Implementing A Modern CI/CD Pipeline with GitHub Actions & AWS

In this article, we will be walking through the steps of setting up a CI/CD pipeline that builds a docker image and deploys it to Amazon ECR(Elastic Container Registry) anytime changes are made to the main branch of our GitHub repository. This project was inspired by a hands-on project from AWS User Group Yaounde, so we will be working with the resources they provided.

Also, this is just an overview of the different steps involved in creating the pipeline not necessarily an in-depth walkthrough.

Requirements

These are some things you need to have in order to complete this project;

This project uses Python and Docker, but you don't need those installed on your computer as the aim is to create a working pipeline not necessarily build and run the code locally. With that out of the way, let us start building!!๐Ÿ› 

Steps

1) Getting the Project's Source Code

First of all, visit this link https://github.com/jordybayo/github-cicd to fork the project and create a copy in your GitHub account. Once that is done, you can now clone the project locally to your computer.

2) Create an AWS IAM user.

We need to create an IAM user for this project because that will grant GitHub actions programmatic access to perform actions in our AWS account. And that cannot be done by using the root user only.

You can still use any IAM user you already have, but make sure you add a policy that gives them access to the AWS ECR service.

3) Generate Access Keys

As mentioned in the previous step, access keys will enable GitHub actions to perform actions(no pun intended) in our AWS account. These are the steps to follow in order to generate your access keys:

  • In your IAM dashboard, click on Users

  • You will be taken to a page that lists all the users in your account, you want to click on the IAM user you are creating access keys for.

  • Now click on Security Credentials and scroll down to where you see Access Keys.

  • Click on Create Access key and you will be asked to select the type of Access key you want; select Third-party service .

  • Once that is done, you can create the key and download it for later use.

4) Add Access Keys to GitHub

Now that we have our access keys, we have to provide them to our GitHub project for it to use when running the actions. To do so:

  • Go to the project you forked and navigate to Settings.

  • Under settings, scroll down and expand Secrets and Variables then click on actions.

  • Click on New repository secret and give it the name "AWS_ACCESS_KEY_ID" and under secret, provide the value to your access key ID you created earlier.

  • Follow the same procedure to create a secret for your secret access key, by giving the name "AWS_SECRET_ACCESS_KEY".

5) Enable GitHub Actions

For this project, you may have to enable GitHub actions if you haven't already. This can easily be done by:

  • Navigating to the forked project in your GitHub account.

  • Click on Actions and then click on Enable GitHub Actions For This Project. We are doing this for GitHub actions to run automatically anytime we push changes to our main branch.

6) Create an ECR Repository and Update the GitHub Action File

We need to create an ECR repository where Github actions will deploy our docker image to. Make sure you are creating this repository in the "us-east-1" or "N. Virginia" region.

Once that is done, we have to update our GitHub actions file with the name of our ECR repository. This file can be found in the project we cloned, in the directory .github/workflows/main.yml . Inside the main.yml file, look for the key that says "ECR_REPOSITORY" and update its value with the name of your ECR repository.

7) Push and Deploy

Now if everything was configured well, we should be able to push the current changes to our GitHub repository, and GitHub actions will run and deploy our image successfully.

You can go to the actions tab in GitHub to make sure everything ran successfully, and also check your Amazon ECR Repository to make sure that you see the docker image.

0
Subscribe to my newsletter

Read articles from Ajimsimbom Bong M directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Ajimsimbom Bong M
Ajimsimbom Bong M

I'm Ajim, a Cloud DevOps Engineer from Cameroon. I'm really into Cloud Native Solutions involving Microservices, Containers, and Kubernetes. Feel free to reach out to me if you wish to connect or collaborate on a project.