ci(docker): auto-detect Docker Hub credentials for dual-registry publish#220
Open
parth0025 wants to merge 1 commit into
Open
ci(docker): auto-detect Docker Hub credentials for dual-registry publish#220parth0025 wants to merge 1 commit into
parth0025 wants to merge 1 commit into
Conversation
Adds optional Docker Hub publishing alongside GHCR. The workflow
detects DOCKERHUB_USERNAME at runtime and conditionally logs in to
docker.io and adds the docker.io image to the metadata image list.
Designed to merge BEFORE the official Docker Hub account exists:
- If the secrets are absent, the workflow runs exactly as today
(GHCR only) β the Docker Hub login + image line are skipped.
- Once DOCKERHUB_USERNAME and DOCKERHUB_TOKEN secrets are added,
the next run auto-detects them and publishes to both registries.
Namespace is account-name-agnostic:
- Defaults to `alianhub` β docker.io/alianhub/alianhub
- Override with the repo VARIABLE DOCKERHUB_NAMESPACE if the
official account/org lands on a different name, or when a
personal login pushes into a brand org (e.g. login=rasheshmak,
namespace=alianhub). No code change needed for either case.
Implementation:
- "Detect Docker Hub credentials" step emits enabled + namespace
outputs
- Conditional `if:` on the Docker Hub login step
- format() expression in the metadata images list, resolving to
an empty line when disabled (silently dropped by the action)
GHCR publishing is unchanged and remains the always-on default.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the βοΈ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
β¨ Finishing Touchesπ§ͺ Generate unit tests (beta)
Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds optional Docker Hub publishing alongside the existing GHCR publishing. The workflow auto-detects whether Docker Hub credentials are configured and adapts at runtime β so this PR can merge now, before the official Docker Hub account exists, and start working the moment the secrets are added later.
Why merge before the account is ready
The team will set up an official Docker Hub account later. Rather than leave commented-out code that needs editing in three places when that happens, this workflow:
DOCKERHUB_USERNAMEon each run and, when present, publishes to Docker Hub tooHow it behaves
Namespace is account-name-agnostic
The image namespace defaults to
alianhub(docker.io/alianhub/alianhub) but is overridable without editing the workflow, via the repo variableDOCKERHUB_NAMESPACE:alianhubDOCKERHUB_USERNAME=alianhub+ token. Namespace defaults toalianhubβaliansoftware)DOCKERHUB_USERNAME=aliansoftware+ token + set variableDOCKERHUB_NAMESPACE=aliansoftwareDOCKERHUB_USERNAME=<personal-login>+ token +DOCKERHUB_NAMESPACE=alianhubThis covers every account shape without a future code edit.
Files changed (1)
.github/workflows/docker.ymlenabled+namespaceoutputs); conditional Docker Hub login step;format()expression in metadataimages:list; updated header docsDiff:
+54 / -16.What you (the team) do when the official account is ready
alianhub) add the variable:workflow_dispatchon the Docker workflow (or wait for the next release) β image publishes to Docker HubTest plan
workflow_dispatchβ workflow logs "will publish to docker.io//alianhub", both registries get the imagelatest, version tags,edge,main-<sha>as before)Compatibility
β GHCR publishing path is unchanged β still the always-on default
β No new required secrets β Docker Hub is purely additive and optional
β No conflict with other files β touches only
.github/workflows/docker.ymlπ€ Generated with Claude Code