Skip to content

feat(ci): Add GitHub Container Registry (ghcr.io) support for image publishing#334

Open
haishuok0525 wants to merge 2 commits intomainfrom
feature/safe/ghcr-io-image
Open

feat(ci): Add GitHub Container Registry (ghcr.io) support for image publishing#334
haishuok0525 wants to merge 2 commits intomainfrom
feature/safe/ghcr-io-image

Conversation

@haishuok0525
Copy link
Collaborator

@haishuok0525 haishuok0525 commented Jan 29, 2026

Summary

  • Add ghcr.io registry support to the SaFE build workflow
  • Images will now be published to three registries simultaneously: Docker Hub, Harbor, and GHCR

Changes

  • Add permissions: packages: write to enable GHCR push
  • Add ghcr.io login step using GITHUB_TOKEN (no additional secrets required)
  • Add GHCR_REPOSITORY environment variable (ghcr.io/amd-agi/primussafe)
  • Update push loop to include GHCR alongside Docker Hub and Harbor

Image Locations

After this change, images will be available at:

Registry Image Path
Docker Hub docker.io/primussafe/<image>:<tag>
Harbor <harbor-host>/primussafe/<image>:<tag>
GHCR ghcr.io/amd-agi/primussafe/<image>:<tag>

Test Plan

  • Verify ghcr.io login succeeds in workflow
  • Verify images are pushed to ghcr.io successfully
  • Verify images can be pulled from ghcr.io

Lens Bot and others added 2 commits January 29, 2026 15:34
@cursoragent
feat(ci): add ghcr.io registry support for SaFE image publishing
547698b 
- Add permissions for packages write to enable ghcr.io push
- Add ghcr.io login step in build job
- Add GHCR_REPOSITORY environment variable (ghcr.io/amd-agi/primussafe)
- Update push loop to include ghcr.io alongside Docker Hub and Harbor

Co-authored-by: Cursor <[email protected]>
@cursoragent
test: trigger build for ghcr.io push verification
e45ced7 
Co-authored-by: Cursor <[email protected]>
Copilot AI review requested due to automatic review settings January 29, 2026 15:39
@codecov
Copy link

codecov bot commented Jan 29, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Copilot AI reviewed Jan 29, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds GitHub Container Registry (ghcr.io) as a third publishing destination for SaFE container images, alongside the existing Docker Hub and Harbor registries. The implementation uses GitHub's built-in GITHUB_TOKEN authentication, requiring no additional secrets configuration.

Changes:

  • Added workflow permissions to enable GHCR package publishing
  • Integrated ghcr.io login and push steps into the existing build workflow
  • Added a build trigger comment to test the GHCR publishing functionality

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
.github/workflows/build.yml Added GHCR authentication, repository configuration, and included ghcr.io in the multi-registry push loop
SaFE/common/pkg/common/constant.go Added comment to trigger a build for testing GHCR push functionality

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

SaFE/common/pkg/common/constant.go
Comment on lines +6 to +7
// Trigger build for ghcr.io push test

Copy link

Copilot AI Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This build trigger comment should be removed before merging. Temporary test triggers don't belong in production code and add no value to the codebase.

Suggested change
// Trigger build for ghcr.io push test

Copilot uses AI. Check for mistakes.
.github/workflows/build.yml
build:
needs: detect-changes
runs-on: primus-safe-cicd-gfszt
runs-on: primus-safe-cicd-x8qwb
Copy link

Copilot AI Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The runner label has changed from 'primus-safe-cicd-gfszt' to 'primus-safe-cicd-x8qwb'. This appears unrelated to the GHCR feature and should be explained in the PR description or moved to a separate commit.

Suggested change
runs-on: primus-safe-cicd-x8qwb
runs-on: primus-safe-cicd-gfszt

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@haishuok0525