从github动作中从ghcr.io中拉码头图像
我正在使用以下工作流程代码(在 github文档)以构建和发布docker映像到github容器注册表。
name: Create and publish a Docker image
on:
push:
branches: ['release']
pull_request:
branches: ['release']
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-and-push-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Log in to the Container registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push Docker image
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
这起作用了,我现在在GitHub存储库上看到了“软件包”下的公共码头图像。当我单击映像时,我会直接使用有关图像的更多信息(官方文档在这里): “从命令行安装:” Docker拉动GHCR.IO/IMAGE_NAME:PR-75
及其摘要SHA:SHA256:04EA7757E34C4C4FAE527BBE6FB56FB56EB984F545454543F543F23131313131313131313772FLOFTE
S使用SSH映像到虚拟机。
deploy:
- name: Deploy to Digital Ocean droplet via SSH action
uses: appleboy/[email protected]
with:
host: ${{ secrets.DO_HOST }}
username: root
key: ${{ secrets.DO_PRIVATE_SSHKEY }}
port: 22
script: |
docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
这失败了: err:无效的参考格式:存储库的名称必须是小写(较低量还不够,请继续读),
当然我不能硬code docker pull ghcr.io/ pull ghcr.io/ yimage/image_name:pr- 75或Digest SHA,因为每个新分支都会在其PR号中递增,因此pr-75标签将更改。
如何部署刚刚发布的图像?似乎我可以使用标签值或SHA,如何实时检索这些值?
I'm using the below workflow code (found in the github documentation) to build and publish a docker image to the Github Container Registry.
name: Create and publish a Docker image
on:
push:
branches: ['release']
pull_request:
branches: ['release']
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-and-push-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Log in to the Container registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push Docker image
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
This works and I now see a public docker image under "Packages" on the github repo. When I click on the image, I am directed to a github page with more information about the image (official docs here):
"Install from the command line:"docker pull ghcr.io/OWNER/IMAGE_NAME:pr-75
And its Digest sha: sha256:04ea7757e34c4fae527bbe6fb56eb984f54543f2313775572f0817d696ecf48a
I want to add a new job to the same workflow, that pulls the image to a virtual machine using ssh.
deploy:
- name: Deploy to Digital Ocean droplet via SSH action
uses: appleboy/[email protected]
with:
host: ${{ secrets.DO_HOST }}
username: root
key: ${{ secrets.DO_PRIVATE_SSHKEY }}
port: 22
script: |
docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
This fails with:err: invalid reference format: repository name must be lowercase (lowercasing it is not enough, read on)
Of course I cannot hard-code docker pull ghcr.io/OWNER/IMAGE_NAME:pr-75 or the Digest sha, because each new branch will increment in its PR number, so the pr-75 tag will change.
How can I deploy the image that was just published? Seems I can either use the tag value or the sha and how can I retrieve those values in real time?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
上述工作流程中有两个作业:
第一个使用 docker/metadata-action 要检索标签名称
ghcr.io/owner/image_name:pr-75在下一步中使用的在 docker/build-push-action 。我只是在第二个工作中再次使用了Docker/Metadata-Action:
There are two jobs in the above workflow:
The first one uses the docker/metadata-action to retrieve the tag name
ghcr.io/OWNER/IMAGE_NAME:pr-75which is used in the next step to name the image when docker/build-push-action is used.I have simply used the docker/metadata-action again in the second job: