DEV Community

Cover image for Build and Deploy Images on AWS ECR Using Github Workflow Action
Kenechukwu Josiah
Kenechukwu Josiah

Posted on

Build and Deploy Images on AWS ECR Using Github Workflow Action

In this article, I'll guide you on deploying container images to AWS ECR using the GitHub workflow action. You don't have to possess advanced expertise in DevOps or AWS; a basic understanding of GitHub, AWS cli, and container building (docker) is all that's required. That being said, let's get started.

Steps

  • Setup a github repo and push code to repo
  • Configure AWS Cli
  • Create an ECR Repo
  • Add a Github Secret
  • Setup Github Workflow
  • Test 🥳🥳

Step 1: Setup a github repo and push code to the repo:

I will be using a mini Python project for demonstration. Feel free to either pull the existing project or create your own, ensure that Docker is initialized and configured.

Step 2: Configure AWS Cli

Ensure that you have set up AWS CLI on your local machine. Please note that configuring AWS is necessary to create our ECR repository directly from the terminal.

configure aws credential

Running the command aws configure will prompt you to input your AWS Access Key ID, AWS Secret Access Key, and region.

Step 3: Create ECR Repo



aws ecr create-repository \
    --repository-name demo-repository \
    --region us-east-1


Enter fullscreen mode Exit fullscreen mode

You should get a response like this



{
"repository": {
"repositoryArn": "arn:aws:ecr:us-east-1:782020064947:repository/demo-repository",
"registryId": "782020064947",
"repositoryName": "demo-repository",
"repositoryUri": "782020064947.dkr.ecr.us-east-1.amazonaws.com/demo-repository",
"createdAt": "2024-01-30T20:02:18.973000+01:00",
"imageTagMutability": "MUTABLE",
"imageScanningConfiguration": {
"scanOnPush": false
},
"encryptionConfiguration": {
"encryptionType": "AES256"
}
}
}

Enter fullscreen mode Exit fullscreen mode




Step 4: Add Github Secret

Go to the settings of your GitHub repository and input your AWS keys. Trust me, it's crucial to keep them confidential and not expose them for security reasons! 😁

Gihub secret image

Step 5: Setup Github Workflow

In this step, you are required to create a .github/workflows directory in the main working project folder. Subsequently, create a yaml file within this directory where we will define our workflow for deploying to AWS ECR. I called mine docker-ecr-workflow.yaml.

This workflow gets triggered each time there's a pull request to the main branch and can also be manually triggered. It comprises two jobs, namely "test" and "build." Within the "build" job, there are four steps designed to handle code checkout, AWS credential configuration, logging into ECR, and building or pushing our Docker image. Do well to customize the workflow to suite your need.

Ensure that your IAM user account has the required ECR policy attached; otherwise, you won't be able to proceed.



name: Docker Image ECR Deployment

on:
workflow_dispatch:
pull_request:
branches:
- main

env:
PYTHON_VERSION: "3.9"

jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Test Code
run: echo "Testing done....."

build:
runs-on: ubuntu-latest
continue-on-error: false
steps:
- name: Checkout code
uses: actions/checkout@v3

  - name: Configure AWS Credentials
    uses: aws-actions/configure-aws-credentials@v4
    with:
      aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
      aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      aws-region: us-east-1

  - name: Login to Amazon ECR
    id: login-ecr
    uses: aws-actions/amazon-ecr-login@v2

  - name: Build, tag, and push docker image to Amazon ECR
    env:
      REGISTRY: ${{ steps.login-ecr.outputs.registry }}
      REPOSITORY: demo-repository
      IMAGE_TAG: ${{ github.sha }}
    run: |
      docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG .
      docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG
Enter fullscreen mode Exit fullscreen mode
Enter fullscreen mode Exit fullscreen mode




Finally!!!!!! Lets Test 🥳🥳🥳🥳🥳

You have the option to manually initiate your workflow or create a pull request to the main branch for the building and deployment of your image. I appreciate your reading until this stage!

Our workflow successfully ran!!!
github workflow pipline

Now navigate to your AWS ECR dashobard to view your newly deployed image
Aws Ecr dashboard

Top comments (0)