In today's short post, we're going to run through how to get a basic Docker container up in running in GitHub actions and learn how to use GitHub Secrets along the way!
First, we need to set up our
.github folder and the
workflows. From your project directory root, run the follow:
Once we have our workflow, we can add the following to
Here, we give the action a
name and tell it to run on every
push to our
The last top-level property we have is
jobs, and this is where we can tell our action what to run!
In our job, we are creating an action known as
Hello world action. As for the steps, we are telling it to first run
v1 of GitHub's
From the repo information, That action checks-out your repository under
$GITHUB_WORKSPACE, so your workflow can access it.
We then run a second action from a
./action-a directory and tell it to set an environment variable which comes from our secrets! We will set that secret later, but first let's set up our Docker action!
From the root of the project directory, let's now create a folder
action-a and some files to add in the actions:
Here, we are creating a folder (which we referenced in our workflow), then adding a Dockerfile for GitHub to build from and we are going to make a small Shell script that the action will run. Finally, we are adding user permissions to run the script so we can test it out locally.
./action-a/entrypoint.sh, add the following:
The script will simply out put the "Hello world my name is ..." based on the
$MY_NAME environment variable!
Since we have added the correct permissions, let's run the action!
As you can see, the above is doing something... but not exactly what we want! We need to set an environment variable to add in the name!
Let's run it name setting the environment variable at runtime:
Not a lot is happening in this script, but that's okay! We just want to get an action up and running!
Save this file and let's move onto the Dockerfile.
Here, let's add the following:
For those who are not familiar with a Dockerfile, this may look a little strange. To keep things brief, the file does the following:
entrypoint.shfile to the root of the container.
The expectation is that we can copy what we did above and run our script! The big difference will be that are going to use GitHub Secrets to manage our
Following along from GitHub's docs, we can head to our GitHub and create a new repository.
Once that is done, in the new repo we can go to
Settings > Secrets > Add a new secret and add a name and value for our secret.
Hello GitHub Secrets
Perfect! Now is the time to reap what we have sown.
On our local repository again, open up the terminal and let's set up the Git repo and push from the develop branch.
We will run through a standard Git workflow to initialise a Git repository, create a new
develop branch, checkout that branch, commit everything, add the remote GitHub repository we have created and then push to that repository.
If we now head to our repository on GitHub and head to the
Actions tab, we can see our action up and running!
Inside of the action, we can see we have a
Hello world action and that is runs both the
actions/checkout@v1 and our
action-a action that we created! Awesome!
If we click out action dropdown to reveal the details, you can see all the steps that the action ran while building the Docker image and we can see our script being run!
Docker action being run
However, we do see the following:
Hello world my name is ***. That's not
Hello world my name is Dennis? This may requirement some faith, but GitHub is doing us the favour of obfuscating out secrets so that we don't accidentally let them out into the world! How kind of them. We just have to understand that under the hood,
Hello world my name is Dennis is being run!
Did we have to make something like that a secret? Of course not. However doing so in this short example will give you the know how for when you do start building actions that require secret access tokens that you don't want to be leaked out into the world!
Today, we made a simple GitHub action that uses the power of Docker containers and GitHub secrets! We can build as many actions as we want into a repository, and it is certainly a powerful feature to begin bringing CI/CD into your repository!
Image credit: Who’s Denilo ?