Help with Docker Authentication for Pulls


On some of my repos, I have both CircleCI and GitHub Actions for build tests where I pull an image down that has things like base libraries, compilers, MPI, etc. for the testing. And, well, I’m still learning all this CI stuff. So recently when CircleCI informed me about the upcoming pull limits, I followed their contexts instructions and it seemed to work? Not sure.

I’d like to do the same with GitHub Actions and want to make sure I do it right. My first guess after reading the Docs was to do:

    name: Build and Test
    runs-on: ubuntu-latest
      image: gmao/ubuntu20-geos-env-mkl:6.0.16-openmpi_4.0.5-gcc_10.2.0
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Cancel Previous Runs

Or should I look at the docker-login action as I found some pages on the internet that pointed to it for GitHub Actions/Docker interactions.

Or or, even dumber question: Do I need to do this? I am a bit of a Docker newbie. I can write Dockerfiles and push to Docker Hub, and things seem to work with our CI. But I have no idea if my public images matter to this (as a lot of pages on the internet concerning this stuff seem to have “private” in a lot of places).


When you use Docker actions in the job, or set up a containers (or service containers) for a job in the workflow, the pull of all the images happens before all the steps you set up in the job. So adding the docker-login action as a step in the job will not take effect.

Here is an issue ticket I created earlier for this topic, you may get more helpful information from the discussions in this issue ticket: