From bdb392388cd64990b46e54453ab7b8019d2662ca Mon Sep 17 00:00:00 2001 From: Fernando Lucchesi Date: Fri, 17 Nov 2023 14:25:05 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20Improve=20docker=20image=20cleanup?= =?UTF-8?q?=20script=20(#1977)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * ⚗️ Experiment on dev #1770 * 🐛 Fix wrong image name #1770 * ⚗️ Experiment deleting old packages from dev #1770 * ⚗️ Experiment keeping 7 images #1770 * ⚗️ Experiment keep-at-least with skip-tags #1770 * ⚗️ Experiment with keep-at-least 1 #1770 * ✨ Run script every sunday at midnight #1770 * ✨ Replace script and always keep latest tags #1770 * 🚚 Rename filename #1770 --- .github/workflows/ghcr-cleanup.yaml | 40 ++++++++++++++------- .github/workflows/ghcr-cleanup_v2.yaml | 48 -------------------------- 2 files changed, 28 insertions(+), 60 deletions(-) delete mode 100644 .github/workflows/ghcr-cleanup_v2.yaml diff --git a/.github/workflows/ghcr-cleanup.yaml b/.github/workflows/ghcr-cleanup.yaml index 89b3eb361..889f11edc 100644 --- a/.github/workflows/ghcr-cleanup.yaml +++ b/.github/workflows/ghcr-cleanup.yaml @@ -1,10 +1,10 @@ -name: Delete old container images - +name: Delete old ghrc images on: workflow_dispatch: - # schedule: - # - cron: '0 0 * * *' # every day at midnight - + schedule: + - cron: '0 0 * * 0' # every sunday at midnight +permissions: + id-token: write jobs: clean-ghcr: name: Delete old unused container images @@ -12,18 +12,34 @@ jobs: env: SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} steps: - - name: Delete containers older than a week 🗑 + - name: Checkout internal 🛎️ + id: checkout-internal + uses: actions/checkout@v3 + with: + repository: 'equinor/energyvision-internal' + ref: main + token: ${{ secrets.PADMS_PAT }} + + - name: Get tags to keep from latest-prod-tags.json + id: get-tags + run: | + TAGS=$(jq -r '[.web + .studio | unique[]] | join(", ")' latest-prod-tags.json) + echo "TAGS_TO_KEEP=$TAGS" >> $GITHUB_ENV + echo "TAGS TO KEEP: $TAGS" + + - name: Clean up Docker images id: delete-containers - uses: snok/container-retention-policy@v1 + uses: snok/container-retention-policy@v2 with: - image-names: energyvision/web-global,energyvision/web-global-test,energyvision/web-germany,energyvision/web-brazil,energyvision/web-argentina,energyvision/web-poland,energyvision/web-equinorfunds,energyvision/web-japan,energyvision/web-production,energyvision/web,energyvision/web-global-development,energyvision/web-southkorea,energyvision/web-storage,energyvision/studio-germany,energyvision/studio-brazil,energyvision/studio-argentina,energyvision/studio-poland,energyvision/studio-equinorfunds,energyvision/studio-japan,energyvision/studio-storage,energyvision/studio-global-development,energyvision/studio-southkorea,energyvision/studio-global-test - #image-names: energyvision/web-global-development,energyvision/studio-global-development - cut-off: A week ago UTC + token: ${{ secrets.PADMS_PAT }} account-type: org org-name: Equinor + image-names: energyvision/* + cut-off: a week ago UTC keep-at-least: 5 - untagged-only: false - token: ${{ secrets.PADMS_PAT }} + skip-tags: ${{ env.TAGS_TO_KEEP }}, *-latest + # dry-run: true + - name: log-errors-to-slack 📄 uses: act10ns/slack@v2 with: diff --git a/.github/workflows/ghcr-cleanup_v2.yaml b/.github/workflows/ghcr-cleanup_v2.yaml deleted file mode 100644 index 15aa5c035..000000000 --- a/.github/workflows/ghcr-cleanup_v2.yaml +++ /dev/null @@ -1,48 +0,0 @@ -name: Delete old ghrc images -on: - workflow_dispatch: - schedule: - - cron: '0 0 * * *' # every day at midnight -permissions: - id-token: write -jobs: - clean-ghcr: - name: Delete old unused container images - runs-on: ubuntu-latest - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - steps: - - name: Checkout internal 🛎️ - id: checkout-internal - uses: actions/checkout@v3 - with: - repository: 'equinor/energyvision-internal' - ref: main - token: ${{ secrets.PADMS_PAT }} - - - name: Get tags to keep from output.json - id: get-tags - run: | - TAGS=$(jq -r '[.web + .studio | unique[]] | join(", ")' latest-prod-tags.json) - echo "TAGS_TO_KEEP=$TAGS" >> $GITHUB_ENV - echo "TAGS TO KEEP: $TAGS" - - - name: Clean up Docker images - id: delete-containers - uses: snok/container-retention-policy@v2 - with: - token: ${{ secrets.PADMS_PAT }} - account-type: org - org-name: Equinor - image-names: energyvision/equinor/web-global - cut-off: one day ago UTC+2 - keep-at-least: 5 - # skip-tags: ${{ env.TAGS_TO_KEEP }} - dry-run: true - - - name: log-errors-to-slack 📄 - uses: act10ns/slack@v2 - with: - status: ${{ job.status }} - steps: ${{ toJson(steps) }} - if: failure()