{"id":13479029,"url":"https://github.com/docker/login-action","last_synced_at":"2025-05-11T05:45:56.207Z","repository":{"id":37103748,"uuid":"287743349","full_name":"docker/login-action","owner":"docker","description":"GitHub Action to login against a Docker registry","archived":false,"fork":false,"pushed_at":"2025-04-25T05:27:23.000Z","size":23978,"stargazers_count":1212,"open_issues_count":16,"forks_count":227,"subscribers_count":19,"default_branch":"master","last_synced_at":"2025-05-11T05:45:48.096Z","etag":null,"topics":["aws-ecr","azure","docker","docker-registry","dockerhub","ecr-registry","gcr-registry","github-actions","github-actions-docker","gitlab-registry","google-container-registry","login","registry"],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/docker-login","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/docker.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-08-15T12:35:08.000Z","updated_at":"2025-05-11T01:50:29.000Z","dependencies_parsed_at":"2023-01-11T17:21:12.361Z","dependency_job_id":"b3350cd8-58df-4a8c-9a4e-33f47ede7d8b","html_url":"https://github.com/docker/login-action","commit_stats":{"total_commits":264,"total_committers":14,"mean_commits":"18.857142857142858","dds":"0.35984848484848486","last_synced_commit":"7ca345011ac4304463197fac0e56eab1bc7e6af0"},"previous_names":[],"tags_count":30,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Flogin-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Flogin-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Flogin-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Flogin-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/docker","download_url":"https://codeload.github.com/docker/login-action/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253523720,"owners_count":21921818,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws-ecr","azure","docker","docker-registry","dockerhub","ecr-registry","gcr-registry","github-actions","github-actions-docker","gitlab-registry","google-container-registry","login","registry"],"created_at":"2024-07-31T16:02:07.987Z","updated_at":"2025-05-11T05:45:56.180Z","avatar_url":"https://github.com/docker.png","language":"TypeScript","funding_links":[],"categories":["TypeScript","📖 Category Details"],"sub_categories":["**19. Package \u0026 Library Publishing**"],"readme":"[![GitHub release](https://img.shields.io/github/release/docker/login-action.svg?style=flat-square)](https://github.com/docker/login-action/releases/latest)\n[![GitHub marketplace](https://img.shields.io/badge/marketplace-docker--login-blue?logo=github\u0026style=flat-square)](https://github.com/marketplace/actions/docker-login)\n[![CI workflow](https://img.shields.io/github/actions/workflow/status/docker/login-action/ci.yml?branch=master\u0026label=ci\u0026logo=github\u0026style=flat-square)](https://github.com/docker/login-action/actions?workflow=ci)\n[![Test workflow](https://img.shields.io/github/actions/workflow/status/docker/login-action/test.yml?branch=master\u0026label=test\u0026logo=github\u0026style=flat-square)](https://github.com/docker/login-action/actions?workflow=test)\n[![Codecov](https://img.shields.io/codecov/c/github/docker/login-action?logo=codecov\u0026style=flat-square)](https://codecov.io/gh/docker/login-action)\n\n## About\n\nGitHub Action to login against a Docker registry.\n\n![Screenshot](.github/docker-login.png)\n\n___\n\n* [Usage](#usage)\n * [Docker Hub](#docker-hub)\n * [GitHub Container Registry](#github-container-registry)\n * [GitLab](#gitlab)\n * [Azure Container Registry (ACR)](#azure-container-registry-acr)\n * [Google Container Registry (GCR)](#google-container-registry-gcr)\n * [Google Artifact Registry (GAR)](#google-artifact-registry-gar)\n * [AWS Elastic Container Registry (ECR)](#aws-elastic-container-registry-ecr)\n * [AWS Public Elastic Container Registry (ECR)](#aws-public-elastic-container-registry-ecr)\n * [OCI Oracle Cloud Infrastructure Registry (OCIR)](#oci-oracle-cloud-infrastructure-registry-ocir)\n * [Quay.io](#quayio)\n * [DigitalOcean](#digitalocean-container-registry)\n* [Customizing](#customizing)\n * [inputs](#inputs)\n* [Contributing](#contributing)\n\n## Usage\n\n### Docker Hub\n\nWhen authenticating to [Docker Hub](https://hub.docker.com) with GitHub Actions,\nuse a [personal access token](https://docs.docker.com/docker-hub/access-tokens/).