karatejb: 5月 2021

Github Action Docker Image

▌Introduction

This tutorial shows how to publish your docker images to Docker Hub or Azure Container Registry thru GithHub Actions.

▌Implement

▋Register Docker Hub/Create Azure Container Registry

1. Sign up Docker Hub here and create an Access Token.

2. Create Azure Container Registry by “How to create ACR by Azure CLI”.

Notice that we will store the credentials on GitHub later to push Docker Images.

Docker Registry	Credentials to store in GitHub
Docker Hub	Docker ID and Token (or your Docker Hub password, but not recommended)
Azure Container Registry	Username and password(or password2) of Access Keys. See Figure 1.

(Figure 1. Access Keys in ACR)

▋ GitHub: Setup Action secrets

Go to your GitHub repository: [Settings] -> [Secrets] and add the following New repository secret:

Repository secret	Value	Note
DOCKER_IMAGE_NAME	The name of your image	This is optional.
DOCKERHUB_USERNAME	Docker Hub ID
DOCKERHUB_PASSWORD	Docker Hub Access Token
ACR_REGISTRY	The ACR registry server	e.q. xxxx.azurecr.io Since we don’t want to expose our private Docker registry.
ACR_USERNAME	ACR username of Access keys
ACR_PASSWORD	ACR password of Access keys

The secrets will be used in our GitHub flow.

▋ GitHub Actions: Setup GitHub flow

Under your git repository, create the directory: .github/workflows/ and yaml file(s), each yaml file will be a work flow.

For example, I put 2 yaml files as following that will be 2 workflows as figure 2.

├── .github
|  ├── workflows
|  |  ├── push_docker_image_acr.yml
|  |  └── push_docker_image_dockerhub.yml

(Figure 2.)

PS. Of course you can merge the 2 workflows to one yaml file.

▋push_docker_image_dockerhub.yml

---
name: Publish Docker images to Docker Hub
on:
  push:
      branches: [ master ] # Set which branch to trigger this flow, e.q. [ master, develop ]
jobs:
  push_images_to_dockerhub:
    name: Push images to Docker Hub
    runs-on: ubuntu-18.04
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
      - name: Build and push image
        id: build_publish_image
        uses: docker/build-push-action@v2
        with:
          context: .
          file: ./dockerfile
          push: true
          tags: ${{ secrets.DOCKERHUB_USERNAME}}/${{ secrets.DOCKER_IMAGE_NAME }}:latest

There are 3 steps in the workflow:

1. Checkout repository by actions/checkout.

2. Login to Docker Hub by docker/login-action.

3. Build Dockerfile and push image to Docker Hub by docker/build-push-action.

▋push_docker_image_acr.yml

---
name: Publish Docker images to ACR
on:
  push:
      branches: [ master ] # Set which branch to trigger this flow, e.q. [ master, develop ]
jobs:
  push_images_to_acr:
    name: Push images to ACR
    runs-on: ubuntu-18.04
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: Login to ACR
        uses: azure/docker-login@v1
        with:
          login-server: ${{ secrets.ACR_REGISTRY }}
          username: ${{ secrets.ACR_USERNAME }}
          password: ${{ secrets.ACR_PASSWORD }}
      - name: Build and push image
        id: build_publish_image
        uses: docker/build-push-action@v2
        with:
          context: .
          file: ./dockerfile
          push: true
          tags: ${{ secrets.ACR_REGISTRY }}//${{ secrets.DOCKER_IMAGE_NAME }}:latest

There are 3 steps on the workflow:

1. Checkout repository by actions/checkout.

2. Login to ACR by Docker Hub by azure/docker-login.

3. Build Dockerfile and push image to Docker Hub by docker/build-push-action.

Furthermore, we can write commands to run more complex scenario:

steps
  - name: Pull and push openldap 
    id: publish_openldap
    run: |
      docker pull osixia/openldap:stable
      docker tag osixia/openldap:stable ${{ secrets.ACR_REGISTRY }}/openldap:stable
      docker push ${{ secrets.ACR_REGISTRY}}/openldap:stable