GitHub Actions Certification
Continuous Integration with GitHub Actions
GitHub Packages
Imagine your organization has multiple teams working on projects in Node.js, Ruby, .NET, Java—and running Docker containers. Each team uses GitHub Actions to build, package, and publish artifacts to external registries like npm Registry, RubyGems, Maven, Docker Hub, and NuGet. Managing credentials for all these services can quickly become a headache.
By consolidating your packages into a single registry—GitHub Packages—you streamline authentication, governance, and version control. Publish and consume packages alongside your code without juggling multiple credentials.
What Is GitHub Packages?
GitHub Packages is a native package hosting service that lives alongside your repositories. It supports multiple ecosystems, provides fine-grained access control, and integrates directly with GitHub Actions to automate your CI/CD pipelines.
Supported Ecosystems
GitHub Packages works with all major package managers and container registries:
Ecosystem | Registry URL | Example Manager Action |
---|---|---|
JavaScript | https://npm.pkg.github.com/ | actions/setup-node@v3 |
Ruby | https://rubygems.pkg.github.com/ | ruby/setup-ruby@v1 |
Java (Maven) | https://maven.pkg.github.com/OWNER/REPO | actions/setup-java@v3 |
Java (Gradle) | same as Maven | gradle config in build.gradle |
Docker | ghcr.io | docker/login-action@v2 |
.NET (NuGet) | https://nuget.pkg.github.com/OWNER/index.json | actions/setup-dotnet@v2 |
Why Use GitHub Packages?
- Centralized management
Keep code, CI/CD workflows, and packages in one place for consistent versioning. - Secure distribution
Leverage private packages or granular access controls tied to your GitHub org. - Streamlined workflows
Publish & consume packages in the same Actions workflow—no external credentials needed.
Integration with GitHub Actions
GitHub Actions automates build, test, and publish steps to your GitHub Packages registry. Each package manager exposes a unique endpoint:
Example Workflows
Publish an npm Package
# .github/workflows/publish-npm.yml
name: Publish npm Package
on:
push:
branches: [ main ]
jobs:
build-and-publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: '16'
registry-url: 'https://npm.pkg.github.com/'
- name: Publish to GitHub Packages
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Build and Push a Docker Image
# .github/workflows/docker-publish.yml
name: Build and Push Docker Image
on:
push:
tags: [ 'v*' ]
jobs:
docker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Log in to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Push
run: |
docker build -t ghcr.io/${{ github.repository }}/my-app:latest .
docker push ghcr.io/${{ github.repository }}/my-app:latest
Deploy a Maven Artifact
# .github/workflows/maven-deploy.yml
name: Publish Maven Artifacts
on:
push:
tags: [ 'v*' ]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Java
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
server-id: github
settings-path: ${{ github.workspace }}
- name: Deploy to GitHub Packages
run: mvn deploy
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Push a .NET NuGet Package
# .github/workflows/nuget-publish.yml
name: Publish NuGet Package
on:
push:
branches: [ main ]
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up .NET
uses: actions/setup-dotnet@v2
with:
dotnet-version: '6.x'
- name: Push to GitHub Packages
run: |
dotnet nuget push MyPackage.nupkg \
--api-key ${{ secrets.GITHUB_TOKEN }} \
--source "https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json"
Authentication
All of these workflows rely on the built-in GITHUB_TOKEN
. This secret is automatically created for each workflow run and scoped to the repository:
- Grants read/write access to GitHub Packages.
- Requires no extra setup or manual credential management.
- Automatically expires when the workflow completes.
Note
If you need to publish packages across multiple repositories or organizations, consider using a Personal Access Token (PAT) with the appropriate scopes.
Links and References
- GitHub Packages Documentation
- GitHub Actions Documentation
- npm Registry
- RubyGems
- Apache Maven
- Docker Hub
- NuGet Gallery
Watch Video
Watch video content