Switch official environment publishing to Docker Hub

README.md

@@ -42,7 +42,7 @@ Current official environments in the shipped catalog:
 - `debian:12-build`
 
 The package ships the embedded Firecracker runtime and a package-controlled environment catalog.
-Official environments are pulled as OCI artifacts from GHCR into a local cache on first use or
+Official environments are pulled as OCI artifacts from Docker Hub into a local cache on first use or
 through `pyro env pull`.
 
 ## CLI
@@ -195,10 +195,16 @@ Contributor runtime source artifacts are still maintained under `src/pyro_mcp/ru
 
 Official environment publication is automated through
 `.github/workflows/publish-environments.yml`.
-For a local publish dry run against GHCR-compatible credentials:
+For a local publish against Docker Hub:
 
 ```bash
 make runtime-materialize
-OCI_REGISTRY_USERNAME="$GITHUB_USER" OCI_REGISTRY_PASSWORD="$GITHUB_TOKEN" \
+OCI_REGISTRY_USERNAME="$DOCKERHUB_USERNAME" OCI_REGISTRY_PASSWORD="$DOCKERHUB_TOKEN" \
   make runtime-publish-official-environments-oci
 ```
+
+`make runtime-publish-environment-oci` auto-exports the OCI layout for the selected
+environment if it is missing.
+Docker Hub uploads are chunked by default for large rootfs layers; if you need to tune a slow
+link, use `PYRO_OCI_UPLOAD_TIMEOUT_SECONDS`, `PYRO_OCI_UPLOAD_CHUNK_SIZE_BYTES`, and
+`PYRO_OCI_REQUEST_TIMEOUT_SECONDS`.