Saturday, April 6, 2024

GitHub Actions CICD Pipeline to Create Docker Image and Push Docker Image into Amazon ECR | Integration GitHub Actions with AWS ECR

Please find steps for integrating AWS ECR with GitHub Actions:


Pre-requisites:

What are we going to do in this lab?
1. Create a Repository in AWS ECR
2. Create AWS secret keys + access keys
3. Create secrets in GitHub Actions
4. Create workflow yaml
5. Add steps/tasks in the yaml file
6. Run the workflow yaml
7. Check if docker image is been stored in AWS ECR

How to Create a repo in ECR ?

Go to AWS console and search for ECR

Click on Create Repository



Enter name for your repo - all lower case and Click create repository


Once repo is created, choose the repo and click on view push commands. Note down the account ID


Add Access keys and Secret keys as Secrets in GitHub Actions

Go to your GitHub Repo --> Settings --> 

Click on Secrets and Variables under Security in left nav 
Click new Repository Secret


Create secrets in GitHub for AWS_REGION,  REPO_NAME,  AWS_SECRET_ACCESS_KEY and AWS_ACCESS_KEY_ID

Create GitHub Actions CICD workflow yaml:

Go to GitHub repo where your Java project is, create a new file:

.github/workflows/cicd.yml


The below file have four steps(tasks) 
    - Checkout
    - Install Java on runner
    - Build springboot Jar file using Maven
    - Build docker image and tag it
    - Upload docker image into AWS ECR

Copy the content from below:
name: cicd-workflow to create docker image and upload into AWS ECR
on:
  push:
    branches: [ "master" ]
jobs:
  job1:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Set up JDK 17
      uses: actions/setup-java@v2
      with:
        distribution: 'adopt'
        java-version: '17'
    - name: Build with Maven
      run: mvn clean install
    - name: Setup AWS ECR Details
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: ${{secrets.AWS_REGION}}
    - name: Login to Amazon ECR
      id: login-pf-aws-ecr
      uses: aws-actions/amazon-ecr-login@v1
    - name: Build and push Docker image
      env:
        ECR_REGISTRY: ${{ steps.login-pf-aws-ecr.outputs.registry }}
        ECR_REPOSITORY: ${{secrets.REPO_NAME}}
        IMAGE_TAG: ${{ github.sha }}
      run: |
        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

Commit the file.

As soon as you commit, build will run immediately in GitHub Actions. 
Now you can see the output of build in Actions tab.


Please login to AWS console --> ECR and verify if image have been uploaded successfully.


Watch Steps in YouTube channel:

No comments:

Post a Comment

How to Configure GitHub Advanced Security for Azure DevOps | How to Perform Security scan for Azure Repos using GitHub Advanced Security

GitHub Advanced Security for Azure DevOps brings the  secret scanning, dependency scanning  and  CodeQL code scanning  solutions already ava...