenticate with Github registry I need to generate personal access token and set it as password in my project's secrets. Similarly to what is described here:
https://help.github.com/en/github/managing-packages-with-github-packages/configuring-npm-for-use-with-github-packages#authenticating-to-github-packages

However in GithubActions we have GITHUB_TOKEN set automatically which enables to authenticate using automatically generated GITHUB_TOKEN in case we are pushing to github packages registry and not to Github Packages repo:

https://help.github.com/en/actions/automating-your-workflow-with-github-actions/authenticating-with-the-github_token

This has the added value that we can use current project as the repo to push and then this plugin would work for all Github forks automatically.

It would be great if we can have it.

Describe the solution you'd like
In case GITHUB_TOKEN is defined, no user and password should be needed. GITHUB_TOKEN should be used and current user/project should be used as a base for the registry to push the image to.

Describe alternatives you've considered

• user / passwrd authentication works with personal Github Token set as password but it requires you to add secrets to each fork separately.

Hi!

First of all, thanks for this great project. It works like a charm!

This is a feature request: being able to tag images with the git tag that was just pushed.

When pushing a tag (let's say 1.0.0), it currently triggers 2 builds. The first one with the GITHUB_REF /refs/head/master and another one with /refs/tags/1.0.0.
Both are building and pushing an image tagged with latest (

I think it could be great to build an image tagged as 1.0.0, so users could update their instances by bumping the image version.

Do you think it would make sense?

Is your feature request related to a problem? Please describe.
When a specific version of a docker image is updated (e.g. 3.1.2), this should reflect in the major version tag as wel. (e.g. 3.1 or 3)

Describe the solution you'd like
Ability to push to the major versions. 3.1.2 would push to 3.1 and 3.
You could for example split the version string on a dot, ommit the last element & pushlish in a loop.

Describe alternatives you've considered
None

Is your feature request related to a problem? Please describe.
Please include info on Azure Container Registry

My Dockerfile:

FROM plugins/base:linux-amd64

LABEL maintainer="Bo-Yi Wu <[email protected]>" \
  org.label-schema.name="example-api" \
  org.label-schema.vendor="Bo-Yi Wu" \
  org.label-schema.schema-version="1.0"

EXPOSE 8080

COPY release/linux/amd64/example-api /bin/

HEALTHCHECK --start-period=2s --interval=10s --timeout=5s \
  CMD ["/bin/example-api", "health"]

ENTRYPOINT ["/bin/example-api"]
CMD ["server"]

GitHub Action Flow:

  build:
    strategy:
      matrix:
        go-version: [1.13.x]
        platform: [ubuntu-latest]
    runs-on: ${{ matrix.platform }}
    # container: 'golang:1.13'
    steps:
    - name: Install Go
      uses: actions/setup-go@v1
      with:
        go-version: ${{ matrix.go-version }}

    - name: Check out code
      uses: actions/checkout@v1

    - name: Build binary
      run: |
        go build -v -tags 'sqlite sqlite_unlock_notify' -ldflags "-extldflags -static -X github.com/appleboy/example-api/pkg/version.Version=`git rev-parse --short "$GITHUB_SHA"` -X github.com/appleboy/example-api/pkg/version.BuildDate=`date -u +%Y-%m-%dT%H:%M:%SZ`" -a -o release/linux/adm64/example-api ./cmd/example-api
        ./release/linux/adm64/example-api -h
        pwd
        ls -al
        ls -al ./release/linux/adm64/example-api

    - name: Publish to Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: appleboy/example-api
        username: ${{ secrets.docker_username }}
        password: ${{ secrets.docker_password }}
        dockerfile: docker/example-api/Dockerfile.linux.amd64

I don't know why I can' add binary from github/workspace.

