Docker Build and Push to ECR

Docker Build and Push to ECR¶

Description¶

This workflow builds a Docker image and pushes it to the Elastic Container Registry (ECR).

Inputs¶

name	description	type	required	default
`environment`	Environment to run the build in	`string`	`false`	`""`
`aws_account_id`	AWS Account ID	`string`	`false`	`""`
`aws_region`	AWS Region	`string`	`false`	`""`
`aws_role_name`	AWS Role Name	`string`	`false`	`""`
`aws_oidc_role_arn`	AWS OIDC IAM role to assume	`string`	`false`	`""`
`image_name`	Name of the Docker image to build	`string`	`false`	`""`
`image_tag`	Addition tag to the Docker image, default tag is the commit SHA	`string`	`false`	`""`
`docker_context`	Path to the build context	`string`	`false`	`""`
`dockerfile_path`	Path to the Dockerfile. If not defined, will default to {docker_context}/Dockerfile	`string`	`false`	`""`
`docker_push`	Push Image to ECR	`boolean`	`false`	`true`
`docker_target`	Build target	`string`	`false`	`""`
`artifact_name`	Artifact name to be downloaded before building	`string`	`false`	`""`
`artifact_path`	Artifact target path	`string`	`false`	`""`
`artifact_pattern`	A glob pattern to the artifacts that should be downloaded. Ignored if name is specified.	`string`	`false`	`""`
`artifact_merge_multiple`	When multiple artifacts are matched, this changes the behavior of the destination directories. If true, the downloaded artifacts will be in the same directory specified by path. If false, the downloaded artifacts will be extracted into individual named directories within the specified path. Optional. Default is 'false'.	`boolean`	`false`	`""`

Usage¶

jobs:
  job1:
    uses: dnd-it/github-workflows/.github/workflows/docker-build-push-ecr.yaml@v2
    with:
      environment:
      # Environment to run the build in
      #
      # Type: string
      # Required: false
      # Default: ""

      aws_account_id:
      # AWS Account ID
      #
      # Type: string
      # Required: false
      # Default: ""

      aws_region:
      # AWS Region
      #
      # Type: string
      # Required: false
      # Default: ""

      aws_role_name:
      # AWS Role Name
      #
      # Type: string
      # Required: false
      # Default: ""

      aws_oidc_role_arn:
      # AWS OIDC IAM role to assume
      #
      # Type: string
      # Required: false
      # Default: ""

      image_name:
      # Name of the Docker image to build
      #
      # Type: string
      # Required: false
      # Default: ""

      image_tag:
      # Addition tag to the Docker image, default tag is the commit SHA
      #
      # Type: string
      # Required: false
      # Default: ""

      docker_context:
      # Path to the build context
      #
      # Type: string
      # Required: false
      # Default: ""

      dockerfile_path:
      # Path to the Dockerfile. If not defined, will default to {docker_context}/Dockerfile
      #
      # Type: string
      # Required: false
      # Default: ""

      docker_push:
      # Push Image to ECR
      #
      # Type: boolean
      # Required: false
      # Default: true

      docker_target:
      # Build target
      #
      # Type: string
      # Required: false
      # Default: ""

      artifact_name:
      # Artifact name to be downloaded before building
      #
      # Type: string
      # Required: false
      # Default: ""

      artifact_path:
      # Artifact target path
      #
      # Type: string
      # Required: false
      # Default: ""

      artifact_pattern:
      # A glob pattern to the artifacts that should be downloaded. Ignored if name is specified.
      #
      # Type: string
      # Required: false
      # Default: ""

      artifact_merge_multiple:
      # When multiple artifacts are matched, this changes the behavior of the destination directories. If true, the downloaded artifacts will be in the same directory specified by path. If false, the downloaded artifacts will be extracted into individual named directories within the specified path. Optional. Default is 'false'.
      #
      # Type: boolean
      # Required: false
      # Default: ""

Example¶

on: [push, pull_request]
jobs:
  docker_build_push_ecr:
    uses: ./.github/workflows/docker-build-push-ecr.yaml
    with:
      environment: 'production'
      aws_region: 'us-west-2'
      aws_oidc_role_arn: 'arn:aws:iam::123456789012:role/my-aws-role'
      image_name: 'my-docker-image'
      image_tag: 'latest'
      docker_context: '.'
      dockerfile_path: 'Dockerfile'
      docker_push: 'true'

FAQ¶

Q: How do I specify the AWS credentials?

A: The AWS credentials are specified using the aws_account_id, aws_region, aws_role_name, and aws_oidc_role_arn inputs.

Q: How do I specify the Docker image name and tag?

A: The Docker image name and tag are specified using the image_name and image_tag inputs. By default, the image name is the repository name.

Q: How do I specify the build context and Dockerfile path?

A: The build context and Dockerfile path are specified using the docker_context and dockerfile_path inputs. By default, the build context is . and the Dockerfile path is {docker_context}/Dockerfile.

Q: How do I control whether the image is pushed to ECR?

A: Whether the image is pushed to ECR is controlled using the docker_push input. By default, it is set to true.

Q: Can I only build or only push ?

A: Yes you can call separately the workflows docker-build.yaml and docker-push-ecr.yaml. Please refer to each individual workflow for informations about inputs.

Q: Can I pass files and folders from other jobs?

A: Yes, you can upload them as artifacts and have the docker-build-push-ecr.yaml to download them via artifact_path and artifact_name. Example DND-IT/disco PR