Skip to main content

Publishing to Docker Hub

At Space 48, we publish Docker images to our organisation account on Docker Hub.

Docker Hub Organisation

Our Docker images are published to the Space 48 organisation on Docker Hub:

Authentication

For CI/CD pipelines, we use workspace variables for authentication:

  • DOCKERHUB_USERNAME - Bot account username for Docker Hub
  • DOCKERHUB_PASSWORD - Bot account password/token for Docker Hub
  • DOCKERHUB_NAMESPACE - The organisation namespace (space48)

These variables are available in both Bitbucket and GitHub CI environments as workspace variables.

Publishing Process

CI/CD Publishing

The preferred method for publishing Docker images is to use a CI/CD pipeline.

Bitbucket Pipelines

Example Bitbucket pipeline file bitbucket-pipelines.yml:

image:
  name: atlassian/default-image:2

pipelines:
  branches:
    main:
      - step:
          name: Build and Push
          script:
            # Build and push image
            - VERSION="1.$BITBUCKET_BUILD_NUMBER"
            - echo ${DOCKERHUB_PASSWORD} | docker login --username "$DOCKERHUB_USERNAME" --password-stdin
            - IMAGE="$DOCKERHUB_NAMESPACE/$BITBUCKET_REPO_SLUG"
            - docker build -t ${IMAGE}:${VERSION} .
            - docker tag ${IMAGE}:${VERSION} ${IMAGE}:latest
            - docker push ${IMAGE}
            # Push tags
            - git tag -a "${VERSION}" -m "Tagging for release ${VERSION}"
            - git push origin ${VERSION}
          services:
            - docker

GitHub Actions

Example GitHub workflow file .github/workflows/docker-publish.yml:

name: Docker

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}

      - name: Build and push
        uses: docker/build-push-action@v4
        with:
          push: true
          tags: ${{ secrets.DOCKERHUB_NAMESPACE }}/your-image-name:latest

Best Practices

  1. Use Semantic Versioning: Tag your images with semantic versions (e.g., 1.0.0, 1.1.0) in addition to latest.

  2. Multi-stage Builds: Use multi-stage builds to keep your images small and secure.

  3. Documentation: Include a README in your Docker image repository with usage instructions.

  4. Security Scanning: Enable vulnerability scanning for your Docker images.

  5. Base Images: Use official, minimal base images when possible (e.g., alpine variants).

  6. Image Cleanup: Implement a policy for cleaning up old or unused images.