GITLAB CI/CD: BUILD AND PUSH DOCKER TO AWS ECR

FEB 17, 2025•15 MIN READ

After setting up our development tools, the next crucial step is configuring our CI/CD pipeline. In this post, we'll use several AWS services:

Amazon ECR (Elastic Container Registry)

Fully managed container registry
Secure storage for Docker images
Integrates seamlessly with IAM

IAM (Identity and Access Management)

Manages EC2 permissions to ECR
Secures registry access
Follows principle of least privilege

I'll share how to securely manage AWS credentials in GitLab and set up Amazon Elastic Container Registry (ECR) for our Docker images.

Prerequisites

AWS Account with EC2 instance running
EC2 instance with AWS CLI installed
GitLab Runner installed and registered
Docker installed on EC2
Basic understanding of Docker, Docker Compose, GitLab CI/CD

Step-by-Step Guide

1. Updating volumes for GitLab Runner

Before we can use Docker commands in our pipeline, we need to update our GitLab Runner configuration:

sudo vi /etc/gitlab-runner/config.toml

shell

Add the volumes configuration:

[[runners]]
  executor = "docker"
  [runners.docker]
    volumes = ["/var/run/docker.sock:/var/run/docker.sock"]

toml

Restart GitLab Runner:

sudo systemctl restart gitlab-runner

shell

2. Creating IAM Role for EC2

Go to IAM Console > Roles > Create role
Select AWS service as trusted entity
Select EC2 as use case
Add AmazonEC2ContainerRegistryFullAccess as permissions
Name EC2ECRAccess
Review and create

3. Attaching IAM Role to EC2

4. 🔐 Setting Up GitLab CI/CD Variables

Accessing GitLab CI/CD Variables section

Required variables: AWS_REGION, DIRECTORY_APP, EC2_HOST, EC2_USER, ECR_REPOSITORY_URL, SSH_PRIVATE_KEY

5. 📦 Creating ECR Repository

ECR Repository creation — Creating ECR repository for our Docker images

6. 🚀 Pipeline in Action

Build Stage Logs — Docker build and push to ECR successful

Deploy Stage Logs — Successful deployment to EC2

GitLab Pipeline Overview — Successful pipeline run showing build and deploy stages

Learning Journey Highlights

IAM Configuration

Role creation and policies for ECR access
EC2 role attachment
Permission management

GitLab CI/CD Setup

Variable management
Masking sensitive data
Environment configuration

ECR Configuration

Repository creation
Access management
Authentication setup

Resources

Next Steps: Security Improvements

Replacing SSH keys with IAM roles and AWS Systems Manager
Using AWS Secrets Manager or Parameter Store for sensitive credentials

GITLAB CI/CD: BUILD AND PUSH DOCKER TO AWS ECR

FEB 17, 2025•15 MIN READ

AWS ECR GitLab CI/CD Docker IAM

After setting up our development tools, the next crucial step is configuring our CI/CD pipeline. In this post, we'll use several AWS services:

Amazon ECR (Elastic Container Registry)

Fully managed container registry
Secure storage for Docker images
Integrates seamlessly with IAM

IAM (Identity and Access Management)

Manages EC2 permissions to ECR
Secures registry access
Follows principle of least privilege

I'll share how to securely manage AWS credentials in GitLab and set up Amazon Elastic Container Registry (ECR) for our Docker images.

Prerequisites

AWS Account with EC2 instance running
EC2 instance with AWS CLI installed
GitLab Runner installed and registered
Docker installed on EC2
Basic understanding of Docker, Docker Compose, GitLab CI/CD

Step-by-Step Guide

1. Updating volumes for GitLab Runner

Before we can use Docker commands in our pipeline, we need to update our GitLab Runner configuration:

sudo vi /etc/gitlab-runner/config.toml

shell

Add the volumes configuration:

[[runners]]
  executor = "docker"
  [runners.docker]
    volumes = ["/var/run/docker.sock:/var/run/docker.sock"]

toml

Restart GitLab Runner:

sudo systemctl restart gitlab-runner

shell

2. Creating IAM Role for EC2

Go to IAM Console > Roles > Create role
Select AWS service as trusted entity
Select EC2 as use case
Add AmazonEC2ContainerRegistryFullAccess as permissions
Name EC2ECRAccess
Review and create

3. Attaching IAM Role to EC2

4. 🔐 Setting Up GitLab CI/CD Variables

Required variables: AWS_REGION, DIRECTORY_APP, EC2_HOST, EC2_USER, ECR_REPOSITORY_URL, SSH_PRIVATE_KEY

5. 📦 Creating ECR Repository

6. 🚀 Pipeline in Action

Learning Journey Highlights

IAM Configuration

Role creation and policies for ECR access
EC2 role attachment
Permission management

GitLab CI/CD Setup

Variable management
Masking sensitive data
Environment configuration

ECR Configuration

Repository creation
Access management
Authentication setup

Resources

Next Steps: Security Improvements

Replacing SSH keys with IAM roles and AWS Systems Manager
Using AWS Secrets Manager or Parameter Store for sensitive credentials

INSTALL GITLAB RUNNER ON EC2 WITH DOCKER (STEP-BY-STEP)

10 MIN READ

AWS S3 WITH GITLAB CI/CD: SYNC DEPLOYMENT FILES

10 MIN READ

DOCKER LAYER CACHING: SPEED UP GITLAB CI/CD BUILDS

12 MIN READ

GITLAB CI/CD: BUILD AND PUSH DOCKER TO AWS ECR

Prerequisites

Step-by-Step Guide

1. Updating volumes for GitLab Runner

2. Creating IAM Role for EC2

3. Attaching IAM Role to EC2

4. 🔐 Setting Up GitLab CI/CD Variables

5. 📦 Creating ECR Repository

6. 🚀 Pipeline in Action

Learning Journey Highlights

IAM Configuration

GitLab CI/CD Setup

ECR Configuration

Resources

Next Steps: Security Improvements

Related Posts

INSTALL GITLAB RUNNER ON EC2 WITH DOCKER (STEP-BY-STEP)

AWS S3 WITH GITLAB CI/CD: SYNC DEPLOYMENT FILES

DOCKER LAYER CACHING: SPEED UP GITLAB CI/CD BUILDS

GITLAB CI/CD: BUILD AND PUSH DOCKER TO AWS ECR

Prerequisites

Step-by-Step Guide

1. Updating volumes for GitLab Runner

2. Creating IAM Role for EC2

3. Attaching IAM Role to EC2

4. 🔐 Setting Up GitLab CI/CD Variables

5. 📦 Creating ECR Repository

6. 🚀 Pipeline in Action

Learning Journey Highlights

IAM Configuration

GitLab CI/CD Setup

ECR Configuration

Resources

Next Steps: Security Improvements

Related Posts

INSTALL GITLAB RUNNER ON EC2 WITH DOCKER (STEP-BY-STEP)

AWS S3 WITH GITLAB CI/CD: SYNC DEPLOYMENT FILES

DOCKER LAYER CACHING: SPEED UP GITLAB CI/CD BUILDS