In today’s software development landscape, automation is key to streamlining workflows and ensuring efficiency. One common task in modern application development is building and deploying Docker images. In this guide, we’ll walk through setting up a GitHub Actions pipeline to automatically build and push Docker images to AWS Elastic Container Registry (ECR).
What You’ll Need
Before we dive in, make sure you have the following:
- A GitHub repository containing your Dockerized application.
- An AWS account with permissions to access ECR.
- Basic familiarity with Docker and AWS concepts.
Step 1: Setting up GitHub Actions
GitHub Actions allows you to automate tasks directly within your GitHub repository. We’ll create a workflow file to define our build and push process. You can find the repository for this guide here.
name: AWS Build and publish a Docker image
on:
push:
branches:
- '*'
# Define environment variables
env:
REGISTRY: 168237387713.dkr.ecr.ca-central-1.amazonaws.com
IMAGE_NAME: aws_cli
COMPARE_TAG: latest
SHA: ${{ github.event.after }}
# Define jobs
jobs:
build:
name: AWS Build & push docker image
runs-on: ubuntu-latest
steps:
# Checkout the repository code
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ env.SHA }}
# Lint Dockerfile
- name: Lint Action for AWS
uses: hadolint/hadolint-action@v2.0.0
with:
dockerfile: aws/Dockerfile
ignore: DL3018,SC2046,DL4006
failure-threshold: warning
no-color : false
no-fail: true
# Build Docker image
- name: Build and push
uses: docker/build-push-action@v4
with:
context: aws/
push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.SHA }}
# Configure AWS Credentials
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
# Login to Amazon ECR
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
Step 2: Adding Security Scanning
Lastly, we’ll perform a security scan using Trivy to ensure the integrity of our Docker image.
# Run Trivy vulnerability scanner
- name: Run Trivy vulnerability scanner
id: docker-scan
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ steps.login-ecr.outputs.registry }}/${{ env.IMAGE_NAME }}:${{ env.SHA }}'
format: 'table'
exit-code: '0'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
Conclusion
By following this guide, you’ve set up a robust GitHub Actions pipeline to automate your Docker image builds and deployments to AWS ECR. This not only saves time but also ensures consistency and reliability in your development process. Happy automating!
You Might Also Like
🛠️ Recommended Tools for Developers & Tech Pros
Save time, boost productivity, and work smarter with these AI-powered tools I personally use and recommend:
1️⃣ CopyOwl.ai – Research & Write Smarter
Write fully referenced reports, essays, or blogs in one click.
✅ 97% satisfaction • ✅ 10+ hrs saved/week • ✅ Academic citations
2️⃣ LoopCV.pro – Build a Job-Winning Resume
Create beautiful, ATS-friendly resumes in seconds — perfect for tech roles.
✅ One-click templates • ✅ PDF/DOCX export • ✅ Interview-boosting design
3️⃣ Speechify – Listen to Any Text
Turn articles, docs, or PDFs into natural-sounding audio — even while coding.
✅ 1,000+ voices • ✅ Works on all platforms • ✅ Used by 50M+ people