Skip to content

Publish Docker images to GitHub Packages (GHCR)#629

Open
mbukeRepo wants to merge 1 commit into
Blockstream:masterfrom
mbukeRepo:feat/push-images-to-ghcr
Open

Publish Docker images to GitHub Packages (GHCR)#629
mbukeRepo wants to merge 1 commit into
Blockstream:masterfrom
mbukeRepo:feat/push-images-to-ghcr

Conversation

@mbukeRepo

@mbukeRepo mbukeRepo commented Jun 18, 2026

Copy link
Copy Markdown

📦 Publish Docker images to GitHub Packages (GHCR)

This PR sets up automated Docker image publishing to the GitHub Container
Registry so that every release produces a versioned, immutable image — straight
from GitHub, with zero extra secrets to manage.

Why this is worth it

Today our images are built by GitLab CI and only ever pushed as :latest. There's
no way to pull "the image for release 1.2.3" — which makes rollbacks, reproducible
deploys, and pinning painful. This PR fixes exactly that, while leaving the existing
Docker Hub pipeline completely untouched.

What's included

  • release-docker.yml — on a published GitHub Release (or a manual run), builds
    the esplora image and pushes ghcr.io/<owner>/esplora tagged 1.2.3, 1.2, and
    latest. Manual runs accept an optional extra tag for testing.
  • base-image.yml — builds and publishes ghcr.io/<owner>/esplora-base when
    contrib/Dockerfile.base changes, or on demand. (It's a heavy build, so it only
    runs when it actually needs to.)
  • contrib/Dockerfile — adds ARG BASE_IMAGE so CI can build on top of the GHCR
    base, defaulting to blockstream/esplora-base:latest so nothing else changes.
  • README — a new "Docker images on GitHub Packages (GHCR)" section covering tags,
    usage, and setup.

🔑 One-time setup (please do this before merging-to-release)

  1. Settings → Actions → Workflow permissions → enable Read and write.
  2. After merge, run Actions → "Publish base image to GHCR" → Run workflow once
    (the release image builds FROM the GHCR base, so it needs to exist first).
  3. Publish a Release — the versioned image lands in GHCR automatically. 🎉
  4. (Optional) Flip the package visibility to public if you want anonymous pulls.

✅ Safe by design

  • Built-in GITHUB_TOKEN only — no new secrets.
  • The existing GitLab → Docker Hub pipeline is 100% unchanged.
  • amd64 only for now (fast, reliable on GitHub-hosted runners); arm64 is a one-line
    add later if we want it.

Pull it once it's live:

docker pull ghcr.io/<owner>/esplora:latest

@mbukeRepo
Add GitHub Actions workflows to publish Docker images to GHCR
c73cc74 
Publish container images to GitHub Packages (GHCR) alongside the existing
Docker Hub builds, giving us versioned, release-pinned images we don't have
today.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mbukeRepo