Skip to main content
In this tutorial, we’ll enhance our GitHub Actions workflow to build, test, and publish a Docker image to Docker Hub. You’ll learn how to use Docker Buildx for multi-platform builds, run live container tests, and manage credentials securely for a robust CI/CD pipeline.

1. Build and Test the Docker Image

First, we compile the image locally without pushing it, then spin up a container to validate the /live endpoint.
Tagging images with the Git SHA ensures traceability. Use ${{ github.sha }} for an immutable reference.
jobs:
  build-and-test:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Docker Build for Testing
        uses: docker/build-push-action@v4
        with:
          context: .
          push: false
          tags: ${{ vars.DOCKERHUB_USERNAME }}/solar-system:${{ github.sha }}

      - name: Docker Image Testing
        env:
          MONGO_URI: ${{ secrets.MONGO_URI }}
          MONGO_USERNAME: ${{ secrets.MONGO_USERNAME }}
          MONGO_PASSWORD: ${{ secrets.MONGO_PASSWORD }}
        run: |
          # List local images
          docker images

          # Run container for testing
          docker run --name solar-system-app -d \
            -p 3000:3000 \
            -e MONGO_URI="$MONGO_URI" \
            -e MONGO_USERNAME="$MONGO_USERNAME" \
            -e MONGO_PASSWORD="$MONGO_PASSWORD" \
            ${{ vars.DOCKERHUB_USERNAME }}/solar-system:${{ github.sha }}

          # Extract container IP and test the live endpoint
          IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' solar-system-app)
          echo "Container IP: $IP"

          echo "Testing Image URL using wget"
          wget -q -O - "http://$IP:3000/live" | grep live

2. Push the Docker Image to Docker Hub

Once tests pass, rebuild (with cache reuse) and push the image in a dedicated job. 
  push-image:
    needs: build-and-test
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Log in to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ vars.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Docker Build and Push
        uses: docker/build-push-action@v4
        with:
          context: .
          push: true
          tags: ${{ vars.DOCKERHUB_USERNAME }}/solar-system:${{ github.sha }}
Ensure your DOCKERHUB_TOKEN is stored as a GitHub repository secret to prevent credential leaks.

3. Inspecting the Workflow Logs

During the push step, the logs will indicate cache reuse and the push command: 
/usr/bin/docker buildx build \
  --iidfile /tmp/docker-actions-toolkit/iidfile \
  --tag siddharth67/solar-system:e8095fb98a5b01249540a95eaf3a9c371c274430 \
  --push .
The build-push-action automatically leverages layers from the testing job to speed up the push.

4. Verifying on Docker Hub

After completion, navigate to your Docker Hub repository. You should find a new tag matching the commit SHA, for example: 
siddharth67/solar-system:e8095fb98a5b01249540a95eaf3a9c371c274430
This confirms that your GitHub Actions workflow has successfully built, tested, and published your image.

Job Summary

Job NamePurposeKey Steps
build-and-testBuild image & run live testsCheckout, Buildx setup, build, run container
push-imagePublish image to Docker HubCheckout, Buildx setup, login, build & push

Watch Video