GitHub Container Registry: BETTER than Docker Hub?

GitHub Container Registry improves how we handle containers within GitHub. Let's see what it is, how it works, and if it is better than Docker Hub.

Video

As usual, if you are a visual learner, or simply prefer to watch and listen instead of reading, here you have the video with the whole explanation and demo, which to be fair is much more complete than this post.

Link to the video: https://youtu.be/WjzA9dfk5w4

If you rather prefer reading, well... let's just continue :)

GitHub Container Registry?

The GitHub Container Registry (GHCR) is a redesigned, enhanced version of GitHub Packages. It not only replaces the Packages Docker service, but also it represents a fundamental shift in how GitHub will provide packages to its customers, because Packages are now tied to organizations and accounts instead of repos.

And in the case of the Container Registry, it also has its own URL: ghcr.io.

GHCR also represents a step toward a Cloud Native approach to CI/CD workflows. This service is in fact built from the latest docker distribution and offers OCI compatible storage.

How To Push an Image?

Pushing a container image to the GitHub Container Registry is super easy and straight forward.

You just authenticate using your GitHub Username and a PAT with the write packages scope (watch this video to see how to create a PAT in GitHub), for example with Docker Login, and push the container as you would normally do.

You just have to tag the image with the format ghcr.io/OWNER/IMAGE_NAME:version, where OWNER is the name of your user or the organization.

And if you are doing it in GitHub Actions it's even easier.

- name: Log into GitHub Container Registry
  run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin

- name: Push image to GitHub Container Registry
  run: |
    IMAGE_ID=ghcr.io/${{ github.repository_owner }}/MyBeautifulContainer:123        
    docker push $IMAGE_ID

You can in fact use the GITHUB_TOKEN environment variable instead of your PAT, github.actor to automatically retrieve the current user running the workflow, and github.repository_owner to automatically get the user or organization this container belongs to.

Better than Docker Hub?

Is it better than Docker Hub? You tell me.

You can link GHCR to a repo, so you can get the Readme directly as description for that image.

And you also have granular control of the permissions. You can restrict the usage of the container image only to some of your repos or your organization's repos, and you can also manage the permissions for individual users or teams.

Finally, you can change the visibility of the container image between private and public.

So yes, for me it is better than Docker Hub. Adn the fact that it is already directly into GitHub makes it even easier to use.

Final Considerations

Note that the Container registry is currently in public beta and may be subject to changes. It is free for public images, while for private images Container Registry is free during the beta, and as part of GitHub Packages will follow the same pricing model when generally available.

Also, remember that to use the Container registry, you must enable the feature preview. Just go to your profile settings and access the Feature Preview submenu.

Conclusions

What do you think of the GitHub Container Registry? Are you using it?
Let me know in the comment section below.

Like, share and follow me 🚀 for more content:

📽 YouTube
☕ Buy me a coffee
💖 Patreon
🌐 CoderDave.io Website
👕 Merch
👦🏻 Facebook page
🐱‍💻 GitHub
👲🏻 Twitter
👴🏻 LinkedIn
🔉 Podcast

1