About GitHub Container Registry

You can use GitHub Container Registry to seamlessly host and manage Docker container images in your organization or personal user account on GitHub. GitHub Container Registry allows you to configure who can manage and access packages using fine-grained permissions.

GitHub Packages is available with GitHub Free, GitHub Pro, GitHub Free for organizations, GitHub Team, GitHub Enterprise Cloud, GitHub Enterprise Server 2.22, and GitHub One.


GitHub Packages is not available for private repositories owned by accounts using legacy per-repository plans. Also, accounts using legacy per-repository plans cannot access GitHub Container Registry since these accounts are billed by repository. For more information, see "GitHub's products."

In this article

Note: GitHub Container Registry is currently in public beta and subject to change. During the beta, storage and bandwidth are free. To use GitHub Container Registry, you must enable the feature for your account. For more information, see "Enabling improved container support."

About GitHub Container Registry

With the container registry you can:

  • Store container images within your organization and user account, rather than a repository.
  • Set fine-grained permissions and visibility independent of repository permissions and visibility.
  • Access public container images anonymously.

To share context about your package's use, you can link a repository to your container image on GitHub. For more information, see "Connecting a repository to a container image."

GitHub Container Registry has different hosting locations, permission, and visibility than other package registries.

Package registriesGitHub Container Registry
Hosting locationsYou can host multiple packages in one repository.You can host multiple container images in one organization or user account.
PermissionsEach package inherits the permissions of the repository where the package is hosted.

For example, anyone with read permissions for a repository can install a package as a dependency in a project, and anyone with write permissions can publish a new package version.
For each container image, you can choose the access level that others have. The permissions for container image access are separate from your organization and repository permissions.
VisibilityYou can publish packages in a public repository (public packages) to share with all of GitHub, or in a private repository (private packages) to share with collaborators or an organization.You can set the visibility of each of your container images. A private container image is only visible to people and teams who are given access within your organization. A public container image is visible to anyone.
Anonymous accessN/AYou can access public container images anonymously.

For more information, see "About scopes and permissions for GitHub Container Registry."

Supported formats

The container registry currently supports the following container image formats:

The GitHub Container Registry hosts containers at ghcr.io/OWNER/IMAGE-NAME.

Package clientLanguagePackage formatDescription
Docker CLIN/ADockerfileDocker container support.

Manifest Lists/Image Indexes

GitHub Container Registry also supports Docker Manifest List/OCI Image Index formats which are defined in the Docker V2, Schema 2 and OCI image specifications.

Visibility and access permissions for container images

If you have admin permissions to a container image, you can set the container image to private or public. Public images allow anonymous access and can be pulled without authentication or signing in via the CLI.

As an admin, you can also grant access permissions for a container image that are separate from the permissions you've set at the organization and repository levels.

For container images published and owned by a user account, you can give any person an access role. For container images published and owned by an organization, you can give any person or team in the organization an access role.

Permission roleAccess description
ReadCan download package.
Can read package metadata.
WriteCan upload and download this package.
Can read and write package metadata.
AdminCan upload, download, delete, and manage this package.
Can read and write package metadata.
Can grant package permissions.

For more information, see "Configuring access control and visibility for container images."

About scopes and permissions for GitHub Container Registry

To use or manage a package hosted by a package registry, you must use a token with the appropriate scope, and your user account must have appropriate permissions for that repository.

ScopeDescription
read:packagesDownload and install container images from GitHub Container Registry
write:packagesUpload and publish container images to GitHub Container Registry
delete:packagesDelete specified versions of private or public container images from GitHub Container Registry. For more information, see "Deleting a container image."

To learn about available scopes and permissions for container images, see "Configuring access control and visibility for container images."

For more information, see "Creating a personal access token" and "Available scopes."

About billing for GitHub Container Registry

During the GitHub Container Registry beta, both the new container registry and existing GitHub Packages Docker registry will be free. For more information about the GitHub Packages Docker registry, see "Configuring Docker for use with GitHub Packages."

After the beta, the same billing and storage rates that other GitHub Packages registries use will apply to the container registry. For more information, see "About billing for GitHub Packages."

Contacting support

If you have feedback or feature requests for GitHub Container Registry, use the feedback form.

Contact GitHub Support about GitHub Container Registry using our contact form if:

  • You experience anything that contradicts the documentation.
  • You encounter vague or unclear errors.
  • Your published package contains sensitive data, such as GDPR violations, API Keys, or personally-identifying information.

Did this doc help you?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.