Hallo, Entdecker! An dieser Seite wird aktiv gearbeitet, oder sie wird noch übersetzt. Die neuesten und genauesten Informationen findest Du in unserer englischsprachigen Dokumentation.

Using GitHub Packages with GitHub Actions

You can configure a workflow in GitHub Actions to automatically publish or install a package from GitHub Packages.

GitHub Packages is available with GitHub Free, GitHub Pro, GitHub Free for organizations, GitHub Team, GitHub Enterprise Cloud, GitHub Enterprise Server 2.22, GitHub One, and GitHub AE.


GitHub Packages ist nicht verfügbar für private Repositorys im Besitz von Konten mit älteren Pro-Repository-Plänen. GitHub Packages ist verfügbar mit GitHub Free, GitHub Pro, GitHub Free für Organisationen, GitHub Team, GitHub Enterprise Cloud, und GitHub One. For more information, see "[GitHub's products](/articles/github-s-products)."

Inhalt dieses Artikels

About GitHub Packages with GitHub Actions

GitHub Actions helfen Dir, Deine Workflows für die Softwareentwicklung am gleichen Ort zu automatisieren, an dem Du Code speicherst und an Pull Requests und Issues mitarbeitest. Du kannst einzelne Aufgaben schreiben, Aktionen genannt, und diese kombinieren um einen benutzerdefinierten Workflow zu erstellen. Mit GitHub Actions kannst Du End-to-End-Funktionen für die fortlaufende Integration (continuous integration CI) und die fortlaufende Bereitstellung (continuous deployment CD) direkt im Repository erstellen. For more information, see "About GitHub Actions."

You can extend the CI and CD capabilities of your repository by publishing or installing packages as part of your workflow.

Authenticating to GitHub Container Registry

Note: GitHub Container Registry is currently in public beta and subject to change. During the beta, storage and bandwidth are free. To use GitHub Container Registry, you must enable the feature preview. For more information, see "About GitHub Container Registry" and "Enabling improved container support."

PATs can grant broad access to your account. You should select only the necessary read:packages, write:packages, or delete:packages scope when creating a PAT to authenticate to the container registry.

To authenticate to GitHub Container Registry within a GitHub Actions workflow, use the GITHUB_TOKEN for the best security and experience.

For guidance on updating your workflows that authenticate to ghcr.io with a personal access token, see "Upgrading a workflow that accesses ghcr.io."

GitHub Container Registry now supports GITHUB_TOKEN for easy and secure authentication in your workflows. If your workflow is using a personal access token (PAT) to authenticate to ghcr.io, then we highly recommend you update your workflow to use GITHUB_TOKEN.

For more information about GITHUB_TOKEN, see "Encrypted secrets" and "Authentication in a workflow."

If you'd like to use the container registry in actions during the beta, follow our security best practices for PAT use at "Security hardening for GitHub Actions."

For an authentication example, see "Authenticating with the container registry."

Authenticating to package registries on GitHub

If you want your workflow to authenticate to GitHub Packages to access a package registry other than the container registry on GitHub, then we recommend using the GITHUB_TOKEN that GitHub automatically creates for your repository when you enable GitHub Actions instead of a personal access token for authentication. The GITHUB_TOKEN has read:packages and write:packages scopes to the current repository. For forks, the token also has the read:packages scope for the parent repository.

You can reference the GITHUB_TOKEN in your workflow file using the {{secrets.GITHUB_TOKEN}} context. For more information, see "Authenticating with the GITHUB_TOKEN."

Publishing a package using an action

You can use GitHub Actions to automatically publish packages as part of your continuous integration (CI) flow. This approach to continuous deployment (CD) allows you to automate the creation of new package versions, if the code meets your quality standards. For example, you could create a workflow that runs CI tests every time a developer pushes code to a particular branch. If the tests pass, the workflow can publish a new package version to GitHub Packages.

Die Konfigurationsschritte variieren je nach Paketclient. Allgemeine Informationen zur Konfiguration eines Workflow für GitHub Actions findest Du auf „Konfigurieren eines Workflow."

