Build and Deploy Docker Image to ECR and ECS using GitHub Actions

This blog is all about achieving CICD using GitHub Actions, to build image using docker, push the image to ECR repository and deploy the image to ECS service in AWS.

Pre Requisite:
1. You already have ECS (Elastic Container Service) running in AWS.
2. ECR (Elastic Container Repository) is already created and you have repo for the image.
3. A GitHub account and Repository where you are going to run this workflow
4. GitHub Repository should have your application code which you want to build

Scenario: In this demo, I am going to cover how we can build image using docker and push the image to ECR Repo. Also how we can push the image to already running ECS Tasks using GitHub Actions.

For the Prerequisites 1 and 2, you can refer to my below GitHub repository: https://github.com/ashutoshrathore/tf-ecr-ecs

How to build Image using Docker for your ECR

Step 1: Create a DockerFile
Below code needs to be entered into your dockerfile and must be placed in the same directory of your code repo
Here, we are going to use nginx to run our code and COPY command will make sure all our code is copied to the nginx server
Read more about how to create docker file

FROM nginx
COPY . /usr/share/nginx/html

Step 2: ECS Task Definition:
Generally, we need to use the existing task definition from ECS cluster, but you can refer to below json, if you want to create your own or want every deployment to have the updated definition.
Read more about Task Definition

Environment Variables and GitHub Secrets:

1. Create IAM user for GitHub actions in AWS, and provide access to ECR and ECS in your AWS account.
2. Export the keys and secrets and add them to GitHub Secrets of your repository.
   In our demo, I have stored my secrets as AWS_ACCESS_KEY and AWS_SECRET_KEY, it requires at the below line of our workflow file:
3. Below environment variables needs to be declared in deploy:
   AWS_REGION: # set this to your preferred AWS region, e.g. us-west-1
   ECR_REPOSITORY: # set this to your Amazon ECR repository name ECS_SERVICE: # set this to your Amazon ECS service name ECS_CLUSTER: # set this to your Amazon ECS cluster name ECS_TASK_DEFINITION: # set this to the path to your Amazon ECS task definition # file, e.g. task-definition.json
   CONTAINER_NAME: CONTAINER_NAME # set this to the name of the container in the # containerDefinitions section of your task definition
4. In our demo, I created the above environment variables, directly in my GitHub Secrets, and called them in my workflow directly with names.

Achieve the CICD flow:

Now, to achieve CICD flow, our GitHub actions workflow should be doing the below jobs, please refer below the details and code with the filename as deployecs.yml

1. Our Actions will run on every code push to main branch of our respository <line 4–7>
2. Call Environment variables <line 9–16>
3. Job will be running on GitHub’s open-source git runner, you can add your own runner from the cloud. <line 22–26>
4. Configure AWS credentials using secret and login to ECR <line 32–41>
5. Build Docker Image on pushing it to the ECR image repo (line 48–54)
   In this step, GitHub action will be adding a tag (unique key) to the newly created docker image, this tag will contain the unique key created by GitHub <line 53–54>
6. Fill the new image ID in task definition of ECS <line 56–62>
7. Deploy the Task definition to ECS <line 64–70>

Conclusion:

Above, we have created a docker image, taskdefinition file for ECS, pushed the docker image to ECR repository, pushed the newly created image to ECS service.
Our ECS will be now serving latest container.
All this we did through CICD flow of GitHub Actions.

GitHub Repository: https://github.com/ashutoshrathore/build-deploy-to-ecs

Please post comments, if there is any feedback! Thankyou!