Hallo, Entdecker! An dieser Seite wird aktiv gearbeitet, oder sie wird noch übersetzt. Die neuesten und genauesten Informationen findest Du in unserer englischsprachigen Dokumentation.

Configuring access control and visibility for container images

Choose who has read, write, or admin access to your container image and the visibility of your container images on GitHub.

GitHub Packages is available with GitHub Free, GitHub Pro, GitHub Free for organizations, GitHub Team, GitHub Enterprise Cloud, GitHub Enterprise Server 2.22, GitHub One, and GitHub AE.


GitHub Packages ist nicht verfügbar für private Repositorys im Besitz von Konten mit älteren Pro-Repository-Plänen. GitHub Packages ist verfügbar mit GitHub Free, GitHub Pro, GitHub Free für Organisationen, GitHub Team, GitHub Enterprise Cloud, und GitHub One. For more information, see "[GitHub's products](/articles/github-s-products)."

Inhalt dieses Artikels

Note: GitHub Container Registry is currently in public beta and subject to change. During the beta, storage and bandwidth are free. To use GitHub Container Registry, you must enable the feature preview. For more information, see "About GitHub Container Registry" and "Enabling improved container support."

Configuring access to container images for your personal account

If you have admin permissions to a user-account owned container image, you can assign read, write, or admin roles to other users. For more information about these permission roles, see "Visibility and access permissions for container images."

  1. On GitHub, navigate to the main page of your user account.
  2. In der oberen rechten Ecke von GitHub klicke auf Dein Profilfoto und dann auf your profile (Dein Profil).
    Profilfoto
  3. On your profile page, in the top right, click Packages.
    Packages option on profile page
  4. On the package settings page, click Invite teams or people and enter the name, username, or email of the person you want to give access. Teams cannot be given access to a container image owned by a user account.
    Container access invite button
  5. Next to the username or team name, use the "Role" drop-down menu to select a desired permission level.
    Container access options

The selected users will automatically be given access and don't need to accept an invitation first.

Configuring access to container images for an organization

If you have admin permissions to an organization-owned container image, you can assign read, write, or admin roles to other users and teams. For more information about these permission roles, see "Visibility and access permissions for container images."

If your package is private or internal and owned by an organization, then you can only give access to other organization members or teams.

For organization image containers, organizations admins must enable packages before you can set the visibility to public. For more information, see "Enabling improved container support."

  1. On GitHub, navigate to the main page of your organization.
  2. Under your organization name, click Packages.
    Container access invite button
  3. On the package settings page, click Invite teams or people and enter the name, username, or email of the person you want to give access. You can also enter a team name from the organization to give all team members access.
    Container access invite button
  4. Next to the username or team name, use the "Role" drop-down menu to select a desired permission level.
    Container access options

The selected users or teams will automatically be given access and don't need to accept an invitation first.

Inheriting access for a container image from a repository

To simplify package management through GitHub Actions workflows, you can enable a container image to inherit the access permissions of a repository by default.

If you inherit the access permissions of the repository where your package's workflows are stored, then you can adjust access to your package through the repository's permissions.

Once a repository is synced, you can't access the package's granular access settings. To customize the package's permissions through the granular package access settings, you must remove the synced repository first.

  1. On GitHub, navigate to the main page of your organization.
  2. Under your organization name, click Packages.
    Container access invite button
  3. Under "Repository source", select Inherit access from repository (recommended).
    Inherit repo access checkbox

Ensuring workflow access to your package

To ensure that a GitHub Actions workflow has access to your package, you must give explicit access to the repository where the workflow is stored.

The specified repository does not need to be the repository where the source code for the package is kept. You can give multiple repositories workflow access to a package.

Note: Syncing your container image with a repository through the Actions access menu option is different than connecting your container to a repository. For more information about linking a repository to your container, see "Connecting a repository to a container image."

  1. On GitHub, navigate to the main page of your organization.
  2. Under your organization name, click Packages.
    Container access invite button
  3. In the left sidebar, click Actions access.
    "Actions access" option in left menu
  4. Click Add repository and search for the repository you want to add.
    "Add repository" button
  5. Using the "role" drop-down menu, select the default access level that you'd like repository members to have to your container image. Outside collaborators will not be included.
    Permission access levels to give to repositories

To further customize access to your container image, see "Configuring access to container images for an organization."

Configuring visibility of container images for your personal account

When you first publish a package, the default visibility is private and only you can see the package. You can modify a private or public container image's access by changing the access settings.

A public package can be accessed anonymously without authentication. Once you make your package public, you cannot make your package private again.

  1. On GitHub, navigate to the main page of your user account.

  2. In der oberen rechten Ecke von GitHub klicke auf Dein Profilfoto und dann auf your profile (Dein Profil).

    Profilfoto

  3. On your profile page, in the top right, click Packages.

    Packages option on profile page

  4. Under "Danger Zone", choose a visibility setting:

    • To make the container image visible to anyone, click Make public.

    Warning: Once you make a package public, you cannot make it private again.

    - To make the container image visible to a custom selection of people, click **Make private**. ![Container visibility options](/assets/images/help/package-registry/container-visibility-option.png)

Container creation visibility for organization members

You can choose the visibility of containers that organization members can publish by default.

  1. In der oberen rechten Ecke von GitHub klicke auf Dein Profilfoto und dann auf your profile (Dein Profil).
    Profilfoto
  2. Klicke auf der linken Seite Deiner Profilseite unter „Organizations" (Organisationen) auf das Symbol für Deine Organisation.
    Organisationssymbole
  3. Klicke unter Deinem Organisationsnamen auf Settings (Einstellungen).
    Schaltfläche „Organization settings" (Organsationseinstellungen)
  4. On the left, click Packages.
  5. Under "Container creation", choose whether you want to enable the creation of public, private, or internal container images.
    • To enable organization members to create public container images, click Public.
    • To enable organization members to create private container images that are only visible to other organization members, click Private. You can further customize the visibility of private container images.
    • For GitHub Enterprise Cloud only: To enable organization members to create internal container images that are only visible to other organization members, click Internal.
      Visibility options for container images published by organization members

Configuring visibility of container images for an organization

When you first publish a package, the default visibility is private and only you can see the package. You can grant users or teams different access roles for your container image through the access settings.

A public package can be accessed anonymously without authentication. Once you make your package public, you cannot make your package private again.

For organization image containers, organizations admins must enable public packages before you can set the visibility to public. For more information, see "Enabling improved container support."

  1. On GitHub, navigate to the main page of your organization.

  2. Under your organization name, click Packages.

    Container access invite button

  3. Under "Danger Zone", choose a visibility setting:

    • To make the container image visible to anyone, click Make public.

    Warning: Once you make a package public, you cannot make it private again.

    - To make the container image visible to a custom selection of people, click **Make private**. ![Container visibility options](/assets/images/help/package-registry/container-visibility-option.png)

Did this doc help you?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Oder, learn how to contribute.