THE other day I got an email from GitHub informing me that I was granted access to GitHub Packages feature. It was the news I had been waiting for a while as I saw they started beta testing months ago. I really love the way GitHub aggregates code-related services inside the platform. Just imagine that you don’t need to think about where to store your libraries, Docker images, and other stuff! It can save tons of time, especially for small teams and pet projects. You just spend a few hours to set it up and then enjoy smooth cicd process. As you can see, I was super excited to have an access and decided to dive into this feature asap.
At Setronica we follow so-called Ecommerce-Driven-Development, which means that we trying to push e-commerce to the next level. Digital document exchange, marketplaces, complicated workflows — all these things lay on serious requirements on whole platform. We develop zero downtime, fault-tolerant, stable infrastructure in form of Kubernetes cluster. Backend components written in Java and NodeJS, frontend applications — React and Angular-based bundles run and create big platform which connects companies all around the world. We run hundreds of microservices in AWS cloud, so as you can see — GitHub packages might be the feature we can switch to, instead of supporting our internal registries.
In fact, GitHub Packages support different kinds of projects, for instance npm NodeJS packages (sick!), Ruby gem, Maven projects, NuGet packages for .NET and Docker registry. I believe this list will be expanded in the near future but now it already covers most interesting project types. In this article I want to cover npm and docker registries since I am doing frontend awesomeness and these two are the things I use every day.
Oh, one more thing. I found it really awesome: private packages for private repositories. Woah! You can play around with your small private pet project and nobody would know you became a master in making GitHub infrastructure work on 100%.
Hooray, let’s do this!
GitHub Tokens and Scopes
First things first. Let’s talk a bit about security.
We are going to publish our private packages. So you want to know how to access it outside, right? Instead of using your…