\nDon't use your account password.\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to Docker Hub\n uses: docker/login-action@v3\n with:\n username: ${{ vars.DOCKERHUB_USERNAME }}\n password: ${{ secrets.DOCKERHUB_TOKEN }}\n```\n\n### GitHub Container Registry\n\nTo authenticate to the [GitHub Container Registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry),\nuse the [`GITHUB_TOKEN`](https://docs.github.com/en/actions/reference/authentication-in-a-workflow)\nsecret.\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to GitHub Container Registry\n uses: docker/login-action@v3\n with:\n registry: ghcr.io\n username: ${{ github.actor }}\n password: ${{ secrets.GITHUB_TOKEN }}\n```\n\nYou may need to [manage write and read access of GitHub Actions](https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-ghcrio)\nfor repositories in the container settings.\n\nYou can also use a [personal access token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token)\nwith the [appropriate scopes](https://docs.github.com/en/packages/getting-started-with-github-container-registry/migrating-to-github-container-registry-for-docker-images#authenticating-with-the-container-registry).\n\n### GitLab\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to GitLab\n uses: docker/login-action@v3\n with:\n registry: registry.gitlab.com\n username: ${{ vars.GITLAB_USERNAME }}\n password: ${{ secrets.GITLAB_PASSWORD }}\n```\n\nIf you have [Two-Factor Authentication](https://gitlab.com/help/user/profile/account/two_factor_authentication)\nenabled, use a [Personal Access Token](https://gitlab.com/help/user/profile/personal_access_tokens)\ninstead of a password.\n\n### Azure Container Registry (ACR)\n\n[Create a service principal](https://docs.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal#create-a-service-principal)\nwith access to your container registry through the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)\nand take note of the generated service principal's ID (also called _client ID_)\nand password (also called _client secret_).\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to ACR\n uses: docker/login-action@v3\n with:\n registry: \u003cregistry-name\u003e.azurecr.io\n username: ${{ vars.AZURE_CLIENT_ID }}\n password: ${{ secrets.AZURE_CLIENT_SECRET }}\n```\n\n\u003e Replace `\u003cregistry-name\u003e` with the name of your registry.\n\n### Google Container Registry (GCR)\n\n\u003e [Google Artifact Registry](#google-artifact-registry-gar) is the evolution of\n\u003e Google Container Registry. As a fully-managed service with support for both\n\u003e container images and non-container artifacts. If you currently use Google\n\u003e Container Registry, use the information [on this page](https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr)\n\u003e to learn about transitioning to Google Artifact Registry. \n\nYou can authenticate with workload identity federation or a service account.\n\n#### Workload identity federation\n\nConfigure the workload identity federation for GitHub Actions in Google Cloud,\n[see here](https://github.com/google-github-actions/auth#setting-up-workload-identity-federation).\nYour service account must have permission to push to GCR. Use the\n`google-github-actions/auth` action to authenticate using workload identity as\nshown in the following example:\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Authenticate to Google Cloud\n id: auth\n uses: google-github-actions/auth@v1\n with:\n token_format: access_token\n workload_identity_provider: \u003cworkload_identity_provider\u003e\n service_account: \u003cservice_account\u003e\n -\n name: Login to GCR\n uses: docker/login-action@v3\n with:\n registry: gcr.io\n username: oauth2accesstoken\n password: ${{ steps.auth.outputs.access_token }}\n```\n\n\u003e Replace `\u003cworkload_identity_provider\u003e` with configured workload identity\n\u003e provider. For steps to configure, [see here](https://github.com/google-github-actions/auth#setting-up-workload-identity-federation).\n\n\u003e Replace `\u003cservice_account\u003e` with configured service account in workload\n\u003e identity provider which has access to push to GCR\n\n#### Service account based authentication\n\nUse a service account with permission to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control).