Script Valley
Docker: Complete Course
CI/CD with Docker and Container RegistriesLesson 6.1

Building Docker images in GitHub Actions CI pipelines

GitHub Actions workflow, docker/build-push-action, GITHUB_TOKEN, ghcr.io, build caching in CI, on:push trigger, workflow_dispatch

Automating Image Builds on Every Commit

GitHub Actions Docker build and push pipeline

Manually building and pushing images is error-prone. A CI pipeline builds on every push, ensuring the registry always has a fresh image matching the current codebase.

Complete GitHub Actions Workflow

name: Build and Push Docker Image

on:
  push:
    branches: [main]

jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
      - uses: actions/checkout@v4

      - name: Log in to GHCR
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: ghcr.io/${{ github.repository }}:${{ github.sha }}

The image is tagged with the Git commit SHA — every image is traceable to the exact commit that produced it. secrets.GITHUB_TOKEN is automatically available in Actions with no configuration. The packages: write permission is required to push to GHCR.

Up next

Docker build cache in CI pipelines for faster builds

Sign in to track progress