Publish a Docker Image to Private Docker Hub Repo Using GitHub Actions

Overview #

In this article, I’ll cover how to publish a Docker image to a private Docker Hub repo when a new release is created using GitHub Actions.

GitHub Actions provide continuous integration capabilities in the form of workflows.

Workflows are defined in YAML files in the .github/workflows directory of a GitHub repository.

There are lots of built-in actions and third-party actions to choose from.

Create a Docker Hub Access Token #

Since we’ll be pushing our image to a private Docker Hub repository, we’ll need to generate an access token in Docker Hub so Github can authenticate successfully.

Login to Docker Hub and go to https://hub.docker.com/settings/security

Click the New Access Token button which launches the modal shown below.

• For Access Token Description, enter a descriptive name like “Github Actions Token".
• For Access Permissions, select the Read & Write dropdown.
• Click the Generate button
• Copy the token to the clipboard

Create GitHub Secrets #

In the Github repository, go to Settings > Secrets and create the following secrets:

Name: DOCKER_HUB_USERNAME
Value: <username>

Name: DOCKER_HUB_ACCESS_TOKEN
Value: <access token>

GitHub Actions Workflow #

Now we are ready to create our workflow config file named .github/workflows/docker.yml.

The following workflow config builds an image based on a Dockerfile and publishes it to Docker Hub.

.github/workflows/docker.yml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

name: Publish Docker Image

on:
  push:
    tags:
      - '*'

jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to DockerHub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKER_HUB_USERNAME }}
          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
      - name: Build and push
        id: docker_build
        uses: docker/build-push-action@v5
        with:
          push: true
          tags: user/app:${{ github.ref_name }}

• Line 1: This is the name of the workflow and can be anything you want.

• Lines 3-6: This section tells the workflow to fire whenever a tag is created.

• Lines 12-13: This step is setting up our builder, this is the tool we are going to use to build our Docker image.

• Lines 14-18: This step logs into Docker Hub with the secrets we created earlier.

• Lines 19-24: This step builds the image with name user/app with the tag and pushes it to Docker Hub.

Create a release #

Following the steps here to create a release: Creating a Release

Check the action #

Let’s check the Actions tab to verify that the job steps completed successfully.

Check Docker Hub #

In the Docker Hub repository, you should see the new image that was pushed.