Step 8/11 : COPY release/linux/amd64/example-api /bin/
COPY failed: stat /var/lib/docker/tmp/docker-builder706841577/release/linux/amd64/example-api: no such file or directory
##[error]Docker run failed with exit code 1

In some cases, a repository might contain multiple Dockerfiles, in this situation same credentials should be written with different workdir variable, as shown below
Although tag_names set true, for each new docker file, do I have to specify workdir ?
Isn't it possible to search directories recursively and build docker images and publish them according commit tag ? (or more elegant way) Additionally, it could be very useful if we can have filter, for instance, when a new dockerfile introduced the repository, the workflow should not build the images which are already exists. (in case of having recursive call)

 - name: Build docker image 1
      uses: elgohr/Publish-Docker-Github-Action@master
      with: 
        name: myDocker/repository
        username: ${{ secrets.DOCKER_USERNAME }}
        password: ${{ secrets.DOCKER_PASSWORD }}
        workdir: directory_1/files_1/
        registry: docker.pkg.github.com
        tag_names: true
    - name: Build docker image 2
      uses: elgohr/Publish-Docker-Github-Action@master
      with: 
        name: myDocker/repository
        username: ${{ secrets.DOCKER_USERNAME }}
        password: ${{ secrets.DOCKER_PASSWORD }}
        workdir: directory_1/files_2/
        registry: docker.pkg.github.com
        tag_names: true
    - name: Build docker image 3
      uses: elgohr/Publish-Docker-Github-Action@master
      with: 
        name: myDocker/repository
        username: ${{ secrets.DOCKER_USERNAME }}
        password: ${{ secrets.DOCKER_PASSWORD }}
        workdir: directory_2/files_1/
        registry: docker.pkg.github.com
        tag_names: true

Is your feature request related to a problem? Please describe.

I want to have access to my git commit sha in the release. I am following this short guide: https://artsy.github.io/blog/2018/09/10/Dockerhub-Stamping-Commits/

Describe the solution you'd like

I tried this: buildargs: COMMIT=$(git rev-parse --short HEAD) but it does not execute. COMMIT then has the value of $(git.

Describe alternatives you've considered

There needs to be any way to execute a command on the host and get the output into the container. Build Args seem the right approach to me.

We use Docker multi-stage builds heavily in our setup, and rely on these for running tests, linting, etc. and then conditionally at the end of that, push if we're in a certain branch. For example, in CircleCI we accomplish this with:

- run:
    name: docker build
    command: |
      docker login -u $DOCKER_USER -p $DOCKER_PASS
      docker pull base
      docker build --rm=false -t foobar .
- deploy:
    name: docker push
    command: |
      if [ "${CIRCLE_BRANCH}" == "master" ]; then
        docker push foobar
      fi

As far as I can tell, this isn't possible with this action, and the push will always occur.

I would like to push to latest but would like a way to check the git sha of the image. What I've done in the past is to build the image with --label org.opencontainers.image.revision=${{github.sha }}, according to open standard annotations.

But with this project, there's no way for me to apply such a label, I think.

Is your feature request related to a problem? Please describe.
I'm looking to specify a parameter for the docker build option (not a build-arg) but an argument to the build command. ie: https://docs.docker.com/engine/reference/commandline/build/

Specifically I need to add --shm-size=256m

Perhaps this is possible but i missed it.

Describe the solution you'd like
A means of providing arbitrary build options.

Describe alternatives you've considered
Forking the repo and adding the option personally.

instead of https://github.com/elgohr/Publish-Docker-Github-Action/blob/master/entrypoint.sh#L36

I suggest:

echo $(cat ${secret_token}) | docker login --username ${secret_user} --password-stdin;

Cheers!

I have another job in my workflow that publishes to a CDN I'd like to take the output from that and throw it into the publish docker step -- it doesn't make sense for me to build my app twice, ya know?

Hey there,

I'm having issues with the example provided in your GithubPackage Example

My CI/CD Actions looks mostly like your example:

  PublishToGithub:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: Publish to Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        username: ${{ secrets.DOCKER_GITHUB_USERNAME }}
        password: ${{ secrets.DOCKER_GITHUB_PASSWORD }}
        registry: docker.pkg.github.com
        cache: true
        workdir: ./pulser
        dockerfile: BuildDockerfile

Reason for the changes is that I have a monorepo and this is only one component.

The Secrets have been properly set and I am in the Github Packages Beta.

ERROR : when im trying to build and push to github docker registry

unauthorized: Your token has not been granted the required scopes to execute this query. The 'createRegistryPackageVersion' field requires one of the following scopes: ['write:packages'], but your token has only been granted the: [''] scopes. Please modify your token's scopes at: https://github.com/settings/tokens.

and this is my file :

name: Publish Docker
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: badrshs/*****/*****
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: badrshs/*****/*****
        username: ${{ secrets.GITHUB_USERNAME }}
        password: ${{ secrets.GITHUB_PASSWORD }}
        cache: true
        registry: docker.pkg.github.com
        snapshot: true

i found nothing in
https://github.com/settings/tokens.

any help please ?

Hello,

I have been experiencing issues with the cache option. It works fine on the master branch, it uses the cache without any problem, but in the PR(The same of master) workflow we build an image and it rebuilds it entirely even if the layer didn't change.

Here the workflow

# ...
docker:
    name: docker build and publish
    runs-on: ubuntu-latest
    steps:
    - name: Checkout git repository
      uses: actions/checkout@master
    - name: Build and publish docker image to GCP Container Registry
      uses: elgohr/[email protected]
      with:
        name: image_name
        username: <user>
        password: <password>
        dockerfile: Dockerfile
        cache: true

Here the Dockerfile

FROM ruby:2.4-slim
WORKDIR /app

# Copy gemfile
ADD Gemfile* /app/

# Dependencies
RUN apt-get update && \
    apt-get install -y \
    build-essential \
    libv8-dev \
    tzdata \
    libmagickwand-dev \
    libpq-dev && \
    gem install bundler && \
    bundle install --deployment -j4 --retry 3 && \
    rm -rf /usr/local/bundle/cache/*.gem && \
    rm -rf /app/vendor/bundle/ruby/2.4.0/cache/*.gem && \
    find /app/vendor -name "*.c" -delete && \
    find /app/vendor -name "*.o" -delete

# Add the Rails app
ADD . /app

# Precompile assets
RUN bundle exec rake assets:precompile

# Remove unused files && Create app user and give access to the required files
RUN \
  rm -rf tmp/cache app/assets vendor/assets lib/assets spec test && \
  addgroup -gid 1000 -system app && \
  adduser -u 1000 --system --ingroup app app && \
  chown -R  app:app /app && \
  chown -R  app:app /usr/local/bundle/

USER app

# Expose Puma port
EXPOSE 3000

CMD [ "bundle" ]

In my local pc it works perfectly and it uses the cache.

Hi, I don't understand how I can publish my docker image in github in the "latest" tag.
as latest image I see the first image created.

Thank you

On a ['pull_request'] I'm getting the error below. It seems unable to parse the GITHUB_REF when using a PR:

/usr/bin/docker run --name fe0f2e0b588d71064725882a35d5fbca6f22_6505a8 --label 29fe0f --workdir /github/workspace --rm -e INPUT_NAME -e INPUT_USERNAME -e INPUT_PASSWORD -e INPUT_SNAPSHOT -e INPUT_DOCKERFILE -e HOME -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/docker-gradle/docker-gradle":"/github/workspace" 29fe0f:2e0b588d71064725882a35d5fbca6f22

WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded
WARNING! Your password will be stored unencrypted in /github/home/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

invalid argument "redpillanalytics/docker-gradle:refs/pull/1/merge" for "-t, --tag" flag: invalid reference format
See 'docker build --help'.
invalid reference format
An image does not exist locally with the tag: redpillanalytics/docker-gradle
The push refers to repository [docker.io/redpillanalytics/docker-gradle]
Removing login credentials for https://index.docker.io/v1/

Is your feature request related to a problem? Please describe.
For those of us who want to then deploy the image using the digest, having the output would be very convenient.

