In this article, we will be walking through the steps of setting up a CI/CD pipeline that builds a docker image and deploys it to Amazon ECR(Elastic Container Registry) anytime changes are made to the main branch of our GitHub repository. This project was inspired by a hands-on project from AWS User Group Yaounde, so we will be working with the resources they provided.
Also, this is just an overview of the different steps involved in creating the pipeline not necessarily an in-depth walkthrough.
These are some things you need to have in order to complete this project;
Git installed on your computer
Any code editor of your choice. Personally, I use Visual Studio Code
This project uses Python and Docker, but you don't need those installed on your computer as the aim is to create a working pipeline not necessarily build and run the code locally. With that out of the way, let us start building!!🛠
1) Getting the Project's Source Code
First of all, visit this link https://github.com/jordybayo/github-cicd to fork the project and create a copy in your GitHub account. Once that is done, you can now clone the project locally to your computer.
2) Create an AWS IAM user.
We need to create an IAM user for this project because that will grant GitHub actions programmatic access to perform actions in our AWS account. And that cannot be done by using the root user only.
You can still use any IAM user you already have, but make sure you add a policy that gives them access to the AWS ECR service.
3) Generate Access Keys
As mentioned in the previous step, access keys will enable GitHub actions to perform actions(no pun intended) in our AWS account. These are the steps to follow in order to generate your access keys:
In your IAM dashboard, click on
You will be taken to a page that lists all the users in your account, you want to click on the IAM user you are creating access keys for.
Now click on
Security Credentialsand scroll down to where you see
Create Access keyand you will be asked to select the type of Access key you want; select
Once that is done, you can create the key and download it for later use.
4) Add Access Keys to GitHub
Now that we have our access keys, we have to provide them to our GitHub project for it to use when running the actions. To do so:
Go to the project you forked and navigate to
Under settings, scroll down and expand
Secrets and Variablesthen click on
New repository secretand give it the name "AWS_ACCESS_KEY_ID" and under secret, provide the value to your access key ID you created earlier.
Follow the same procedure to create a secret for your secret access key, by giving the name "AWS_SECRET_ACCESS_KEY".
5) Enable GitHub Actions
For this project, you may have to enable GitHub actions if you haven't already. This can easily be done by:
Navigating to the forked project in your GitHub account.
Actionsand then click on
Enable GitHub Actions For This Project. We are doing this for GitHub actions to run automatically anytime we push changes to our main branch.
6) Create an ECR Repository and Update the GitHub Action File
We need to create an ECR repository where Github actions will deploy our docker image to. Make sure you are creating this repository in the "us-east-1" or "N. Virginia" region.
Once that is done, we have to update our GitHub actions file with the name of our ECR repository. This file can be found in the project we cloned, in the directory
.github/workflows/main.yml . Inside the
main.yml file, look for the key that says "ECR_REPOSITORY" and update its value with the name of your ECR repository.
7) Push and Deploy
Now if everything was configured well, we should be able to push the current changes to our GitHub repository, and GitHub actions will run and deploy our image successfully.
You can go to the actions tab in GitHub to make sure everything ran successfully, and also check your Amazon ECR Repository to make sure that you see the docker image.