Welcome back!

In our last post, we explored creating and deploying cryptographic keys in Azure Key Vault with Terraform. Now, we are shifting focus to Dev Containers, a practical way to standardise development environments and CI/CD workflows.

Today, we will cover how to build a Dev Container Dockerfile and push it to GitHub Container Registry (GHCR), making it reusable for automated pipelines.

If you are new to the series, check out my previous posts on infrastructure as code and automation in CI/CD workflows.

Why Use Dev Containers in CI/CD?

Dev Containers help create a consistent development environment with all required tools pre-installed. Instead of manually configuring dependencies, everything is defined in a Dockerfile, allowing teams to use the same setup across development and CI/CD.

For this example, our Dev Container includes:

• .NET for application development

• Terraform for infrastructure automation

• Azure CLI for cloud resource management

By packaging these tools inside a container, we ensure that every developer and CI/CD pipeline operates in an identical environment, reducing inconsistencies and debugging issues.

Automating the Process with GitHub Actions

To build and push the container, we use GitHub Actions, automating authentication, image building, and publishing to GHCR.

Defining the Workflow

1️⃣ Triggering the Workflow

The workflow is manually triggered using workflow_dispatch.

on:
  workflow_dispatch:

2️⃣ Setting Permissions

The workflow requires permissions to read repository contents and push containers to GHCR.

permissions:
  contents: read
  packages: write

Note: It’s important to set the correct permissions here so that the GITHUB_TOKEN used later has the ability to push to the packages registry.

3️⃣ Checking Out the Repository

The repository must be checked out so that the pipeline has access to the project files.

- name: Checkout repository
  uses: actions/checkout@v4

4️⃣ Setting Up Docker

GitHub Actions requires Docker Buildx for efficient multi-platform builds.

- name: Set up Docker Buildx
  uses: docker/setup-buildx-action@v3

5️⃣ Logging into GitHub Container Registry

Authentication is required to push the container to GHCR.

- name: Log in to the GitHub Container Registry
  uses: docker/login-action@v2
  with:
    registry: ghcr.io
    username: ${{ github.repository_owner }}
    password: ${{ secrets.GITHUB_TOKEN }}

Note: Since we are pushing to a GitHub Container Registry under my repository owner, I can use the built-in GITHUB_TOKEN. If you need to push to a registry under a different repository owner, you will need to generate, provide and store your own token manually.

6️⃣ Building and Pushing the Docker Image

The container is built and pushed to GHCR with a latest tag.

- name: Build and push Docker image
  uses: docker/build-push-action@v2
  with:
    context: ./.devcontainer
    file: ./.devcontainer/Dockerfile
    push: true
    tags: ghcr.io/${{ github.repository_owner }}/ci-cd-kv-sample:latest

Manually Running the Workflow in GitHub Actions

Since this workflow is triggered manually, you need to start it from GitHub Actions.

Running the Workflow Step-by-Step

1. Navigate to the repository on GitHub
Go to the Actions tab at the top of the repository page.

2. Select the workflow
Find Build and Push Dev Container in the list of workflows on the left-hand side.

3. Run the workflow
Click Run workflow. A dropdown will appear allowing you to manually start it.

4. Monitor the workflow execution
Once the workflow starts running, you can track its progress in real time. Each step, from checking out the repository to pushing the container, will be displayed.

5. Confirm successful completion
When all steps are completed, you should see a green checkmark indicating success.

Verifying the Published Dev Container

Once the workflow completes, verify that the container is available in GHCR:

✅ Navigate to GitHub → Repository → Packages
✅ Look for ci-cd-kv-sample
✅ Check the latest version and metadata

At this stage, we have a fully functional Dev Container that can be used in CI/CD pipelines or by developers locally.

Summary

So to summarise, today we have:

✔ Built and pushed a Dev Container to GitHub Container Registry
✔ Automated the process using GitHub Actions

Now that the container is built and published, the next step is to integrate it into a CI/CD pipeline. In the next post, we will explore how to use the Dev Container in GitHub Actions workflows.

If you found this useful, consider subscribing to follow along with the series. More on DevOps, cloud automation, and CI/CD best practices coming soon.

What DevOps topics would you like to see next? Let me know in the comments.