I am trying to write a GitHub actions script to automatically build a docker image, and then push it into the GitHub Container Registry when new code is checked in to the main branch. This is the code that I'm using to try to log into the container registry:
name: Build and publish Docker image.
on: [push]
jobs:
publish-docker-image:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{github.actor}}
password: ${{secrets.CONTAINER_REG_ACCESS}}
For more context, the CONTAINER_REG_ACCESS secret is a personal access token, though it was created by a different member of my organization.
This error shows up in GitHub after it runs its automated tests on my pull request.
Run docker/login-action@v1
Logging into ghcr.io...
Error: Error response from daemon: Get "https://ghcr.io/v2/": denied: denied
What is the best practice from logging into the GitHub container registry using a GitHub actions script? Is there a way to log in using an organizations credentials instead of my personal GitHub ID?
There have been updates since you posted your question. So your original github action snippet should work as long as the token permissions are correct.
Both below methods now work well:
1. Use the latest docker/login-action@v3
Source here: https://github.com/docker/login-action#github-container-registry
2. Alternatively, use the terminal docker login command
See another answer here: https://stackoverflow.com/a/58229226/17546520