Describe the solution you'd like
The output should also include e.g. digest which would container e.g. sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf

Describe alternatives you've considered
Deploying by the tag is an option but may be suboptimal since tags are more easily mutable.
If I really want the digest I could use an additional step to read the digest out - this requires an unnecessary step.

Hello,
I'm trying to push to github docker registry.
I have the following git hub action :
`name: Java CI

on: [push]

jobs:
build:

runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v1
- name: Set up JDK 1.11
  uses: actions/setup-java@v1
  with:
    java-version: 11.0.3
- uses: actions/cache@v1
  with:
    path: ~/.m2/repository
    key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
    restore-keys: |
      ${{ runner.os }}-maven-
- name: Build with Maven
  run: mvn -B package --file pom.xml

- name: Deploy the Docker image to GitHub Package Registry
  uses: elgohr/Publish-Docker-Github-Action@master
  with:
    name: gartcimore/jb3
    dockerfile: Dockerfile.jb3only
    username: ${{ github.actor }}
    password: ${{ secrets.GITHUB_TOKEN }}
    registry: docker.pkg.github.com
    tag_names: true

`

But I got the following error

Successfully built 1a47a44da186
Successfully tagged docker.pkg.github.com/gartcimore/jb3:docker-registry
The push refers to repository [docker.pkg.github.com/gartcimore/jb3]
ddb89dc1187e: Preparing
3684a97eea90: Preparing
48aa487fb4a7: Preparing
c6671cb4163d: Preparing
21663ac9e08e: Preparing
77cae8ab23bf: Preparing
77cae8ab23bf: Waiting
name unknown: docker image push is only supported with a tag of the format :owner/:repo_name/:image_name.
Please add an image name to "gartcimore/jb3" tag. e.g. "gartcimore/jb3/<image_name>"
##[error]Docker run failed with exit code 1

It must something simple but I can not find what I am missing

Literally just got into GitHub actions today, and saw this... it's awesome, and works great for publishing docker images to a docker repository.

However, I have a question, which is how can I publish to AWS ECR? The credentials I use are not in the form of a username/password, but rather an access key, and access secret.

When I push from my computer, I can manage this by using the AWS CLI, but I am not sure how I would do that with this action. Obviously putting the access key and secret into the username/password fields won't wok.

Any help would be appreciated!

Thanks!

I like your projet so far :)

the challenge

By using this tag username/myapp:32c812f7bc5e67f52f57ce80d236e70be601aaf9 we expose ourselves to troubles.

username/myapp:32c812f7bc5e67f52f57ce80d236e70be601aaf9
username/myapp:latest

With a CI build every day, even by using username/myapp:32c812f7bc5e67f52f57ce80d236e70be601aaf9, a build may have an issue and break things in production.

By introducing a specific date, it would resolve this potential risk.

suggestion

I'm curious to know if you would like to use this approach for tagging:

username/myapp:2.29.1-2019-08-24-23h43-32c812f7

all tags

username/myapp:2.29.1-2019-08-24-23h43-32c812f7
username/myapp:2.29.1-32c812f7bc5e67f52f57ce80d236e70be601aaf9
username/myapp:2.29.1
username/myapp:stable

Let me know :)

Describe the bug
You can see the output here:

WARNING! Your password will be stored unencrypted in /github/home/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
unable to prepare context: unable to evaluate symlinks in Dockerfile path: lstat /github/workspace/Dockerfile: no such file or directory
##[error]Docker run failed with exit code 1

To Reproduce
I am using this code to publish to my github registry.

