Configuring RubyGems for use with GitHub Packages

Prerequisites

• You must have rubygems 2.4.1 or higher. To find your rubygems version:

  $ gem --version

  • You must have bundler 1.6.4 or higher. To find your Bundler version:

    $ bundle --version
    Bundler version 1.13.7

  • Install keycutter to manage multiple credentials. To install keycutter:

    $ gem install keycutter

Authenticating to GitHub Packages

您需要访问令牌才能发布、安装和删除 GitHub Packages 中的包。 您可以使用个人访问令牌直接向 GitHub Packages 或 GitHub API 验证您的用户名。 创建个人访问令牌时，可根据需要为令牌分配不同的作用域。

要使用 GitHub Actions 工作流程验证：

• 对于包注册表 (PACKAGE-REGISTRY.pkg.github.com)，您可以使用 GITHUB_TOKEN。
• 对于容器注册表 (ghcr.io/OWNER/IMAGE-NAME)，必须使用个人访问令牌。

Authenticating with a personal access token

您必须使用具有适当范围的个人访问令牌才可在 GitHub Packages 中发布和安装。 更多信息请参阅“关于 GitHub Packages”。

You can authenticate to GitHub Packages with RubyGems by editing the ~/.gem/credentials file for publishing gems, editing the ~/.gemrc file for installing a single gem, or using Bundler for tracking and installing one or more gems.

To publish new gems, you need to authenticate to GitHub Packages with RubyGems by editing your ~/.gem/credentials file to include your personal access token. Create a new ~/.gem/credentials file if this file doesn't exist.

For example, you would create or edit a ~/.gem/credentials to include the following, replacing TOKEN with your personal access token.

---
:github: Bearer TOKEN

To install gems, you need to authenticate to GitHub Packages by editing the ~/.gemrc file for your project to include https://USERNAME:TOKEN@rubygems.pkg.github.com/OWNER/. You must replace:

• USERNAME with your GitHub username.
• TOKEN with your personal access token.
• OWNER with the name of the user or organization account that owns the repository containing your project.

If you don't have a ~/.gemrc file, create a new ~/.gemrc file using this example.

---
:backtrace: false
:bulk_threshold: 1000
:sources:
- https://rubygems.org/
- https://USERNAME:TOKEN@rubygems.pkg.github.com/OWNER/
:update_sources: true
:verbose: true  

To authenticate with Bundler, configure Bundler to use your personal access token, replacing USERNAME with your GitHub username, TOKEN with your personal access token, and OWNER with the name of the user or organization account that owns the repository containing your project.

$ bundle config https://rubygems.pkg.github.com/OWNER USERNAME:TOKEN

Authenticating with the GITHUB_TOKEN

如果您使用的是 GitHub Actions 工作流程，可以使用 GITHUB_TOKEN 发布和使用 GitHub Packages 中的软件包，而无需存储和管理个人访问令牌。 更多信息请参阅“使用 GITHUB_TOKEN 验证身份”。

Publishing a package

默认情况下，GitHub 将包发布到名称与包相同的现有仓库中。 For example, when you publish octo-gem to the octo-org organization, GitHub Packages publishes the gem to the octo-org/octo-gem repository. For more information on creating your gem, see "Make your own gem" in the RubyGems documentation.

在发布包后，您可以在 GitHub 上查看该包。 更多信息请参阅“查看包”。

1. 向 GitHub Packages 验证。 更多信息请参阅“向 GitHub Packages 验证”。

2. Build the package from the gemspec to create the .gem package.

   gem build OCTO-GEM.gemspec

3. Publish a package to GitHub Packages, replacing OWNER with the name of the user or organization account that owns the repository containing your project and OCTO-GEM with the name of your gem package.

   $ gem push --key github \
   --host https://rubygems.pkg.github.com/OWNER \
   OCTO-GEM-0.0.1.gem

Publishing multiple packages to the same repository

To publish multiple gems to the same repository, you can include the URL to the GitHub repository in the github_repo field in gem.metadata. If you include this field, GitHub matches the repository based on this value, instead of using the gem name.

gem.metadata = { "github_repo" => "ssh://github.com/OWNER/REPOSITORY" }

Installing a package

You can use gems from GitHub Packages much like you use gems from rubygems.org. You need to authenticate to GitHub Packages by adding your GitHub user or organization as a source in the ~/.gemrc file or by using Bundler and editing you Gemfile.

1. 向 GitHub Packages 验证。 更多信息请参阅“向 GitHub Packages 验证”。

2. For Bundler, add your GitHub user or organization as a source in your Gemfile to fetch gems from this new source. For example, you can add a new source block to your Gemfile that uses GitHub Packages only for the packages you specify, replacing GEM NAME with the package you want to install from GitHub Packages and OWNER with the user or organization that owns the repository containing the gem you want to install.

   source "https://rubygems.org"
   
   gem "rails"
   
   source "https://rubygems.pkg.github.com/OWNER" do
     gem "GEM NAME"
   end
   

3. For Bundler versions earlier than 1.7.0, you need to add a new global source. For more information on using Bundler, see the bundler.io documentation.

   source "https://rubygems.pkg.github.com/OWNER"
   source "https://rubygems.org"
   
   gem "rails"
   gem "GEM NAME"
   

4. Install the package:

   $ gem install octo-gem --version "0.1.1"

Further reading

• "Deleting a package"