Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Figure out how to publish a container image to the GitHub Container Registry #109

Open
zmoog opened this issue Feb 16, 2025 · 5 comments
Open

Figure out how to publish a container image to the GitHub Container Registry #109

zmoog opened this issue Feb 16, 2025 · 5 comments
Assignees
@zmoog
Labels
research

Comments

@zmoog
Copy link
Owner

zmoog commented Feb 16, 2025
edited
Loading

I want to store container images for https://github.com/zmoog/otel-collector-contrib on GitHub Packages, but I don't know how they work very well.
@zmoog zmoog self-assigned this Feb 16, 2025
@zmoog zmoog added the research label Feb 16, 2025
@zmoog
Copy link
Owner Author

zmoog commented Feb 16, 2025

https://docs.github.com/en/packages/learn-github-packages/introduction-to-github-packages

@zmoog
Copy link
Owner Author

zmoog commented Feb 16, 2025

From https://docs.github.com/en/packages/learn-github-packages/introduction-to-github-packages#authenticating-to-github-packages

GitHub Packages is a software package hosting service that allows you to host your software packages privately or publicly and use packages as dependencies in your projects.

GitHub Packages offers different package registries for commonly used package managers, such as npm, RubyGems, Apache Maven, Gradle, Docker, and NuGet. GitHub's Container registry is optimized for containers and supports Docker and OCI images. For more information on the different package registries that GitHub Packages supports, see Working with a GitHub Packages registry.

For more information about configuring your package client for use with GitHub Packages, see Working with a GitHub Packages registry.

For more information about Docker and the Container registry, see Working with the Container registry.

Authenticating to GitHub Packages

As of [[2025-02-16]]

GitHub Packages ==only supports authentication using a personal access token (classic)==. For more information, see Managing your personal access tokens.

For more information about packages-related scopes for a personal access token (classic), see About permissions for GitHub Packages.

To authenticate to a GitHub Packages registry within a GitHub Actions workflow, you can use:

  • GITHUB_TOKEN to publish packages associated with the workflow repository.
  • A personal access token (classic) with at least read:packages scope to install packages associated with other private repositories (GITHUB_TOKEN can be used if the repository is granted read access to the package. See Configuring a package's access control and visibility).

For more information about GITHUB_TOKEN used in GitHub Actions workflows, see Automatic token authentication.

@zmoog
Copy link
Owner Author

zmoog commented Feb 16, 2025

I created a classic GitHub personal access token (PAT) with the following scopes:

Image

Note: GitHub enables the repo: * scopes as you select the write:packages scope.

@zmoog
Copy link
Owner Author

zmoog commented Feb 16, 2025

After reading https://ko.build/get-started/ and https://medium.com/@vladimirvivien/build-and-publish-lightweight-go-container-images-with-ko-2896a4f8543b, I tried to build and publish a container version of https://github.com/zmoog/otel-collector-contrib/

# walk into the collector folder
cd collector/otelcol-dev

# set the GH token with the packages scopes
export GITHUB_TOKEN="<your GH token here>"

# start the build & publish with ko
$ KO_DOCKER_REPO=ghcr.io/zmoog/otel-collector-contrib ko build .

2025/02/16 10:33:15 Using base cgr.dev/chainguard/static:latest@sha256:853bfd4495abb4b65ede8fc9332513ca2626235589c2cef59b4fce5082d0836d for go.opentelemetry.io/collector/cmd/builder

2025/02/16 10:33:16 Building go.opentelemetry.io/collector/cmd/builder for linux/amd64
2025/02/16 10:33:21 Publishing ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:latest
2025/02/16 10:33:22 pushed blob: sha256:d0569ed735f3ba2294ac2ded1081a9b4674aeeee8eed8dc4870b82078252e8ea
2025/02/16 10:33:22 pushed blob: sha256:250c06f7c38e52dc77e5c7586c3e40280dc7ff9bb9007c396e06d96736cf8542
2025/02/16 10:33:22 pushed blob: sha256:058458a75b08480c57712dc920ac06ae492af65a7499cfbc93d67edc05741fb3
2025/02/16 10:33:22 pushed blob: sha256:56938fe5167036e200dcc379b81a11d88ea26312c416d85e4a5f435ab7a3f018
2025/02/16 10:33:23 ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:sha256-47a125076528942ab1828adfd2428e4d95bf5b9ea82b2e7e6a20e4adccfdf3d5.sbom: digest: sha256:9e98491b007eed92ae680bbddbd19bbcdb15ee9661eaa3efb0ee974027423aca size: 375
2025/02/16 10:33:23 Published SBOM ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:sha256-47a125076528942ab1828adfd2428e4d95bf5b9ea82b2e7e6a20e4adccfdf3d5.sbom
2025/02/16 10:33:23 pushed blob: sha256:9829e4b4d6e1aabff5a35581e1f325922c7ac8b963db89280960ffe2bbf91d03
2025/02/16 10:33:24 pushed blob: sha256:6044bc9166c45912a92f8b548fb436e262be7db5c2109dbc5d049a2367ed512f
2025/02/16 10:33:24 ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:latest: digest: sha256:47a125076528942ab1828adfd2428e4d95bf5b9ea82b2e7e6a20e4adccfdf3d5 size: 1337
2025/02/16 10:33:24 Published ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce@sha256:47a125076528942ab1828adfd2428e4d95bf5b9ea82b2e7e6a20e4adccfdf3d5
ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce@sha256:47a125076528942ab1828adfd2428e4d95bf5b9ea82b2e7e6a20e4adccfdf3d5

And here we are with an image published to the GHCR!

