Add org-wide maintenance workflows

jellyfin-archive · ferferga · Sep 8, 2021 · Sep 8, 2021 · Sep 8, 2021 · Nov 1, 2021
commit debd3c4a3db134fbc6e15c322770b127246c3204
diff --git a/.github/workflows/maintenance.yml b/.github/workflows/maintenance.yml
@@ -0,0 +1,113 @@
+name: Org-wide maintenance 🧰
+
+on:
+  schedule:
+    - cron: "0 0 * * *"
+  workflow_dispatch:
+
+jobs:
+  workflow_removal:
+    runs-on: ubuntu-latest
+    name: Workflow cleanup 🧹👷‍♂️
+    # Errors will probably be caused by excesses in API quota, so we can safely continue.
+    # Remaining workflows will be removed in the next scheduled run.
+    continue-on-error: true 
+    strategy:
+      fail-fast: false
+      matrix:
+        repo:
+          - 'jellyfin/jellyfin'
+          - 'jellyfin/jellyfin-web'
+          - 'jellyfin/jellyfin-androidtv'
+          - 'jellyfin/jellyfin-android'
+          - 'jellyfin/jellyfin-chromecast'
+          - 'jellyfin/jellyfin-sdk-csharp'
+          - 'jellyfin/jellyfin-sdk-kotlin'
+          - 'jellyfin/jellyfin-sdk-swift'
+          - 'jellyfin/jellyfin-client-axios'
+          - 'jellyfin/jellyfin-roku'
+          - 'jellyfin/jellyfin-vue'
+          - 'jellyfin/jellyfin-webos'
+          - 'jellyfin/jellyfin-plugin-anilist'
+          - 'jellyfin/jellyfin-plugin-anisearch'
+          - 'jellyfin/jellyfin-plugin-artwork'
+          - 'jellyfin/jellyfin-plugin-anidb'
+          - 'jellyfin/jellyfin-plugin-webhook'
+          - 'jellyfin/jellyfin-plugin-tvmaze'
+          - 'jellyfin/jellyfin-plugin-ldpauth'
+          - 'jellyfin/jellyfin-plugin-tvdb'
+          - 'jellyfin/jellyfin-plugin-fanart'
+          - 'jellyfin/jellyfin-plugin-tvheadend'
+          - 'jellyfin/jellyfin-plugin-bookshelf'
+          - 'jellyfin/jellyfin-plugin-opensubtitles'
+          - 'jellyfin/jellyfin-plugin-covertartarchive'
+          - 'jellyfin/jellyfin-plugin-kodisyncqueue'
+          - 'jellyfin/jellyfin-plugin-nextpvr'
+          - 'jellyfin/jellyfin-plugin-playbackreporting'
+          - 'jellyfin/jellyfin-plugin-musicbrainz'
+          - 'jellyfin/jellyfin-plugin-trakt'
+          - 'jellyfin/jellyfin-plugin-reports'
+          - 'jellyfin/jellyfin-plugin-autoorganize'
+          - 'jellyfin/jellyfin-plugin-tmdb'
+          - 'jellyfin/jellyfin-plugin-omdb'
+          - 'jellyfin/jellyfin-plugin-kitsu'
+          - 'jellyfin/jellyfin-plugin-tmdbboxsets'
+          - 'jellyfin/jellyfin-plugin-template'
+          - 'jellyfin/jellyfin-meta-plugins'
+          - 'jellyfin/jellyfin-media-player'
+          - 'jellyfin/jellyfin-mpv-shim'
+          - 'jellyfin/jellyfin-expo'
+          - 'jellyfin/jellyfin-meta'
+          - 'jellyfin/jellyfin-artwork'
+          - 'jellyfin/jellyfin.org'
+          - 'jellyfin/jellyfin-docs'
+          - 'jellyfin/jellyfin-kodi'
+          - 'jellyfin/jellyfin-metapackages'
+          - 'jellyfin/jellyfin-ffmpeg'
+          - 'jellyfin/Swiftfin'
+          - 'jellyfin/jellyfin-apiclient-javascript'
+          - 'jellyfin/jellyfin-exoplayer-ffmpeg-extension'
+          - 'jellyfin/Jellyfin.XmlTv'
+          - 'jellyfin/JavascriptSubtitlesOctopus'
+
+    steps:
+      - name: Clone repository
+        uses: actions/[email protected]
+
+      - name: Set correct permissions
+        run: chmod +x delete_workflows.sh
+        working-directory: ./maintenance
+
+      - name: Run deletion script 🗑
+        run: ./delete_workflows.sh ${{ matrix.repo }}
+        working-directory: ./maintenance
+        env:
+          GITHUB_TOKEN: ${{ secrets.JF_BOT_TOKEN }}
+
+  dangling_images_removal:
+    runs-on: ubuntu-latest
+    name: Cleanup dangling images from GHCR 🧹📦
+    # Errors will probably be caused by excesses in API quota, so we can safely continue.
