Push, Cache, Repeat: Amazon ECR as a remote Docker cache for GitHub Actions
This is a follow-up to our previous blog post on Docker layer caching for GitHub Actions. In the previous post, we used a registry cache to store cached artifacts in a docker registry. We recently had a call with a customer where we helped them set up a remote cache with AWS ECR, and we decided to share our learnings. A Docker image is composed of various layers. During a Docker build, each layer is built one after the other. If a layer doesn’t change between builds, having a cache helps retrieve an already built and unchanged layer - this can drastically speed up your build. Ideally, you want to store these cached layers in your runner building the Docker image. However, due to the ephemeral nature of these runners, this is not always possible when you’re using GitHub-hosted runners. A way to overcome this limitation is to store these cached layers in AWS ECR, separate from the built and pushed image. First, let’s look at how to do it plain and simple without the remote cache.
We are doing the usual steps of logging in to ECR and building and pushing the image to ECR using the docker/build-push-action@v5 action. The remote cache feature is not supported by default in Docker and requires you to use Docker Buildx, an advanced Docker build tool. You must set it up using docker/setup-buildx-action@v3 and create a builder instance. Once you’ve set it up, you need to populate the cache-to and cache-from parameters to the build command like this, as showcased in the official documentation from AWS on this feature.