      - name: Publish to Registry
        uses: elgohr/Publish-Docker-Github-Action@master
        with:
          name: ${{ github.repository }}
          username: ${{ github.actor }}
          password: ${{ github.token }}
          registry: docker.pkg.github.com
          context: ${{ github.workspace }}

Which equates to:

  with:
    name: maxisme/notifi-backend
    username: maxisme
    password: ***
    registry: docker.pkg.github.com
    context: /home/runner/work/notifi-backend/notifi-backend

Expected behavior
To upload to my github registry.

Additional context
N/A

Any ideas what I am doing wrong? 🙂

Hi @elgohr and thank you for you amazing work.

I was looking for a mean to specify a custom tag when publishing an image via GitHub Actions.
This would help to keep a given naming convention for an already existing project.

Thanks you,
Cheers, V.

Is your feature request related to a problem? Please describe.
We have the change directory option, what if my Dockerfile is in the parent directory to docker build context content.

Describe the solution you'd like
with the argument as build-content, where we can set the content and default it is .

Implementation example:

name: Publish Docker
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: Publish to Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: myDocker/repository
        tag: 4.0
        username: ${{ secrets.DOCKER_USERNAME }}
        password: ${{ secrets.DOCKER_PASSWORD }}

Hello,

thanks for the project.

According to the docs I expected the plugin to only push existing local Images to the Repository. But I realized it also builds the Image. Maybe it would be good, to offer an option to choose if
a) the image should be build and published
b) an existing local image should be published (and not be build)
Thanks very much!

Here is an example:

invalid argument "docker.pkg.github.com/github/hamel-learn-actions/issue-label-
model:refs/pull/24/merge" for "-t, --tag" flag: invalid reference format

input yaml:

    - name: Publish Container to Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with: #Publish to GPR
        name: docker.pkg.github.com/github/hamel-learn-actions/issue-label-model
        username: ${{ secrets.DOCKER_USERNAME }}
        password: ${{ secrets.DOCKER_PASSWORD }}
        dockerfile: argo/Dockerfile-gpu
        registry: docker.pkg.github.com
        snapshot: true

Hello,

I've been using your Publish-Docker-Github-Action for a few weeks now. The last couple of days it has been working, but now I am getting an error:

Run elgohr/Publish-Docker-Github-Action@master
  with:
    name: XXX.dkr.ecr.***.amazonaws.com/slackcat
    username: AWS
    password: ***
    registry: https://XXX.dkr.ecr.***.amazonaws.com
    snapshot: true
/usr/bin/docker run --name bb8174c67360eedb43f29b6c973638931abe_a24a6d --label 04bb81 --workdir /github/workspace --rm -e INPUT_NAME -e INPUT_USERNAME -e INPUT_PASSWORD -e INPUT_REGISTRY -e INPUT_SNAPSHOT -e INPUT_DOCKERFILE -e INPUT_WORKDIR -e INPUT_BUILDARGS -e INPUT_CACHE -e HOME -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/slackcat/slackcat":"/github/workspace" 04bb81:74c67360eedb43f29b6c973638931abe

sed: bad option in substitution expression
sh: XXX.dkr.ecr.***.amazonaws.com/slackcat: unknown operand
WARNING! Your password will be stored unencrypted in /github/home/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
invalid argument "https://XXX.dkr.ecr.***.amazonaws.com/XXX.dkr.ecr.***.amazonaws.com/slackcat" for "-t, --tag" flag: invalid reference format
See 'docker build --help'.
##[error]Docker run failed with exit code 125

This is my code:

name: Push Slackcat to ECR

on:
  push:
    branches:
    - master

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: Build the Docker image
      run: docker build . --file Dockerfile --tag slackcat
    - name: Login to ECR
      id: ecr
      uses: elgohr/ecr-login-action@master
      with:
        access_key: ${{ secrets.AWS_ACCESS_KEY }}
        secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        region: us-east-1
    - name: Publish to ECR
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: XXXXXX.dkr.ecr.us-east-1.amazonaws.com/slackcat
        username: ${{ steps.ecr.outputs.username }}
        password: ${{ steps.ecr.outputs.password }}
        registry: ${{ steps.ecr.outputs.registry }}
        snapshot: true

Not sure if something has changed in the action that require me to make changes to my code?

