Integrating GitHub Actions with Docker Builds
Introduction
Use GitHub Actions to automate Docker image builds, caching, and multi-architecture support directly in your repository CI.
Prerequisites
- GitHub repository
- Docker Hub or other registry credentials stored as GitHub Secrets
Step 1: Setup Secrets
Add to repository Settings > Secrets:
- DOCKER_USERNAME
- DOCKER_PASSWORD
Step 2: Create Workflow
In .github/workflows/docker.yml:
name: Docker CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: |
yourusername/yourapp:latest
yourusername/yourapp:${{ github.sha }}
platforms: linux/amd64,linux/arm64
cache-from: type=registry,ref=yourusername/yourapp:cache
cache-to: type=registry,ref=yourusername/yourapp:cache,mode=max
- name: Docker image digest
run: echo "Image digest: ${{ steps.build.outputs.digest }}"Step 3: Security Scanning
Extend with Trivy scan:
- name: Scan Docker image for vulnerabilities
uses: aquasec/trivy-action@v1
with:
image-ref: yourusername/yourapp:latestStep 4: Build Artifacts
Optionally save image digests or metadata:
- name: Upload build metadata
uses: actions/upload-artifact@v3
with:
name: image-metadata
path: build-metadata.jsonSummary
GitHub Actions with docker/build-push-action and Buildx enables automated, multi-platform Docker builds with caching and security scanning in your CI pipeline.