\nDownload the key for the service account as a JSON file. Save the contents of\nthe file [as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)\nnamed `GCR_JSON_KEY` in your GitHub repository. Set the username to `_json_key`.\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to GCR\n uses: docker/login-action@v3\n with:\n registry: gcr.io\n username: _json_key\n password: ${{ secrets.GCR_JSON_KEY }}\n```\n\n### Google Artifact Registry (GAR)\n\nYou can authenticate with workload identity federation or a service account.\n\n#### Workload identity federation\n\nYour service account must have permission to push to GAR. Use the\n`google-github-actions/auth` action to authenticate using workload identity as\nshown in the following example:\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Authenticate to Google Cloud\n id: auth\n uses: google-github-actions/auth@v1\n with:\n token_format: access_token\n workload_identity_provider: \u003cworkload_identity_provider\u003e\n service_account: \u003cservice_account\u003e\n -\n name: Login to GAR\n uses: docker/login-action@v3\n with:\n registry: \u003clocation\u003e-docker.pkg.dev\n username: oauth2accesstoken\n password: ${{ steps.auth.outputs.access_token }}\n```\n\n\u003e Replace `\u003cworkload_identity_provider\u003e` with configured workload identity\n\u003e provider\n\n\u003e Replace `\u003cservice_account\u003e` with configured service account in workload\n\u003e identity provider which has access to push to GCR\n\n\u003e Replace `\u003clocation\u003e` with the regional or multi-regional [location](https://cloud.google.com/artifact-registry/docs/repo-organize#locations)\n\u003e of the repository where the image is stored.\n\n#### Service account based authentication\n\nUse a service account with permission to push to GAR and [configure access control](https://cloud.google.com/artifact-registry/docs/access-control).\nDownload the key for the service account as a JSON file. Save the contents of\nthe file [as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)\nnamed `GAR_JSON_KEY` in your GitHub repository. Set the username to `_json_key`,\nor `_json_key_base64` if you use a base64-encoded key.\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to GAR\n uses: docker/login-action@v3\n with:\n registry: \u003clocation\u003e-docker.pkg.dev\n username: _json_key\n password: ${{ secrets.GAR_JSON_KEY }}\n```\n\n\u003e Replace `\u003clocation\u003e` with the regional or multi-regional [location](https://cloud.google.com/artifact-registry/docs/repo-organize#locations)\n\u003e of the repository where the image is stored.\n\n### AWS Elastic Container Registry (ECR)\n\nUse an IAM user with the ability to [push to ECR with `AmazonEC2ContainerRegistryPowerUser` managed policy for example](https://docs.aws.amazon.com/AmazonECR/latest/userguide/security-iam-awsmanpol.html#security-iam-awsmanpol-AmazonEC2ContainerRegistryPowerUser).\nDownload the access keys and save them as `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` [as secrets](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)\nin your GitHub repo.\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to ECR\n uses: docker/login-action@v3\n with:\n registry: \u003caws-account-number\u003e.dkr.ecr.\u003cregion\u003e.amazonaws.com\n username: ${{ vars.AWS_ACCESS_KEY_ID }}\n password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n```\n\nIf you need to log in to Amazon ECR registries associated with other accounts,\nyou can use the `AWS_ACCOUNT_IDS` environment variable:\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to ECR\n uses: docker/login-action@v3\n with:\n registry: \u003caws-account-number\u003e.dkr.ecr.\u003cregion\u003e.amazonaws.com\n username: ${{ vars.AWS_ACCESS_KEY_ID }}\n password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n env:\n AWS_ACCOUNT_IDS: 012345678910,023456789012\n```\n\n\u003e Only available with [AWS CLI version 1](https://docs.aws.amazon.com/cli/latest/reference/ecr/get-login.html)\n\nYou can also use the [Configure AWS Credentials](https://github.com/aws-actions/configure-aws-credentials)\naction in combination with this action:\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Configure AWS Credentials\n uses: aws-actions/configure-aws-credentials@v4\n with:\n aws-access-key-id: ${{ vars.