About

GitHub Action to login against a Docker registry.

💡 See also:

• setup-buildx action
• setup-qemu action
• build-push action

---

• Usage
  • DockerHub
  • GitHub Packages Docker Registry
  • GitHub Container Registry
  • GitLab
  • Azure Container Registry (ACR)
  • Google Container Registry (GCR)
  • AWS Elastic Container Registry (ECR)
• Customizing
  • inputs
• Keep up-to-date with GitHub Dependabot
• Limitation

Usage

DockerHub

To authenticate against DockerHub it's strongly recommended to create a personal access token as an alternative to your password.

name: ci

on:
  push:
    branches: master

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

GitHub Packages Docker Registry

⚠️ GitHub Packages Docker Registry (aka docker.pkg.github.com) is deprecated and will sunset early next year. It's strongly advised to migrate to GitHub Container Registry instead.

You can configure the Docker client to use GitHub Packages to publish and retrieve docker images.

name: ci

on:
  push:
    branches: master

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to GitHub Packages Docker Registry
        uses: docker/login-action@v1
        with:
          registry: docker.pkg.github.com
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

GitHub Container Registry

To authenticate against the GitHub Container Registry, you will need to create a new personal access token (PAT) with the appropriate scopes.

name: ci

on:
  push:
    branches: master

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.CR_PAT }}

GitLab

name: ci

on:
  push:
    branches: master

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to GitLab
        uses: docker/login-action@v1
        with:
          registry: registry.gitlab.com
          username: ${{ secrets.GITLAB_USERNAME }}
          password: ${{ secrets.GITLAB_PASSWORD }}

Azure Container Registry (ACR)

Create a service principal with access to your container registry through the Azure CLI and take note of the generated service principal's ID (also called client ID) and password (also called client secret).

name: ci

on:
  push:
    branches: master

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to ACR
        uses: docker/login-action@v1
        with:
          registry: <registry-name>.azurecr.io
          username: ${{ secrets.AZURE_CLIENT_ID }}
          password: ${{ secrets.AZURE_CLIENT_SECRET }}

Replace <registry-name> with the name of your registry.

Google Container Registry (GCR)

Use a service account with the ability to push to GCR and configure access control. Then create and download the JSON key for this service account and save content of .json file as a secret called GCR_JSON_KEY in your GitHub repo. Ensure you set the username to _json_key.

name: ci

on:
  push:
    branches: master

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to GCR
        uses: docker/login-action@v1
        with:
          registry: gcr.io
          username: _json_key
          password: ${{ secrets.GCR_JSON_KEY }}

AWS Elastic Container Registry (ECR)

Use an IAM user with the ability to push to ECR. Then create and download access keys and save AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as secrets in your GitHub repo.

name: ci

on:
  push:
    branches: master

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to ECR
        uses: docker/login-action@v1
        with:
          registry: <aws-account-number>.dkr.ecr.<region>.amazonaws.com
          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

Replace <aws-account-number> and <region> with their respective values.

Customizing

inputs

Following inputs can be used as step.with keys

Name	Type	Default	Description
registry	String		Server address of Docker registry. If not set then will default to Docker Hub
username	String		Username used to log against the Docker registry
password	String		Password or personal access token used to log against the Docker registry
logout	Bool	true	Log out from the Docker registry at the end of a job

Keep up-to-date with GitHub Dependabot

Since Dependabot has native GitHub Actions support, to enable it on your GitHub repo all you need to do is add the .github/dependabot.yml file:

version: 2
updates:
  # Maintain dependencies for GitHub Actions
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"

Limitation

This action is only available for Linux virtual environments.