Image

@zmoog zmoog changed the title Figure out how GitHub Packages work Figure out how to publish a container image to the GitHub Container Registry Feb 16, 2025
@zmoog
Copy link
Owner Author

zmoog commented Feb 16, 2025

With ko, you can also build it multi platform:

$ KO_DOCKER_REPO=ghcr.io/zmoog/otel-collector-contrib ko build . --platform=linux/amd64,linux/arm64

2025/02/16 10:50:37 Using base cgr.dev/chainguard/static:latest@sha256:853bfd4495abb4b65ede8fc9332513ca2626235589c2cef59b4fce5082d0836d for go.opentelemetry.io/collector/cmd/builder

2025/02/16 10:50:38 Building go.opentelemetry.io/collector/cmd/builder for linux/arm64
2025/02/16 10:50:38 Building go.opentelemetry.io/collector/cmd/builder for linux/amd64

2025/02/16 10:50:43 Publishing ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:latest
2025/02/16 10:50:44 existing manifest: sha256-47a125076528942ab1828adfd2428e4d95bf5b9ea82b2e7e6a20e4adccfdf3d5.sbom@sha256:9e98491b007eed92ae680bbddbd19bbcdb15ee9661eaa3efb0ee974027423aca
2025/02/16 10:50:44 Published SBOM ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:sha256-47a125076528942ab1828adfd2428e4d95bf5b9ea82b2e7e6a20e4adccfdf3d5.sbom
2025/02/16 10:50:44 existing blob: sha256:250c06f7c38e52dc77e5c7586c3e40280dc7ff9bb9007c396e06d96736cf8542
2025/02/16 10:50:45 pushed blob: sha256:12b4dbe8524efaef288dc62393a7335367c78c613f94c70779d0df29330852df
2025/02/16 10:50:45 pushed blob: sha256:e6eb8a1a204fed35a7df4e9183bddbeb488d8e3e6210ced49536479ccb9005a5
2025/02/16 10:50:45 pushed blob: sha256:7390a37cb0d0b8669de9ad19cfe9cf24c51215ce5a581d0f1ee9a7c1dd3175d7
2025/02/16 10:50:45 ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:sha256-5aad4e9920b2a51476f15f90053297932929dcef526d451280ef87817e6ae2c0.sbom: digest: sha256:c341ebc43685edb8b2dd41a9bfe557ef7217d180939986215584b1a02df3cf1d size: 373
2025/02/16 10:50:45 Published SBOM ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:sha256-5aad4e9920b2a51476f15f90053297932929dcef526d451280ef87817e6ae2c0.sbom
2025/02/16 10:50:45 pushed blob: sha256:00a8de52c0552d791150264af55f62a71f6244c09182b011081281bff0de5b6b
2025/02/16 10:50:45 pushed blob: sha256:0dbdd736e403a7fde52afdc4859e36fea6ed2e4f6c8febdb7bbc923723b8e7d7
2025/02/16 10:50:45 ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:sha256-9861b5ae9243382af19a35d4496c7de3ecfb85444520650597f35ff67b6ccf6d.sbom: digest: sha256:e7ab3b58587d88f0a83515dce327a388dc4bc92fa74c6e531904713b7a9fbe94 size: 375
2025/02/16 10:50:45 Published SBOM ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:sha256-9861b5ae9243382af19a35d4496c7de3ecfb85444520650597f35ff67b6ccf6d.sbom
2025/02/16 10:50:46 pushed blob: sha256:4fb9e152ec77fe3f50612f710dcf0bcac7989e65570eb72ef8e9ce8928e43eb9
2025/02/16 10:50:46 pushed blob: sha256:2e1d3613c74d655171aa59e8947d1ed95ba24c13ce32bba8a1acf6e5d356e34c
2025/02/16 10:50:47 ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce@sha256:9861b5ae9243382af19a35d4496c7de3ecfb85444520650597f35ff67b6ccf6d: digest: sha256:9861b5ae9243382af19a35d4496c7de3ecfb85444520650597f35ff67b6ccf6d size: 1337
2025/02/16 10:50:47 ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce:latest: digest: sha256:5aad4e9920b2a51476f15f90053297932929dcef526d451280ef87817e6ae2c0 size: 694
2025/02/16 10:50:47 Published ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce@sha256:5aad4e9920b2a51476f15f90053297932929dcef526d451280ef87817e6ae2c0
ghcr.io/zmoog/otel-collector-contrib/builder-cbaad5a998cacbc17b0a97ad264712ce@sha256:5aad4e9920b2a51476f15f90053297932929dcef526d451280ef87817e6ae2c0

It seems that ko leverages te Golang toolchain by running two build with different GOOS and GOARCH environment variables.

The result is great.

Image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zmoog zmoog

Labels
research
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zmoog