Deployment Credentials & Instructions

The Deployment tab in your environment details provides the tools and instructions needed to deploy new versions of your application. The deployment process varies depending on whether you’re using internal (private) or external (public) container images.

Understanding Image Types

Internal Images These are private container images stored in Quant Cloud’s managed ECR (Elastic Container Registry). Internal images require authentication to access and are ideal for proprietary applications or when you need full control over your container registry.

External Images These are publicly available images from registries like Docker Hub, or images from your own external private registries. External images are referenced directly by their public registry path (e.g., nginx:latest, node:18-alpine).

Note

The deployment instructions and tools provided in this tab are specifically designed for internal images hosted in Quant Cloud’s ECR. If you’re using external images, you simply update the image reference in your container configuration and redeploy.

ECR Authentication for Internal Images

When working with internal images, you need to authenticate with Quant Cloud’s ECR before you can push new image versions.

Getting ECR Login Credentials The Deployment tab provides a “Refresh ECR Login Command” button that generates temporary authentication credentials for your organization’s ECR. These credentials are:

• Temporary: Valid for approximately 11 hours from generation
• Organization-specific: Tied to your current organization context
• Automatically formatted: Provided as a ready-to-use docker login command

Using the Login Command

1. Click “Refresh ECR Login Command” to generate fresh credentials
2. Copy the provided docker login command
3. Run the command in your terminal where Docker is installed
4. Verify successful authentication with the “Login Succeeded” message

The interface shows the expiration time for your current credentials, so you know when to refresh them.

Container-Specific Deployment Instructions

Selecting Your Container Use the dropdown menu to select which container you want to deploy. The instructions will automatically adapt based on whether that container uses internal or external images.

Internal Image Deployment Workflow For containers configured with internal images, the tab provides a complete deployment workflow:

1. Build & Tag: Create and tag your Docker image locally

   docker tag YOUR_IMAGE:TAG ECR_REPOSITORY_URI:CONFIGURED_TAG

2. Authenticate: Use the ECR login command from the section above

3. Push: Upload your image to the ECR repository

   docker push ECR_REPOSITORY_URI:CONFIGURED_TAG

4. Redeploy: Click the “Redeploy” button to update your environment with the new image

The interface displays your current configured image identifier (e.g., php-latest) and provides the exact ECR repository URI for your application.

External Image Updates For containers using external images, the process is simpler:

1. Update the image identifier in your container configuration
2. Save the configuration changes
3. Click “Redeploy” to apply the new image

GitHub Actions Integration

Quant Cloud provides GitHub Actions to streamline ECR authentication and deployment in your CI/CD pipelines.

ECR Login Action

The quant-cloud-ecr-action automatically handles ECR authentication in your workflows:

- name: Get ECR Credentials
  uses: quantcdn/quant-cloud-ecr-action@v1
  id: ecr-login
  with:
    api_key: ${{ secrets.QUANT_API_KEY }}
    organization: your-org-name

- name: Login to ECR
  uses: docker/login-action@v3
  with:
    registry: ${{ steps.ecr-login.outputs.endpoint }}
    username: ${{ steps.ecr-login.outputs.username }}
    password: ${{ steps.ecr-login.outputs.password }}

Complete Build and Deploy Workflow

Here’s an example of a complete CI/CD workflow that builds, pushes, and deploys images:

name: Build and Push to Quant Cloud ECR

on:
  push:
    branches: [develop, master]
    tags: ['*']

jobs:
  build-and-push:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Determine image tag
        id: vars
        run: |
          if [[ $GITHUB_REF == refs/tags/* ]]; then
            echo "suffix=-${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
          elif [[ $GITHUB_REF == refs/heads/develop ]]; then
            echo "suffix=-staging" >> $GITHUB_OUTPUT
            echo "environment=staging" >> $GITHUB_OUTPUT
          elif [[ $GITHUB_REF == refs/heads/master ]]; then
            echo "suffix=-latest" >> $GITHUB_OUTPUT
            echo "environment=production" >> $GITHUB_OUTPUT
          fi

      - name: Get ECR Credentials
        uses: quantcdn/quant-cloud-ecr-action@v1
        id: ecr-login
        with:
          api_key: ${{ secrets.QUANT_API_KEY }}
          organization: your-org

      - name: Login to ECR
        uses: docker/login-action@v3
        with:
          registry: ${{ steps.ecr-login.outputs.endpoint }}
          username: ${{ steps.ecr-login.outputs.username }}
          password: ${{ steps.ecr-login.outputs.password }}

      - name: Build and push image
        uses: docker/build-push-action@v5
        with:
          context: .
          platforms: linux/arm64
          push: true
          tags: |
            ${{ steps.ecr-login.outputs.endpoint }}/your-org/your-app:web${{ steps.vars.outputs.suffix }}

      - name: Redeploy environment
        uses: quantcdn/quant-cloud-environment-state-action@v1
        with:
          api_key: ${{ secrets.QUANT_API_KEY }}
          organization: your-org
          application: your-app
          environment: ${{ steps.vars.outputs.environment }}
          action: redeploy

Tip

This workflow demonstrates best practices including ARM64 builds for cost optimization, environment-specific tagging based on git branches, and automatic redeployment after successful image pushes.

Best Practices

Image Tagging Strategy Use meaningful tags that correspond to your deployment strategy:

• latest for production releases
• staging for staging environment testing
• Version numbers for specific releases (e.g., v1.2.3)
• Branch names for feature development

Security Considerations

• Store API keys as GitHub secrets, never in your workflow files
• Use temporary ECR credentials rather than long-lived access keys
• Regularly rotate your Quant Cloud API keys

Workflow Optimization

• Build for ARM64 architecture when possible for better cost efficiency
• Use Docker layer caching to speed up builds
• Implement conditional deployments based on branch or tag patterns

Environment Management

• Use different image tags for different environments
• Automate staging deployments but require manual approval for production
• Monitor deployment status and implement rollback procedures

The Deployment tab centralizes all the information and tools needed for efficient container deployment, whether you’re working locally or setting up automated CI/CD pipelines.