GitHub Packages for Code Packages
In the previous unit, you learned how to use GitHub Actions to build and publish container images.
In this unit, we will explore other types of packages supported by GitHub Packages. GitHub Packages works with tools from your project’s ecosystem: npm for npm packages, nuget.exe or the dotnet CLI for NuGet packages, and so on.
Authenticate with GitHub Packages
The authentication method in your package manager depends on your project’s ecosystem. Regardless of the ecosystem used, you will need three things:
- Your GitHub username
- A Personal Access Token (PAT)
- The GitHub Packages URL corresponding to your package ecosystem
Generate a Personal Access Token
To install, publish, or delete a package, you need an access token. When using your package manager, you must generate a Personal Access Token (PAT). You can do this through your GitHub profile settings.
⚠️ Warning
Treat your tokens like passwords and keep them secret.
Connect to GitHub Packages
Before publishing or installing packages from GitHub Packages, you must authenticate in your package manager. The URL will look like this:
https://PACKAGE_TYPE.pkg.github.com/OWNER/REPOSITORY
where PACKAGE_TYPE is the type of package ecosystem you are using.
The following table (not included here) shows the command to authenticate with GitHub Packages based on your ecosystem:
| Package Ecosystem | Command to Authenticate |
|---|---|
| NuGet | dotnet nuget add source https://nuget.pkg.github.com/OWNER/index.json -n github -u OWNER -p [Your PAT] |
| npm | npm login --registry=https://npm.pkg.github.com |
| RubyGems | echo ":github: Bearer GH_TOKEN" >> ~/.gem/credentials |
| Maven & Gradle | Direct authentication during push |
If you want to learn more about how to use GitHub Packages with your project’s environment, you can check the documentation here (link to official documentation).
Install a Package
Once authenticated, you can easily use published packages in your projects. Each package page displays the command to run, depending on your project’s environment.
Manage Packages
GitHub Packages offers several simple ways to manage the lifecycle and workflows of your packages.
You can manage GitHub packages via the GitHub REST API and the GraphQL API. These APIs support advanced integration scenarios. For example, using GitHub’s Webhook feature, you can execute code whenever a new package is published. Imagine you are the maintainer of an open-source project: with webhooks, you could automatically publish a tweet or a blog post as soon as a new package goes live.
You can also use GitHub Actions to automate package management. For instance, with the delete-package-versions action, you can automatically delete the oldest versions of your packages when a new version is published.
