Home

Awesome

🚀 Docker ECR for GitHub Actions

GitHub Action for uploading Docker Image to Amazon Elastic Container Registry (ECR).

Docker ECR

Amazon ECR

What is ECR

Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon Elastic Container Service (ECS), simplifying your development to production workflow. Amazon ECR eliminates the need to operate your own container repositories or worry about scaling the underlying infrastructure. Amazon ECR hosts your images in a highly available and scalable architecture, allowing you to reliably deploy containers for your applications. Integration with AWS Identity and Access Management (IAM) provides resource-level control of each repository. With Amazon ECR, there are no upfront fees or commitments. You pay only for the amount of data you store in your repositories and data transferred to the Internet. See the more detail information.

Permissions

The following minimum permissions are required for loggin, pushing and pulling images in an ECR repository:

{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Sid":"AllowPush",
         "Effect":"Allow",
         "Action":[
            "ecr:GetDownloadUrlForLayer",
            "ecr:BatchGetImage",
            "ecr:BatchCheckLayerAvailability",
            "ecr:PutImage",
            "ecr:InitiateLayerUpload",
            "ecr:UploadLayerPart",
            "ecr:CompleteLayerUpload"
         ],
         "Resource":"arn:aws:ecr:us-east-1:123456789012:repository/my-repo"
      },
      {
         "Sid":"GetAuthorizationToken",
         "Effect":"Allow",
         "Action":[
            "ecr:GetAuthorizationToken"
         ],
         "Resource":"*"
      }
   ]
}

Usage

Upload docker image to Amazon Elastic Container Registry (ECR)

- name: upload image to ECR
  uses: appleboy/docker-ecr-action@master
  with:
    access_key: ${{ secrets.aws_access_key_id }}
    secret_key: ${{ secrets.aws_secret_access_key }}
    registry: ${{ secrets.registry }}
    cache_from: ${{ secrets.cache }}
    repo: api-sample
    region: ap-northeast-1
    auto_tag: true
    daemon_off: false
    dockerfile: example/Dockerfile
    context: example

Input variables

Example

The ECR plugin can be used to build and publish images to the Amazon ECR registry. The below pipeline configuration demonstrates simple usage:

- name: upload image to ECR
  uses: appleboy/docker-ecr-action@master
  with:
    access_key: a50d28f4dd477bc184fbd10b376de753
    secret_key: bc5785d3ece6a9cdefa42eb99b58986f9095ff1c
    repo: bar
    registry: <account_id>.dkr.ecr.us-east-1.amazonaws.com

Example configuration using multiple tags:

- name: upload image to ECR
  uses: appleboy/docker-ecr-action@master
  with:
    repo: bar
    registry: <account_id>.dkr.ecr.us-east-1.amazonaws.com
    tags: "latest,1.0.1,1.0"

Override the default region:

- name: upload image to ECR
  uses: appleboy/docker-ecr-action@master
  with:
    repo: bar
    registry: <account_id>.dkr.ecr.us-east-1.amazonaws.com
    region: us-east-1

Override the default Dockerfile path:

- name: upload image to ECR
  uses: appleboy/docker-ecr-action@master
  with:
    repo: bar
    registry: <account_id>.dkr.ecr.us-east-1.amazonaws.com
    dockerfile: path/to/Dockerfile

Example configuration using build arguments:

- name: upload image to ECR
  uses: appleboy/docker-ecr-action@master
  with:
    repo: bar
    registry: <account_id>.dkr.ecr.us-east-1.amazonaws.com
    build_args: "HTTP_PROXY=http://yourproxy.com"

Example configuration using docker cache:

- name: upload image to ECR
  uses: appleboy/docker-ecr-action@master
  with:
    repo: bar
    registry: <account_id>.dkr.ecr.us-east-1.amazonaws.com
    cache_from: <account_id>.dkr.ecr.us-east-1.amazonaws.com/bar