Docker Hub Release Workflow
The workflow builds the lind-wasm Docker image from the release stage of Dockerfile.e2e
and pushes it to Docker Hub as securesystemslab/lind-wasm
.
It is manual-only (workflow_dispatch
), so contributors must trigger it on demand.
1. Prerequisites
Requirement | Purpose |
---|---|
Write rights on this repo | lets you add secrets & trigger the workflow |
Docker Hub access-token (or password) for securesystemslab |
used by GitHub Actions to authenticate the Docker Hub image push |
Use a token, not your password:
In Docker Hub ▸ Account Settings → Security, create a Read/Write access token and rotate it regularly.
2. Add the Docker Hub secret
- GitHub repo ▸ Settings → Secrets and variables → Actions
- New repository secret
* Name:DOCKERHUB_PASSWORD
* Value: your access token - Click Add secret
The workflow references it as secrets.DOCKERHUB_PASSWORD
.
See GitHub’s guide: Using secrets in GitHub Actions.
3. Run the workflow (manual trigger)
- Open the repo’s Actions tab.
- Select Build & push lind-wasm image.
- Click Run workflow, choose a branch (defaults to
main
), then Run. - Watch the logs: you should see build → login → push succeed.
For details, check GitHub’s Manually running a workflow guide.
4. What the workflow does
- Checkout the repository code.
- Build the Docker image from the release stage of
Dockerfile.e2e
. - Login to Docker Hub with
DOCKERHUB_PASSWORD
. - Tag & push:
*securesystemslab/lind-wasm:<GIT_SHA>
– every build
*securesystemslab/lind-wasm:latest
– every build