Also, I opened an issue wrt ecr-login-action as I was getting errors there as well: elgohr/ecr-login-action#4

Thanks!

Hi,

I noticed as per #14 that your cache option has no expiry. I was trying to figure out a way to add automatic cache expiry without needing the cron solution, and I found something that may do the trick.

The docker history command can give you a log of all the docker actions that were taken to create an image. Particularly with the -H=false option, it is possible to get timestamps for when each image/layer was created.

Unfortunately, it lists all the layers from any image your image is based on via the FROM command as well (as makes sense). This means I can't figure out a way to tell what layers we are able to rebuild or not, and hence are at risk of always triggering a full build anyway if we are based on an old image.

I don't know if you will find this information helpful, but just in case you hadn't seen this before I thought I would drop a mention here. Hopefully you can figure out a way to use this for elegant automatic cache expiry.

I think this action should support optionally pulling the previous image before building (as an option).

This can tremendously speed up slow builds, since it doesn't have to build all layers from scratch.
Also, shared layers reduce download time (on frequently updated images), since most of the image is already present when upgrading to "latest".

We currently use this with Travis to do daily builds (and once per week, a full image is rebuild, to keep the base uptodate).

Sample implementation:

 docker pull ${IMAGE_NAME}:${TAG}
 docker build --cache-from ${IMAGE_NAME}:${TAG} -t ${IMAGE_NAME}:${TAG} .

Hi.

I used a template from README.md. And everything works fine until pushing to the registry.
But at the end of the step I see the line: Not logged in to https://index.docker.io/v1/.
And the image is not pushed to the registry. I see the same line here. So it looks like not the problem with my configuration.

But still, here's my step:

      - name: Publish to github registry
        uses: elgohr/Publish-Docker-Github-Action@master
        with:
          name: ${{ github.repository }}/cli
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
          registry: docker.pkg.github.com

I am using your (excellent) action here: https://github.com/artis3n/docker-ubuntu1804-ansible/blob/master/.github/workflows/deploy.yml

My desired steps:

• Publish to Docker with the tag of the release
  • Your tag_name option picks up the right tag since this workflow is triggered on a release publication
• At the same time, publish to Docker with the latest tag
  • Docker caches my layers so the second invocation of this action runs very quickly, but it would be nice if I didn't have to duplicate it.
• Do the same two steps for GitHub package registry
  • Unrelated except that it would be nice to cut down on the duplication

I suppose what I'm asking for is support for multiple tags in one invocation of this action. Is that something you are interested in supporting? The only related issue I see is #16 which was resolved for their use case by a snapshot tag, which would not apply here.

In case the code in the link above changes, this is the current workflow I am using, where I'd like to have 2 steps (one for Docker, one for GitHub) as opposed to 4:

    - name: Deploy the Docker image to GitHub Package Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: artis3n/docker-ubuntu1804-ansible/docker-ubuntu1804-ansible
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}
        registry: docker.pkg.github.com
        tag_names: true

    - name: Deploy the Docker image to Docker Hub
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: artis3n/docker-ubuntu1804-ansible
        username: ${{ secrets.docker_username }}
        password: ${{ secrets.docker_password }}
        tag_names: true
    
    - name: Deploy the Docker image to GitHub Package Registry (latest tag)
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: artis3n/docker-ubuntu1804-ansible/docker-ubuntu1804-ansible
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}
        registry: docker.pkg.github.com

    - name: Deploy the Docker image to Docker Hub (latest tag)
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: artis3n/docker-ubuntu1804-ansible
        username: ${{ secrets.docker_username }}
        password: ${{ secrets.docker_password }}