/DevOps-assessment

Primary LanguageDockerfile

DevOps Hiring Assignment: Automating Docker Image Upload to AWS ECR using GitHub Actions

Hello all

Prerequisites:

  • AWS account with OIDC connect for Github
  • IAM permission to perform actions

1. GitHub Repository Setup:

  • Created a Repo - DevOps Assessment
  • Including Python app with Docker file

2. Docker Image Creation:

  • Docker file is successfully build Image

3. AWS ECR Setup:

  • Created a ECR repository - devops-assessment
  • Setup the OIDC Connection for connecting AWS to Github
  • Configured necessary IAM roles and policies for access management.

4. GitHub Actions Workflow:

  • Created workflow file - pipeline.yaml which will trigger on push or pull request event with appropiate caching to optimize workflow runs.

Explaination:

  • When someone make any change to code and push code to GitHub repo the workflow file automatically triggered.
  • It start with checking all dependencies install all packages, then enters in Build stage do AWS login, Docker login
  • After that it build docker image and push it to AWS ECR.

5. Security and Best Practices:

  • Use Github secret for storing AWS creadentials.
  • Used Achore-Engine for scanning for vulnerabilities in docker file.
  • After sscanning image pushed to ECR.

6. Permission to given Account:

  • I provided the permission with required ecr policy to view the AWS ECR image.
  • Follow the AWS official support link AWS DOCS LINKS for the diffrent account permission to ECR.