Github Actions - Building and Pushing Containers with CI/CD

In terms of CI, GitHub Actions, which is the CI/CD framework provided by GitHub, allows you to automate the build, test, and validation processes for your software projects. With GitHub Actions, you can define workflows that execute various tasks, such as compiling code, running tests, performing code analysis, and generating build artifacts. It supports a wide range of programming languages and provides flexibility in customizing and configuring your CI pipeline.

Regarding CD, GitHub Actions also facilitates continuous deployment by integrating with various deployment strategies and environments. It allows you to automate the deployment of your application to different platforms and hosting services, such as cloud providers or dedicated servers. You can define deployment workflows that automatically trigger when specific conditions are met, ensuring a seamless and automated release process.

Let’s use workflows to have automatic CI/CD Pipelines in our Github Repository for free.

In this post I will show you how to use Github Workflows for:
- Creating your App Image with CI/CD and Publish it to Github Container Registry
- Push it to DockerHub (instead of GHCR)

Github Workflows

This Github Feature will help us to create automatically Docker containers whenever the repository received a new push.

In your repository, you will see the button Actions, then New workflow.

Github Actions - Creating a Workflow

You can select the type of workflow most suitable for your project or just use my recommendation from the following steps as the .yml file.

You can call it in any way you like, I like to specify that it is for CICD.

Building Docker images on Push

The CI/CD workflow specifications for your App .github/workflows/ci_cd.yml:

name: CI/CD Pipeline

on:
  push:
    branches:
      - main

jobs:
  build-and-push:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout repository
      uses: actions/checkout@v2

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v1

This is the first part, in this point we will have our Docker Image ready.

Now What? We have several container registries available, but probably you will be interested in using Github Registry or Dockerhub.

Just choose one of those and the image we just built will be pushed to those registries.

Both configurations chunks will require some form of authentication, as the code will act in our name with the registry.

Pushing Containers to ghcr

You will need to include the following code chunk below the build, to push the created container to Github Container Repository:

    - name: Login to GitHub Container Registry
      uses: docker/login-action@v1
      with:
        registry: ghcr.io
        username: ${{ github.actor }}
        password: ${{ secrets.CICD_TOKEN_For_This_WF }} #Settings -> Dev Settings -> PAT's -> Tokens +++ Repo Settings -> Secrets & variables -> Actions -> New repo secret 

    - name: Build and push Docker image
      uses: docker/build-push-action@v2
      with:
        context: .
        push: true
        #tags: ghcr.io/your_github_username/your_repo_name:${{ github.sha }}
        tags: ghcr.io/your_github_username/your_repo_name:v1.0

Remember that you will need the secret CICD_TOKEN_For_This_WF so that Github can act on your behalf for this action.

This can be obtained from: Github Settings (not repository Settings, but your GH Profile ones) -> Developer Settings -> Personal Access Tokens

Creating a GH PAT

Choose a reasonable Expiration for the Token and give it permission to write and delete packages

Now, we just need to provide the generated PAT into our Project as a Repository Variable.

Settings -> Dev Settings -> PAT’s -> Tokens (We got this on in the step before, make sure to copy it)
Repo Settings -> Secrets & variables -> Actions -> New repository Secret (and add the one you just got)

Adding Github Repo Secret

Remember to give it the same name as the variable that we are using in the configuration (.yml) file that defines the CI/CD Workflow

To share it with others, just go to https://github.com/yourGHuser?tab=packages, go to Package Settings and make the Visibility of the Package Public

This will work now for everyone to get your image:

docker pull ghcr.io/your_github_username/your_repo_name:v1.0

And if you want the Package to be linked in your Project repository… 👇

Once you go to your Github Packages section, select the one you just built.

Then, add it to the source repository:

Linking a GH Package to a Repository

You can also doing it by specifying a label directly in your Dockerfile, just after the FROM:

FROM python:3.11-slim

#Example
LABEL org.opencontainers.image.source https://github.com/JAlcocerT/Streamlit-MultiChat

#rest of your dockerfile...

Dont forget to change the package visibility to PUBLIC

Pushing Docker Containers to DockerHub

If you prefer to have your containers in DockerHub, you will need the following code included in your .yml file:

    - uses: actions/checkout@v1
    - name: Build & Push Image to DockerHub
      run: |
        echo "${{ secrets.CICD_DASH_TOKEN_DOCKERHUB }}" | docker login -u "your_DockerHubUser" --password-stdin
        docker image build -t reisikei/slider_crank:latest .
        docker push reisikei/slider_crank:latest

In this case, you will need the secret CICD_DASH_TOKEN_DOCKERHUB so that Github can act on your behalf for this action.

You can create your PAT from the Settings in DockerHub.

FAQ

Github Actions Resources

Community Resources: https://github.com/sdras/awesome-actions
Examples:
- https://github.com/JAlcocerT/Py_Trip_Planner
- https://github.com/JAlcocerT/Slider-Crank
Learn CI/CD with Youtube: ==>

Github Workflows#

Building Docker images on Push#

Pushing Containers to ghcr#

Pushing Docker Containers to DockerHub#

FAQ#

Github Actions Resources#

Github Workflows

Building Docker images on Push

Pushing Containers to ghcr

Pushing Docker Containers to DockerHub

FAQ

Github Actions Resources