Publish Image to Docker Hub with Git Actions Mar 20th 2021 Words: 854

Multiplatform support

Create a docker file as the following, where TARGETPLATFORM is the argument later will be filled with linux/amd64, linux/arm/v7, linux/arm64 etc.

1
2
3
FROM --platform=${TARGETPLATFORM} alpine:latest

ENTRYPOINT [ "echo", "Fxxk this world" ]

To build this image with buildx, use command:

1
2
3
docker buildx build \
--platform linux/arm/v7,linux/arm64/v8,linux/amd64 \
--tag username/example:latest .

See also help about buildx

Get Docker Access Token

Go to Docker security and generate an access token.

In the action secrets, add the docker hub username and the password.

Create Actions

Create ab action that runs automatically when main branch changes.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
name: CI

# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the main branch
push:
branches: [ main ]
pull_request:
branches: [ main ]

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Checkout
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
uses: actions/[email protected]

- name: Docker Setup QEMU
# You may pin to the exact commit or the version.
# uses: docker/[email protected]
uses: docker/[email protected]
id: qemu
with:
# QEMU static binaries Docker image (e.g. tonistiigi/binfmt:latest)
#image: # optional, default is tonistiigi/binfmt:latest
# Platforms to install (e.g. arm64,riscv64,arm)
platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x # optional, default is all

- name: Available platforms
run: echo ${{ steps.qemu.outputs.platforms }}

- name: Docker Setup Buildx
# You may pin to the exact commit or the version.
# uses: docker/[email protected]
uses: docker/[email protected]
with:
# Buildx version. (eg. v0.3.0)
#version: # optional
# Sets the builder driver to be used
#driver: # optional, default is docker-container
# List of additional driver-specific options. (eg. image=moby/buildkit:master)
#driver-opts: # optional
# Flags for buildkitd daemon
#buildkitd-flags: # optional, default is --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
# Sets up docker build command as an alias to docker buildx
install: true # optional, default is false
# Switch to this builder instance
#use: # optional, default is true
# Optional address for docker socket or context from `docker context ls`
#endpoint: # optional

- name: Docker Login
# You may pin to the exact commit or the version.
# uses: docker/[email protected]
uses: docker/[email protected]
with:
# Server address of Docker registry. If not set then will default to Docker Hub
#registry: # optional
# Username used to log against the Docker registry
username: ${{ secrets.DOCKER_USER }} # optional
# Password or personal access token used to log against the Docker registry
password: ${{ secrets.DOCKER_PASSWORD }} # optional
# Log out from the Docker registry at the end of a job
#logout: # optional, default is true
- name: Build and push Docker images
# You may pin to the exact commit or the version.
# uses: docker/[email protected]
uses: docker/[email protected]
with:
# Builder instance
#builder: # optional
# Build's context is the set of files located in the specified PATH or URL
#context: # optional
# Path to the Dockerfile
#file: # optional
# List of build-time variables
#build-args: # optional
# List of metadata for an image
#labels: # optional
# List of tags
tags: ${{ secrets.DOCKER_USER }}/example:latest # optional
# Always attempt to pull a newer version of the image
#pull: # optional, default is false
# Sets the target stage to build
#target: # optional
# List of extra privileged entitlement (eg. network.host,security.insecure)
#allow: # optional
# Do not use cache when building the image
#no-cache: # optional, default is false
# List of target platforms for build
platforms: ${{ steps.qemu.outputs.platforms }} # optional
# Load is a shorthand for --output=type=docker
#load: # optional, default is false
# Push is a shorthand for --output=type=registry
push: true # optional, default is false
# List of output destinations (format: type=local,dest=path)
#outputs: # optional
# List of external cache sources for buildx (eg. user/app:cache, type=local,src=path/to/dir)
#cache-from: # optional
# List of cache export destinations for buildx (eg. user/app:cache, type=local,dest=path/to/dir)
#cache-to: # optional
# List of secrets to expose to the build (eg. key=string, GIT_AUTH_TOKEN=mytoken)
#secrets: # optional
# List of secret files to expose to the build (eg. key=filename, MY_SECRET=./secret.txt)
#secret-files: # optional
# List of SSH agent socket or keys to expose to the build
#ssh: # optional
# GitHub Token used to authenticate against a repository for Git context
#github-token: # optional, default is ${{ github.token }}

After each commit, the job should be triggered.

Reference

Let’s publish a docker image to Docker Hub using a GitHub Action