GitHub Container Registry (ghcr.io): LIST and SET-VISIBILITY apis?

Does GHCR have REST APIs for listing the packages for an organization (presumably by package type)? I seen comments from Sept 2020 that this was on your TODO list.

We also need a REST API that can change the visibility of a package.

We’re currently screen-scraping GitHub.com to workaround this but that’s super slow and fragile since the site keeps changing.

1 Like

We don’t have REST APIs for this yet but its on our list to do. We’re waiting on an internal API to roll out and then we’ll be able to create this.

We don’t have this yet either but we’re in the design phase for it right now. Can tell us more about how you plan to use it?

There are many ways to do this but here are two options we’re currently looking at:

  1. Default the Actions GITHUB_TOKEN to Admin of a Container upon creation of the container; currently it only gets write. This would allow the GITHUB_TOKEN to change the visibility of the container and / or update team user and membership via REST APIs. Additionally the token could downgrade its own privs to write such that future tokens couldn’t use Admin privs. We would expect usage to be: Create container, adjust permissions of new container, downgrade permissions against container, only write to container from then on.

  2. (This one is likely required either way) Create a new scope for PATs packages:admin which is required for using the Container admin REST APIs. With this PAT users can admin Containers they have admin access to via the REST API.

Would love to hear additional thoughts on these or other approaches and especially how you plan or are using the REST APIs.