Skip to content

GitHub Action to log into a container image registry. For use with podman, buildah, and skopeo.

License

Notifications You must be signed in to change notification settings

redhat-actions/podman-login

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Repository files navigation

podman-login

CI checks Test Login and Pull Link checker

tag badge license badge size badge

Podman Login is a GitHub Action to log in to a container image registry.

After logging in, you can work with the registry as an authenticated user, performing actions such as pushing an image, or pulling a private image. On GitHub runners, the authentication will be deleted at the end of each job as the workspace is cleaned up.

Also see push-to-registry and buildah-build for related actions that can make use of this authentication.

This action only runs on Linux, as it uses podman to perform the log in. GitHub's Ubuntu action runners come with Podman preinstalled. If you are not using those runners, you must first install Podman.

Action Inputs

Input Name Description Default
registry Hostname/domain of the container image registry such as quay.io, docker.io. Must be provided
username Username to log in against the container image registry. Must be provided
password Password, encrypted password, or access token for username. Must be provided
logout By default, the action logs out of the container image registry at the end of the job (for self-hosted runners). Set this to false to disable this behaviour. true
auth_file_path Path of the authentication file, this will override the default auth file path in podman Default set in podman

Examples

The example below shows how the podman-login action can be used to log in to quay.io container image registry.

name: Log in to Quay.io
on:
  push:

env:
  REGISTRY_USER: quayuser
  IMAGE_REGISTRY: quay.io
  REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}

jobs:
  login:
    name: Log in to image registry
    runs-on: ubuntu-20.04
    steps:

      - name: Log in to Quay.io
        uses: redhat-actions/podman-login@v1
        with:
          username: ${{ env.REGISTRY_USER }}
          password: ${{ env.REGISTRY_PASSWORD }}
          registry: ${{ env.IMAGE_REGISTRY }}

  # Now you can push images, and pull private ones, from quay.io as 'quayuser'.

Logging into GitHub's container registry is just as easy:

name: Log in to ghcr.io
on:
  push:

env:
  REGISTRY_USER: ${{ github.actor }}
  REGISTRY_PASSWORD: ${{ github.token }}
  IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}

jobs:
  login:
    name: Log in to GitHub Container Registry
    runs-on: ubuntu-20.04
    steps:
      - name: Log in to ghcr.io
        uses: redhat-actions/podman-login@v1
        with:
          username: ${{ env.REGISTRY_USER }}
          password: ${{ env.REGISTRY_PASSWORD }}
          registry: ${{ env.IMAGE_REGISTRY }}

  # Now you can push images, and pull private ones, from ghcr.io.

It is also possible to login to AWS ECR repositories:

name: Log in to ECR
on:
  push:

env:
  REGISTRY_USER: ${{ secrets.AWS_ACCESS_KEY_ID }}
  REGISTRY_PASSWORD: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
  IMAGE_REGISTRY: 123456789012.dkr.ecr.eu-west-1.amazonaws.com

jobs:
  login:
    name: Log in to AWS ECR Registry
    runs-on: ubuntu-20.04
    steps:
      - name: Log in to AWS ECR
        uses: redhat-actions/podman-login@v1
        with:
          username: ${{ env.REGISTRY_USER }}
          password: ${{ env.REGISTRY_PASSWORD }}
          registry: ${{ env.IMAGE_REGISTRY }}

  # Now you can push images, and pull private ones, from ECR.

Refer to the GitHub documentation for information about the github context object.