GitHub Container Registry

November 3, 2022

GitHub Container Registry

GitHub has a very useful, simple, and efficient tool to manage and work with your containers. This tool is called GitHub Container Registry (GHCR). Containers can be easily published/pushed & consumed/pulled within your private repository or within your organization repository via using the GHCR tool.

I will try to mention how to use GHCR in a quick & simple way for your essential needs when you need to work with Docker container images. You can use these GHCR containers in your private repository or in your organization's repository. I try to mention generic steps on how to configure & make it run in your repository & in your local docker. For more information, you can directly check the GHCR documentation page or directly the GHCR homepage.

I will continue with an example from the Keycloak Docker container image step by step. I try to summarize how to set up a Keycloak container image using GHCR in 14 steps.

  1. Of course, you should have docker installed in your local machine.
  2. Then, log in to your GitHub account to create your Personal Access Token (PAT) that will be used with GHCR. Having a PAT is a must-have in order to use GHCR CLI or API. You may follow the link to learn how to create your PAT in minutes.
  3. Keep in mind that, while creating your PAT, you should define repo, write repository, read repository (defined with write repository automatically), and delete repository scopes for your PAT.
  4. Then, keep your PAT in a txt file or define it as an environment variable.
  5. Then, run the below command lines according to your PAT definition in your local machine in order to link your PAT with docker command usage. Use your GitHub username for “USERNAME” in the command.

Linking GHCR with Your PAT from a File; Embedded content:

Linking GHCR with Your PAT from an Environment Variable; Embedded content:

  1. Now, your docker is ready to be used with GHCR.
  2. You can now pull Keycloak latest image with the below docker command.

Embedded content:


  1. Now, it is time to run your image and turn it into a running docker container. You can use the below command line to execute the Keycloak container instance named keycloak-test to serve from 8070 port with admin/admin username/password.

Embedded content:

  1. You can reach your Keycloak instance from your browser with localhost:8070.


  1. Then, click the administration console with the username & password you gave while running your image and login to your keycloak, and update whatever you want. For instance, you may create a new realm.
  2. Now, it is time to push your container image to your package repository in GitHub via In order to do that, you need to enable improved container support for your personal account or for your organization account. Please, follow to link to see how you can enable improved container support. After enabling improved container support, you are ready to push your container image to your package repository in GitHub. First, commit your container as an image and then push this image with the below commands. Use your personal username or your organization username instead of USERNAME.

Embedded content:

  1. Voilà! Your keycloak-test container image is in your package repository.


  1. Now, you can pull your package with the below command. You can see “” is there.

Embedded content:


  1. Now, you can run your image again as I described above, do your changes in your running application, commit it again & push it again to your package repository in the same way. Also, you can assign tags while committing your containers.

I try to describe how GHCR can be used with Docker containers here. It is very easy & beneficial to use for personal usage but especially for your organizational usages or even for your projects with your mates.

So, thanks to GitHub to provide such functionality that really makes life easier for development processes & workflows. And you may directly refer to GitHub for its detailed documentation that I refer to during this article.