+    # Remaining workflows will be removed in the next scheduled run.
+    continue-on-error: true
+    # Pay attention that the org name is not necessary here, as gh will automatically take the one from the logged in user.
+    strategy:
+      fail-fast: false
+      matrix:
+        container:
+          - 'jellyfin'
+          - 'jellyfin-vue'
+
+    steps:
+      - name: Clone repository
+        uses: actions/[email protected]
+
+      - name: Set correct permissions
+        run: chmod +x delete_ghcr_dangling_images.sh
+        working-directory: ./maintenance
+
+      - name: Run deletion script 🗑
+        run: ./delete_ghcr_dangling_images.sh ${{ matrix.container }}
+        working-directory: ./maintenance
+        env:
+          GITHUB_TOKEN: ${{ secrets.JF_BOT_TOKEN }}
diff --git a/maintenance/delete_ghcr_dangling_images.sh b/maintenance/delete_ghcr_dangling_images.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+
+# Simple script to remove dangling images from GHCR
+# You need to be logged to 'gh' first.
+
+# package_name syntax. i.e: jellyfin-vue
+container="$1"
+temp_file="ghcr_prune.ids"
+rm -rf $temp_file
+
+echo "Fetching dangling images from GHCR..."
+gh api /user/packages/container/${container}/versions --paginate > $temp_file
+
+ids_to_delete=$(cat "$temp_file" | jq -r '.[] | select(.metadata.container.tags==[]) | .id')
+
+if [ "${ids_to_delete}" = "" ]
+then
+	echo "There are no dangling images to remove for this package"
+	exit 0
+fi
+
+echo -e "\nDeleting dangling images..."
+while read -r line; do
+	id="$line"
+	## Workaround for https://github.com/cli/cli/issues/4286 and https://github.com/cli/cli/issues/3937
+	echo -n | gh api --method DELETE /user/packages/container/${container}/versions/${id} --input -
+	echo Dangling image with ID $id deleted successfully
+done <<< $ids_to_delete
+
+rm -rf $temp_file
+echo -e "\nAll the dangling images have been removed successfully"
+exit 0
diff --git a/maintenance/delete_workflows.sh b/maintenance/delete_workflows.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+set -e
+
+# Simple script to remove workflows that are not successful or failed (with completion status like skipped, cancelled, etc.)
+# It also removes successful or failed workflows that doesn't have artifacts or logs.
+# You need to be logged to 'gh' first
+
+# owner/repo syntax
+repo="$1"
+
+temp_file="workflow_runs.payload"
+rm -rf $temp_file
+
+echo "Fetching workflows..."
+echo $(gh api /repos/${repo}/actions/runs --paginate | jq '{count: .total_count, runs: [.workflow_runs[] | select(.status=="completed") | {id, conclusion}]}') | jq '.' > $temp_file
+
+ids_to_delete=$(cat "$temp_file" | jq -r '.runs | .[] | select((.conclusion!="success") and (.conclusion!="failure")) | .id')
+
+if [ "${ids_to_delete}" = "" ]
+then
+	echo "All workflows are exited successfully or failed. Nothing to remove"
+else
+	echo "Removing all the workflows that are not successful or failed..."
+	while read -r line; do
+		id="$line"
+		## Workaround for https://github.com/cli/cli/issues/4286 and https://github.com/cli/cli/issues/3937
+		echo -n | gh api --method DELETE /repos/${repo}/actions/runs/${id} --input -
+
+		echo "Stale workflow run with ID $id deleted successfully!"
+	done <<< $ids_to_delete
+fi
+
+ids_to_delete=$(cat "$temp_file" | jq -r '.runs | .[] | select((.conclusion=="success") or (.conclusion=="failure")) | .id')
+
+if [ "${ids_to_delete}" = "" ]
+then
+	echo "No workflows to check for logs or artifacts. Exiting..."
+else
+	echo -e "\nDeleting workflows without logs and artifacts..."
+	while read -r line; do
+		id="$line"
+		artifact_count=$(gh api /repos/${repo}/actions/runs/${id}/artifacts | jq -r '.total_count')
+		if [ "${artifact_count}" = "0" ]
+		then
+			gh api --silent /repos/${repo}/actions/runs/${id}/logs || \ 
+				echo -n | gh api --method DELETE /repos/${repo}/actions/runs/${id} --input - && \
+				echo "Workflow run without logs and artifacts with ID $id deleted successfully!"
+		fi
+	done <<< $ids_to_delete
+fi
+
+rm -rf $temp_file
+echo -e "\n\nFinished the workflow run cleaning process"
+exit 0