Pushing Docker Image from S3 to ECR through Codebuild [Part-2]
In my previous blog, I demonstrated how to push a Docker image from your local machine to Amazon ECR here. In this post, we’ll take it a step further by automating the process: we’ll show you how to push a Docker image stored in an S3 bucket to Amazon ECR using AWS CodeBuild. This approach leverages AWS CodeBuild to streamline the build and push process, enabling continuous integration and deployment (CI/CD) workflows. By the end of this , you’ll have an automated pipeline that fetches your Docker image from S3, builds it, and pushes it to ECR, ensuring a more efficient and scalable deployment process.
To push a Docker image from an S3 bucket to Amazon ECR using AWS CodeBuild, you need to set up a build project that pulls the source code and buildspec file from S3, builds the Docker image, and then pushes it to ECR. Here’s a step-by-step guide:
Prerequisites
To proceed with this tutorial ensure
- S3 Bucket: Ensure your Dockerfile and any other necessary files are stored in an S3 bucket in data.zip format.
- ECR Repository: Create an ECR repository to store your Docker image. eg — docker-demo
- IAM Role: Ensure you have an IAM role with the necessary permissions for CodeBuild, S3, ECR, and optionally, CloudWatch.
Create a CodeBuild Project
Go to the AWS CodeBuild console. Click on “Create build project” and enter a name for your project mentioned here docker-buildspec. Provide source as Amazon S3. Choose your S3 bucket and path to your buildspec (discussed in later section) and source code e.g., path/to/your/data.zip.The data.zip file should have your scripts, Dockerfile and requirement.txt if using python.
Under the Environment section select the options shown below. Choose a new service role or an existing service role depending on your setup.
Additional configuration
Timeout: Specify a value, between 5 minutes and 36 hours, after which CodeBuild stops the build if it is not complete. If hours and minutes are left blank, the default value of 60 minutes is used
Privileged: Select Enable this flag if you want to build Docker images or want your builds to get elevated privileges. only if you plan to use this build project to build Docker images. Otherwise, all associated builds that attempt to interact with the Docker daemon fail.
Buildspec
Use a buildspec file for build commands as below. Ensure your S3 source contains a buildspec.yml file, or you can specify inline build commands. You can also edit the buildspec.yml file later.
Artifacts and Logs
Select No Artifacts and enable a log group.
Run the Build
In the CodeBuild console, start a build for your project.
Monitor the build logs in the CodeBuild console to ensure it runs successfully.
Once done, you will get the status as succeeded. At last, go to the Amazon ECR console and verify that your Docker image has been pushed successfully.
