DEV Community

Renicius Pagotto
Renicius Pagotto

Posted on • Edited on

Publishing Docker images to Azure Container Registry with GitHub Actions

#githubactions #azure #container

Hi everyone,

In today’s post, we will discuss how to upload Docker images to Azure Container Registry. To fully understand the step-by-step process, let’s first explore some key concepts related to the topic.

Azure Container Registry

In a nutshell, Azure Container Registry (ACR) is a service specialized in storing artifacts, including Docker images. For more information, you can access this post where I explain step by step how to create and use it.

GitHub Actions

GitHub Actions is a continuous integration (CI) and continuous delivery (CD) service provided by GitHub that lets you automate, customize, and execute software development workflows directly in your GitHub repository.

For our demonstration, we will use a .NET 8 Web API application which is essentially the default template with a Dockerfile.

GitHub Action Pipeline

This is the complete declaration of the pipeline file (.yml) where the az-registry step is the main focus. As an additional bonus of knowledge, there is a step to upload the same image to GitHub Container Registry and there is also a step to deploy the image to Azure Web Apps.

name: Build and Deploy on: workflow_dispatch: push: tags: - '*.*.*' env: IMAGE_NAME: "product-service" GH_REGISTRY: "ghcr.io" AZ_REGISTRY: "azdevdaysrpf.azurecr.io" AZURE_WEBAPP_NAME: az-devdays-appservice jobs: gh-package: name: Publish | GitHub Registry runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to the GitHub Container Registry uses: docker/login-action@v3 with: registry: ${{ env.GH_REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GH_REGISTRY_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 with: images: ${{ env.GH_REGISTRY }}/${{ github.actor }}/${{ env.IMAGE_NAME }} - name: Build and Push Image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} az-registry: name: Publish | Azure Container Registry runs-on: ubuntu-latest outputs: version: ${{ steps.meta.outputs.version }} steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to the Azure Container Registry uses: docker/login-action@v3 with: registry: ${{ env.AZ_REGISTRY }} username: ${{ secrets.AZ_SP_CLIENT_ID }} password: ${{ secrets.AZ_SP_CLIENT_SECRET }} - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 with: images: ${{ env.AZ_REGISTRY }}/${{ env.IMAGE_NAME }} - name: Build and Push Image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} deploy: name: Azure Web App Deployment runs-on: ubuntu-latest needs: [ gh-package, az-registry ] steps: - name: Login Azure env: AAD_SERVICE_PRINCIPAL_CLIENT_ID: ${{ secrets.AZ_SP_CLIENT_ID }} AAD_SERVICE_PRINCIPAL_CLIENT_SECRET: ${{ secrets.AZ_SP_CLIENT_SECRET }} run: | az login --service-principal -u ${{ secrets.AZ_SP_CLIENT_ID }} -p ${{ secrets.AZ_SP_CLIENT_SECRET }} --tenant ${{ secrets.AZ_TENANT_ID }} az account set -s ${{ secrets.AZ_SUBSCRIPTION_ID }} az account show - name: Azure Web Apps Deployment uses: azure/webapps-deploy@v3 with: app-name: ${{ env.AZURE_WEBAPP_NAME }} images: ${{ env.AZ_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.az-registry.outputs.version }}
Enter fullscreen mode Exit fullscreen mode

Let's start with the first part of the pipeline where below we have an image and also the explanation.

Image description

name: The name of the pipeline.

on: Specifies the trigger for the pipeline. In this case, the pipeline is triggered every time a new tag (git tag) is pushed. We also define the format of the git tag required to execute the pipeline, typically following the standard versions like 0.0.1 or 1.0.0.

env: Represents the global environment variables for the pipeline context.

IMAGE_NAME: The name assigned to the Docker image.

AZ_REGISTRY: The URL of the Azure Container Registry.

Let's dive into the az-registry stage now and explain the steps in detail, as this is where all the crucial actions take place.

Image description

In this stage, we are using a Linux runner called ubuntu-latest.

Checkout Repository: This step downloads the repository to the GitHub runner.

Docker Buildx: This installs Docker along with the extended plugin called Buildx.

Login to Azure: We log in to Azure to enable image uploads using a Service Principal with contributor access to the Azure Container Registry.

Image description

Extract Metadata: Retrieve metadata (such as tags and labels) and define the full name of the image.

Build and Publish: In this final step, we run the Dockerfile, tag the image named in the previous step, and upload it to Azure Container Registry.

Finally, to execute the pipeline, define a tag using the git tag command and push the tag to the origin. Here are examples of the commands.

git tag 1.0.0
git origin push 1.0.0

Image description

Did you enjoy this post? Want to chat more about it? Leave a comment with your questions and ideas, or connect with me on LinkedIn.

GitHub Repository: https://github.com/reniciuspagotto/az-devdays-dotnet-container?wt.mc_id=studentamb_72239

Top comments (0)