Hey everyone! I recently set up a GitHub build action that pushes images to the packages section of my repo, and I'm currently managing my Docker stacks using Portainer on an internal network. I'm planning to use Cloudflare to securely trigger Portainer updates via webhook from GitHub. However, I'm stuck on how to effectively tag my Docker images so my two environments—development and production—know which images to pull. The images are currently located in the packages section of GitHub, and I'm using Docker Compose to structure my stacks. What's the best approach for tagging these images?
2 Answers
Check out this GitHub repo: [DevOps-Learn-By-Doing](https://github.com/dth99/DevOps-Learn-By-Doing). It has a ton of free labs and projects related to DevOps that can really help you understand the process better.
When it comes to tagging Docker images, I'd say start from the basics:
1. Avoid using the `:latest` tag whenever possible to prevent unexpected updates.
2. A good practice is to tag using Git SHA, which is unique for every commit.
3. You might also consider a timestamp tag (like `20250607161523`).
4. For more control, use semantic versioning (like `v1.2.3`). This allows you to easily manage different versions for staging and production.
In your case, you can set your Docker Compose files to specify these version tags to ensure consistent and expected behavior when deploying.
Totally with you on semantic versioning—it’s super easy if you tie it to your package version. Just tag your Docker image with the version output from your package manager.
I completely agree! Using `latest` has caused us many headaches. Just last week, one of our guys tagged a container as `latest` and it caused a bunch of failures. It's so much safer to use specific tags.