DEV Community

Harry K.
Harry K.

Posted on

Integrate Amazon ECR Into Your CI/CD pipeline Using Github Actions

Amazon Elastic Container Registry (Amazon ECR) is a fully managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images in a highly available and scalable infrastructure.

Amazon ECR consists of a private registry, a repository, an authorization token, a repository policy and an image.

  • A private registry, provided to each AWS account, is a registry where you can create repositories and store images in them.
  • A repository; where you store your Docker images.
  • An authorization token; with which users authenticate their registries before they can pull or push images into them.
  • A repository policy; to control access to the repositories and images inside them.
  • An image; which is a template containing instructions for creating a container.

You can also easily integrate Amazon ECR with your continuous integration and delivery (CI/CD) workflow and using Github Actions is one of the numerous ways to integrate Amazon ECR with your CI/CD pipeline right from your Github repository.

Using Github Actions, you can set up workflows to build and push Docker images to Amazon ECR whenever you push code changes to your Github repository. Github has provided various templates to automate your builds using Github Actions and here is one of the ways to push your Docker image to Amazon ECR:

# This workflow will build and push a new container image to Amazon ECR, when there is a push to the "master" branch.
# To use this workflow, you will need to complete the following set-up steps:
# 1. Create an ECR repository to store your images.
#    For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`.
#    Replace the value of the `ECR_REPOSITORY` environment variable in the workflow below with your repository's name.
#    Replace the value of the `AWS_REGION` environment variable in the workflow below with your repository's region.
# 2. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`.
#    See the documentation for each action used below for the recommended IAM policies for this IAM user,
#    and best practices on handling the access key credentials.

name: Deploy to Amazon ECR

    branches: [ "master" ]

# set this to your preferred AWS region, e.g. us-west-1
  AWS_REGION: MY_AWS_REGION                   
# set this to your Amazon ECR repository name

  contents: read

    name: Deploy
    runs-on: ubuntu-latest
    environment: production

    - name: Checkout
      uses: actions/checkout@v3

    - name: Configure AWS credentials
      uses: aws-actions/configure-aws-credentials@v1
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: ${{ env.AWS_REGION }}

    - name: Login to Amazon ECR
      id: login-ecr
      uses: aws-actions/amazon-ecr-login@v1

    - name: Build, tag, and push image to Amazon ECR
      id: build-image
        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
        IMAGE_TAG: ${{ github.sha }}
      run: |
        # Build a docker container and
        # push it to ECR so that it can
        # be deployed to ECS.
        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .

Enter fullscreen mode Exit fullscreen mode

Amazon ECR's seamless integration with Github Actions can help you streamline your CI/CD pipeline and effortlessly automate your deployment process.

Top comments (0)