DEV Community

Cover image for GitHub Container Registry: BETTER than Docker Hub?
Davide 'CoderDave' Benvegnù for GitHub

Posted on

GitHub Container Registry: BETTER than Docker Hub?

GitHub Container Registry improves how we handle containers within GitHub. Let's see what it is, how it works, and if it is better than Docker Hub.

Video

As usual, if you are a visual learner, or simply prefer to watch and listen instead of reading, here you have the video with the whole explanation and demo, which to be fair is much more complete than this post.

Link to the video: https://youtu.be/WjzA9dfk5w4

If you rather prefer reading, well... let's just continue :)

GitHub Container Registry?

The GitHub Container Registry (GHCR) is a redesigned, enhanced version of GitHub Packages. It not only replaces the Packages Docker service, but also it represents a fundamental shift in how GitHub will provide packages to its customers, because Packages are now tied to organizations and accounts instead of repos.

And in the case of the Container Registry, it also has its own URL: ghcr.io.

GHCR also represents a step toward a Cloud Native approach to CI/CD workflows. This service is in fact built from the latest docker distribution and offers OCI compatible storage.

How To Push an Image?

Pushing a container image to the GitHub Container Registry is super easy and straight forward.

You just authenticate using your GitHub Username and a PAT with the write packages scope (watch this video to see how to create a PAT in GitHub), for example with Docker Login, and push the container as you would normally do.

You just have to tag the image with the format ghcr.io/OWNER/IMAGE_NAME:version, where OWNER is the name of your user or the organization.

And if you are doing it in GitHub Actions it's even easier.



- name: Log into GitHub Container Registry
  run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin

- name: Push image to GitHub Container Registry
  run: |
    IMAGE_ID=ghcr.io/${{ github.repository_owner }}/MyBeautifulContainer:123        
    docker push $IMAGE_ID


Enter fullscreen mode Exit fullscreen mode

You can in fact use the GITHUB_TOKEN environment variable instead of your PAT, github.actor to automatically retrieve the current user running the workflow, and github.repository_owner to automatically get the user or organization this container belongs to.

Better than Docker Hub?

Is it better than Docker Hub? You tell me.

You can link GHCR to a repo, so you can get the Readme directly as description for that image.

And you also have granular control of the permissions. You can restrict the usage of the container image only to some of your repos or your organization's repos, and you can also manage the permissions for individual users or teams.

Finally, you can change the visibility of the container image between private and public.

So yes, for me it is better than Docker Hub. Adn the fact that it is already directly into GitHub makes it even easier to use.

Final Considerations

Note that the Container registry is currently in public beta and may be subject to changes. It is free for public images, while for private images Container Registry is free during the beta, and as part of GitHub Packages will follow the same pricing model when generally available.

Also, remember that to use the Container registry, you must enable the feature preview. Just go to your profile settings and access the Feature Preview submenu.

Conclusions

What do you think of the GitHub Container Registry? Are you using it?
Let me know in the comment section below.

Like, share and follow me 🚀 for more content:

📽 YouTube
Buy me a coffee
💖 Patreon
🌐 CoderDave.io Website
👕 Merch
👦🏻 Facebook page
🐱‍💻 GitHub
👲🏻 Twitter
👴🏻 LinkedIn
🔉 Podcast

Buy Me A Coffee

1

Top comments (11)

Collapse
 
llbbl profile image
Logan Lindquist

Having it in Gitlab has been nice. Will be great when Github has feature parity on this.

Collapse
 
n3wt0n profile image
Davide 'CoderDave' Benvegnù

Not sure what you mean since this is in GitHub 😅

Collapse
 
llbbl profile image
Logan Lindquist

Gitlab has had it for a while, several years, and I am just saying it is nice that Github is catching up.

Thread Thread
 
n3wt0n profile image
Davide 'CoderDave' Benvegnù

Ah ok, got it. Well, GitHub had it already but was, as GitHub Pacjages, limited to a single repo (even tho it could be used more widely thanks to some workaround)

Collapse
 
jonasbn profile image
Jonas Brømsø

I have been pondering on how to use GHCR instead of DockerHub for GitHub actions, but have not had the time to investigate on how to do the switch. A switch I think will be fairly trivial - any pointers/suggestions most welcome.

Collapse
 
factoidforrest profile image
Forrest

Can anyone tell me if these images load faster in github actions?

Collapse
 
n3wt0n profile image
Davide 'CoderDave' Benvegnù

it should be slightly faster because they are hosted on the same infrastructure

Collapse
 
tomasbalaz profile image
Tomas Balaz

hi guys
do you know how to allow visibility of organisation images for anonymous user? images can be pulled anonymously but link to image in GHCR returns 404 if user is not logged in

Collapse
 
irveloper profile image
Irving Caamal • Edited

I've created a basic example of node/express app deployed into Azure using GitHub container registry here github.com/irvv17/deployment-nodea... . Great Tool.

Collapse
 
drsensor profile image
૮༼⚆︿⚆༽つ • Edited

If the project itself is publicly open, it's better to host the image container on IPFS too 😉
github.com/ipdr/ipdr

Collapse
 
n3wt0n profile image
Davide 'CoderDave' Benvegnù

Well, images hosted on GHCR can be publicly availbale to anyone :)

But I didn't know IPFS, let me take a look at it