我正在尝试将 Docker 映像从 GitHub Actions 工作流程推送到 GitHub 容器注册表 (ghcr.io)。以下是我采取的步骤:
创建具有包读/写/删除权限的 GitHub 个人访问令牌 (PAT)
使用此 PAT 通过
在本地登录export CR_PAT='...'
echo $CR_PAT| docker login ghcr.io -u <MY GITHUB USERNAME> --password-stdin
用正确的标签标记我的 Docker 镜像并推送到 ghcr
docker tag texlive ghcr.io/michaellihs/texlive:latest
docker push ghcr.io/michaellihs/texlive:latest
镜像已成功推送到https://github.com/users/michaellihs/packages/container/texlive
转到包的设置页面
https://github.com/users/michaellihs/packages/container/texlive/settings
并添加了存储库,在其中我将 GitHub Actions 工作流程 (https://github.com/michaellihs/docker-texlive
) 实现为具有管理员角色的 Actions Access
我使用以下 GitHub Actions 工作流程来构建和推送我的图像
name: ci
on:
push:
branches:
- 'main'
using-an-action
jobs:
build-and-push-image:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Log in to the Container registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: https://ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push Docker image
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: image/
push: true
tags: ghcr.io/michaellihs/texlive:latest
当我现在运行工作流程时,我收到以下错误:
#10 ERROR: denied: installation not allowed to Write organization package
------
> pushing ghcr.io/michaellihs/texlive:latest with docker:
------
ERROR: denied: installation not allowed to Write organization package
Error: buildx call failed with: ERROR: denied: installation not allowed to Write
organization package
更改存储库设置中的工作流权限的另一种方法是使用作业级别权限设置包的写入权限。这样做的好处是,只有该作业才能以额外的权限运行。
jobs:
...
runs-on: ubuntu-latest
permissions:
packages: write
steps:
...