The following example demonstrates how you can use GitHub Actions to build and test your app, and then automatically create a Docker image and publish it to GitHub Packages:

  • Create a new workflow file in your repository (such as .github/workflows/deploy-image.yml), and add the following YAML:

    name: Create and publish a package
    on:
      push:
        branches: ['release']
    jobs:
      run-npm-build:
        runs-on: ubuntu-latest
        steps:
          - uses: actions/checkout@v2
          - name: npm install and build webpack
            run: |
              npm install
              npm run build
          - uses: actions/upload-artifact@main
            with:
              name: webpack artifacts
              path: public/
    
      run-npm-test:
        runs-on: ubuntu-latest
        needs: run-npm-build
        strategy:
          matrix:
            os: [ubuntu-latest]
            node-version: [12.x, 14.x]
        steps:
          - uses: actions/checkout@v2
          - name: Use Node.js ${{ matrix.node-version }}
            uses: actions/setup-node@v1
            with:
              node-version: ${{ matrix.node-version }}
          - uses: actions/download-artifact@main
            with:
              name: webpack artifacts
              path: public
          - name: npm install, and test
            run: |
              npm install
              npm test
            env:
              CI: true
    
      build-and-push-image:
        runs-on: ubuntu-latest
        needs: run-npm-test
        steps:
        - name: Checkout
          uses: actions/checkout@v2
        - name: Build container image
          uses: docker/build-push-action@v1
          with:
            username: ${{ github.actor }}
            password: ${{ secrets.GITHUB_TOKEN }}
            registry: docker.pkg.github.com
            repository: ${{ github.repository }}/octo-image
            tag_with_sha: true
            tag_with_ref: true
    

The relevant settings are explained in the following table:

on:
  push:
    branches: ['release']
Configures the Create and publish a package workflow to run every time a change is pushed to the branch called release.
run-npm-build:
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v2
    - name: npm install and build webpack
      run: |
        npm install
        npm run build
    - uses: actions/upload-artifact@main
      with:
        name: webpack artifacts
        path: public/
This job installs NPM and uses it to build the app.
run-npm-test:
  runs-on: ubuntu-latest
  needs: run-npm-build
  strategy:
    matrix:
      os: [ubuntu-latest]
      node-version: [14.x]
  steps:
    - uses: actions/checkout@v2
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v1
      with:
        node-version: ${{ matrix.node-version }}
    - uses: actions/download-artifact@main
      with:
        name: webpack artifacts
        path: public
    - name: npm install, and test
      run: |
        npm install
        npm test
      env:
        CI: true
This job uses npm test to test the code. The needs: run-npm-build command makes this job dependent on the run-npm-build job.
- name: Build container image
Creates a new step called Build container image. This step runs as part of the build-and-push-image job. The needs: run-npm-test command makes this job dependent on the run-npm-test job.
uses: docker/build-push-action@v1
Uses the Docker build-push-action action to build the image, based on your repository's Dockerfile. If the build succeeds, it pushes the image to GitHub Packages.
with:
Sends the required parameters to the build-push-action action. This are defined in the subsequent lines.
username: ${{ github.actor }}
Defines the user account that will publish the packages. Once published, the packages are owned by the account defined here.
password: ${{ secrets.GITHUB_TOKEN }}
Defines the password that is used to access GitHub Packages.
registry: docker.pkg.github.com
Defines the registry that will host the resulting packages. This example uses GitHub Packages.
repository: ${{ github.repository }}/octo-image
Defines which repository will host the resulting package, and sets the name of the published package. Replace octo-image with the name you want for your package.
tag_with_sha: true
Tags the published package with the first seven characters of the commit's SHA. For example, sha-2f2d842.
tag_with_ref: true
Tags the published package with the git ref. This can be the name of the branch used to create the package.
  • This new workflow will run automatically every time you push a change to the repository. You can view the progress in the Actions tab.
  • A few minutes after the workflow has completed, the new package will visible in your repository. To find your available packages, see "Viewing a repository's packages."

Installing a package using an action

You can install packages as part of your CI flow using GitHub Actions. For example, you could configure a workflow so that anytime a developer pushes code to a pull request, the workflow resolves dependencies by downloading and installing packages hosted by GitHub Packages. Then, the workflow can run CI tests that require the dependencies.

Installing packages hosted by GitHub Packages through GitHub Actions requires minimal configuration or additional authentication when you use GITHUB_TOKEN. Data transfer is also free when an action installs a package. For more information, see "About billing for GitHub Packages."

GITHUB_TOKEN cannot install packages from any private repository besides the repository where the action runs. You cannot currently use GITHUB_TOKEN to authenticate to GitHub Container Registry.

Die Konfigurationsschritte variieren je nach Paketclient. Allgemeine Informationen zur Konfiguration eines Workflow für GitHub Actions findest Du auf „Konfigurieren eines Workflow."

Did this doc help you?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Oder, learn how to contribute.