coilyco-flight-deck/eco-jobs-tracker
1
0
Fork 0
Code Issues 9 Pull requests Projects Releases Packages Wiki Activity Actions

push ghcr.io/coilysiren/eco-spec-tracker/coilysiren-eco-spec-tracker to Docker Hub as a mirror #9

New issue
Open
opened 2026-05-26 05:20:15 +00:00 by coilysiren · 0 comments
coilysiren commented 2026-05-26 05:20:15 +00:00
Owner
Copy link

Problem

We currently push the coilysiren-eco-spec-tracker image (workflow still uses the pre-rename path) to ghcr.io only. Add a parallel docker push to Docker Hub under the same short ref (docker.io/coilysiren/<image>) so the image resolves for pulls without a ghcr login.

Notes

  • Mirror, not source of truth. The load-bearing image registry is the k3s nodes' local pulled-image state on kai-server. ghcr.io stays primary; Docker Hub is a courtesy mirror.
  • Auth: Docker Hub PAT for the coilysiren user lives at /coilysiren/dockerhub/access-token (SSM SecureString). docker login -u coilysiren --password-stdin in CI, never ~/.docker/config.json plaintext.
  • Pattern: add docker.io/coilysiren/<image> alongside the existing ghcr.io/coilysiren/<image> tag in the build-and-publish workflow. Tag and push both refs with the same SHA pin.
  • lunch-money-k8s already does this. Crib from coilysiren/lunch-money-k8s/.github/workflows/docker.yml.

Pre-reqs

  • GitHub Actions secrets DOCKERHUB_USERNAME=coilysiren and DOCKERHUB_TOKEN=<value from SSM> on this repo.
**Problem** We currently push the coilysiren-eco-spec-tracker image (workflow still uses the pre-rename path) to ghcr.io only. Add a parallel `docker push` to Docker Hub under the same short ref (`docker.io/coilysiren/<image>`) so the image resolves for pulls without a ghcr login. **Notes** - Mirror, not source of truth. The load-bearing image registry is the k3s nodes' local pulled-image state on `kai-server`. ghcr.io stays primary; Docker Hub is a courtesy mirror. - Auth: Docker Hub PAT for the `coilysiren` user lives at `/coilysiren/dockerhub/access-token` (SSM SecureString). `docker login -u coilysiren --password-stdin` in CI, never `~/.docker/config.json` plaintext. - Pattern: add `docker.io/coilysiren/<image>` alongside the existing `ghcr.io/coilysiren/<image>` tag in the build-and-publish workflow. Tag and push both refs with the same SHA pin. - `lunch-money-k8s` already does this. Crib from `coilysiren/lunch-money-k8s/.github/workflows/docker.yml`. **Pre-reqs** - GitHub Actions secrets `DOCKERHUB_USERNAME=coilysiren` and `DOCKERHUB_TOKEN=<value from SSM>` on this repo.
coilysiren added
P4
 and removed
P3
 labels 2026-05-31 07:00:18 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
No results found.
Labels
Clear labels
  
P0
now / blocking / urgent

  
P1
next / important

  
P2
backlog / will do

  
P3
someday / low

  
P4
icebox / frozen / reopen if it becomes real

No labels
P0
P1
P2
P3
P4
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
coilyco-flight-deck/eco-jobs-tracker#9
No description provided.