Building Docker images with GitHub Actions and Google Cloud

Building Docker images with Google Cloud Build and pushing them to Google Cloud Registry using GitHub Actions as part of your CI pipeline.

In the last parts of our GitHub Actions blog series, we took a closer look at Gradle builds. But deploying to the cloud usually involves using pre-built Docker images, not JAR files. How can we build these as part of our CI pipeline?

Furthermore, the build output can be displayed in the GitHub UI to see at a glance which tags were created and if the build was successful.

To use the action, we first need to add a new step to our action.yaml file. It will look like this, for example:

The configuration above is the minimal possible configuration. The available parameters can be used to extensively customize the behavior of the action. The parameter gcp-project-id contains the ID of the project in Google Cloud that is supposed to be used. The default region for Google Cloud Registry is eu.gcr.io. This can be customized with the gcp-gcr-region parameter.

You can specify the name of the image under image-name. The tag is then created dynamically. The files required for the build are specified as image-sources. All files and folders from the GitHub actions workspace can be specified. Wildcards such as * or ? are also supported. The files then need to be copied into the finished image within the Dockerfile.

Under gcp-service-account-token a base64 encoded service account JSON file must be specified. This will be used for authenticating with GCP. The service account requires the following permissions:

The required JSON file can be created in Google Cloud IAM under Service Accounts. To do this, select the desired service account, switch to the Keys tab, and create a new key of type JSON.

The github-token is only required if the github-disabled parameter is not set to true. Typically, the default token provided by GitHub Actions is sufficient for this. It is necessary to set the commit status and/or the release notes. More on this later.

If you run the action now, the corresponding image will be built and tagged as $branch-$commitSha-$yyyy.$mm.$dd-$hh.$mm.$ss by default. The first part is the (normalized) branch name, the second part is the 7-character short hash of the commit used, and the third part is the date and time of the build.

Related posts:

It has been a year since we launched Repick. We started it as a side project because we loved design products and wanted to share our passion with the world. So far we’ve shared over 1500 products…

I started my morning walk, somewhere around the end of May. Instead of frequenting familiar places, I thought of exploring. It was in this new path that I met her. I could tell that she was…

This week i looked up a bunch of different cool projects on the internet that could be made with an Arduino kit. one that i found interesting was an alarm that was made with a PIR sensor and an…