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: \u003cregion\u003e\n -\n name: Login to ECR\n uses: docker/login-action@v3\n with:\n registry: \u003caws-account-number\u003e.dkr.ecr.\u003cregion\u003e.amazonaws.com\n```\n\n\u003e Replace `\u003caws-account-number\u003e` and `\u003cregion\u003e` with their respective values.\n\n### AWS Public Elastic Container Registry (ECR)\n\nUse an IAM user with permission to push to ECR Public, for example using [managed policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/security-iam-awsmanpol.html#security-iam-awsmanpol-AmazonEC2ContainerRegistryPowerUser).\nDownload the access keys and save them as `AWS_ACCESS_KEY_ID` and\n`AWS_SECRET_ACCESS_KEY` [secrets](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)\nin your GitHub repository.\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to Public ECR\n uses: docker/login-action@v3\n with:\n registry: public.ecr.aws\n username: ${{ vars.AWS_ACCESS_KEY_ID }}\n password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n env:\n AWS_REGION: \u003cregion\u003e\n```\n\n\u003e Replace `\u003cregion\u003e` with its respective value (default `us-east-1`).\n\n### OCI Oracle Cloud Infrastructure Registry (OCIR)\n\nTo push into OCIR in specific tenancy the [username](https://www.oracle.com/webfolder/technetwork/tutorials/obe/oci/registry/index.html#LogintoOracleCloudInfrastructureRegistryfromtheDockerCLI)\nmust be placed in format `\u003ctenancy\u003e/\u003cusername\u003e` (in case of federated tenancy use the format\n`\u003ctenancy-namespace\u003e/oracleidentitycloudservice/\u003cusername\u003e`).\n\nFor password [create an auth token](https://www.oracle.com/webfolder/technetwork/tutorials/obe/oci/registry/index.html#GetanAuthToken).\nSave username and token [as a secrets](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)\nin your GitHub repo. \n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to OCIR\n uses: docker/login-action@v3\n with:\n registry: \u003cregion\u003e.ocir.io\n username: ${{ vars.OCI_USERNAME }}\n password: ${{ secrets.OCI_TOKEN }}\n```\n\n\u003e Replace `\u003cregion\u003e` with their respective values from [availability regions](https://docs.cloud.oracle.com/iaas/Content/Registry/Concepts/registryprerequisites.htm#Availab)\n\n### Quay.io\n\nUse a [Robot account](https://docs.quay.io/glossary/robot-accounts.html) with\npermission to push to a Quay.io repository.\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to Quay.io\n uses: docker/login-action@v3\n with:\n registry: quay.io\n username: ${{ vars.QUAY_USERNAME }}\n password: ${{ secrets.QUAY_ROBOT_TOKEN }}\n```\n\n### DigitalOcean Container Registry\n\nUse your DigitalOcean registered email address and an API access token to authenticate.\n\n```yaml\nname: ci\n\non:\n push:\n branches: main\n\njobs:\n login:\n runs-on: ubuntu-latest\n steps:\n -\n name: Login to DigitalOcean Container Registry\n uses: docker/login-action@v3\n with:\n registry: registry.digitalocean.com\n username: ${{ vars.DIGITALOCEAN_USERNAME }}\n password: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}\n```\n\n## Customizing\n\n### inputs\n\nThe following inputs can be used as `step.with` keys:\n\n| Name | Type | Default | Description |\n|------------|--------|---------|-------------------------------------------------------------------------------|\n| `registry` | String | | Server address of Docker registry. If not set then will default to Docker Hub |\n| `username` | String | | Username for authenticating to the Docker registry |\n| `password` | String | | Password or personal access token for authenticating the Docker registry |\n| `ecr` | String | `auto` | Specifies whether the given registry is ECR (`auto`, `true` or `false`) |\n| `logout` | Bool | `true` | Log out from the Docker registry at the end of a job |\n\n## Contributing\n\nWant to contribute? Awesome! You can find information about contributing to\nthis project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdocker%2Flogin-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdocker%2Flogin-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdocker%2Flogin-action/lists"}