Open in app

Sign in

Write

Sign in

Create CI/CD pipeline for Docker Images in AWS

Harshal kondke
5 min readJan 20, 2022

Not going to waste time in giving introduction to this blog as i supposed you will be interested in knowing about how to implement CI/CD pipelines. right?

What is CI/CD Pipelines ?

Basically think of it as an automated way to deploying your application code or updating existing application without getting human errors and off course manage all dependencies.

So it will build code, test code, deploy code & save all logs and gives you feedback. Still not understood? check this out.

Lets divide it in 3 parts:

Source: So you need to provide some code source to work on. such a oblivious thing. You can use any version control system for this. but i’ll use GitHub.

So all you need is host your code is well structured form. so when ever you will push code to your master branch it will trigger our pipeline. we will see how. keep going.

Build: We will use AWS CodeBuild to build the docker images for us. but, build also needs some instruction from us to how to build the image and what commands to execute. going ahead we will explore this part as well.

Deploy: For this step you have a option to use AWS CodeDeploy if you have some application running in production. but we will not use it as i only need updated Docker images and i can deploy that anywhere with latest tag. cool? Yeah.

Dockerfile

So you need to tell docker how you want your image to be. for that we use something called Dockerfile. Think of it as a shell script that will install all your dependencies inside docker container.

This is self explanatory Dockerfile.

BuildSpec.yml

This is where magic happens. You can specify all the thing you want to do while build your image with Dockerfile in AWS CodeBuild.
You can directly copy this buildspec.yml file and use it.

If you already know how this is working you can skip this part. else read it. it’s Important.

So, in pre-build section it will log in to ECR repo in your account without the AWS secret key and access keys. Moving forward will explain how it is being done. But remember, if you want to login to ECR repo from someone else account which is unlikely to happen, then you have to provide AWS credential for the same.

In Build part it will build image with name as a commit hash and use tag as latest to it. and in post-build section its just pushing newly created image to ECR repo.

Enough preparation. let get into cool part.

Setup CodeBuild

I assume you have already created GitHub repo and it contains Dockerfile and BuildSpec.yml file. (both public and private repo works here.)

Log in to your AWS console and open AWS CodeBuild: click on Create Build Project > Give some project Name and description.

specify public github repo link. if you wish to use private repo connect your github account and then you can select private repo as well.

Now, In Environment section select managed image > operating system : Ubuntu > Runtime : standard > Image : (any one) > Check privileged and create new service role.

This is environment where our docker image will be build as mentioned in buildspec.yml file

For Buildspec section, is your are using another name for .yml file other than buildspec.yml then specify that file else live as it is.

keep everything as it is. for this project we don’t need other configurations. click on Build Project.

This Build will definitely fail. You know why?

Remember in buildspec.yml file we are using AWS CLI without AWS account credentials? so we need to give our newly created service role permissions to access ECR.

Go into IAM and select roles. search for role name as you specified. if not then search for your build project name. attach AmazonEC2ContainerRegistoryFullAccess policies to service role

Boom we are good to go. you can build the project now and once successfully build you should see new image with latest tag in your ECR repo.

Setup CodePipeline

We don’t want to manually build docker image every time we have some changes. It should automatically get trigger once push operation is performed on GitHub repo.

Goto CodePipeline > create pipeline > make following config.

Now, select service provider as GitHub and connect your github account.

In change detection options select Github Web Hooks. It should look something like this…

In Build stage > select provider as CodeBuild. and select build name as created just created.

and that’s it. we don’t need deploy stage so skip it and review your pipeline and create it.

Once created it will start the pipeline and then trigger CodeBuild. if everything works as expected you should see new docker image in your ECR repo. Now add some commit to your GitHub repo and see CodePipeline getting triggered automatically.

Done. Now don’t worry about deployment part and focus on building something beautiful.

Happy Coding.

Cheers,

Aws Codepipeline
Aws Codebuild
Awsserverless
DevOps

--

--

Harshal kondke

Written by Harshal kondke

14 Followers

a geek. passionate about technology.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams