|
| 1 | +name: Cleanup Container Packages |
| 2 | + |
| 3 | +on: |
| 4 | + workflow_call: |
| 5 | + inputs: |
| 6 | + RUNNER_WORKFLOW_LABEL: |
| 7 | + description: "The label of the runner workflow to run" |
| 8 | + required: false |
| 9 | + type: string |
| 10 | + default: "ubuntu-latest" |
| 11 | + CLEANUP_POLICY: |
| 12 | + description: "Retention mode: max_count or retention_days" |
| 13 | + required: false |
| 14 | + type: string |
| 15 | + default: "max_count" |
| 16 | + MAX_IMAGES_PER_INSTANCE: |
| 17 | + description: "Used with max_count: max number of images to keep per instance" |
| 18 | + required: false |
| 19 | + type: number |
| 20 | + default: 5 |
| 21 | + RETENTION_DAYS: |
| 22 | + description: "Used with retention_days: delete images older than this many days" |
| 23 | + required: false |
| 24 | + type: number |
| 25 | + default: 30 |
| 26 | + PACKAGE_SUFFIXES_JSON: |
| 27 | + description: 'JSON array of package name suffixes (GHCR package is "<repo>/<suffix>")' |
| 28 | + required: false |
| 29 | + type: string |
| 30 | + default: '["openedx","mfe"]' |
| 31 | + INSTANCE_MARKER_FILE: |
| 32 | + description: "Only directories with this marker file are treated as instances" |
| 33 | + required: false |
| 34 | + type: string |
| 35 | + default: "config.yml" |
| 36 | + HASH_LENGTH: |
| 37 | + description: "Expected random hash length in image tags" |
| 38 | + required: false |
| 39 | + type: number |
| 40 | + default: 8 |
| 41 | + DRY_RUN: |
| 42 | + description: "Print deletions without deleting versions" |
| 43 | + required: false |
| 44 | + type: boolean |
| 45 | + default: false |
| 46 | + |
| 47 | +jobs: |
| 48 | + cleanup: |
| 49 | + name: Cleanup ${{ matrix.package_suffix }} |
| 50 | + runs-on: ${{ inputs.RUNNER_WORKFLOW_LABEL }} |
| 51 | + permissions: |
| 52 | + contents: read |
| 53 | + packages: write |
| 54 | + strategy: |
| 55 | + fail-fast: false |
| 56 | + matrix: |
| 57 | + package_suffix: ${{ fromJSON(inputs.PACKAGE_SUFFIXES_JSON) }} |
| 58 | + steps: |
| 59 | + - name: Checkout repository |
| 60 | + uses: actions/checkout@v4 |
| 61 | + |
| 62 | + - name: Resolve workflow scripts source |
| 63 | + id: workflow_scripts_source |
| 64 | + shell: bash |
| 65 | + run: | |
| 66 | + set -euo pipefail |
| 67 | + workflow_ref="${{ github.workflow_ref }}" |
| 68 | + repo="${workflow_ref%%/.github/workflows/*}" |
| 69 | + ref="${workflow_ref##*@}" |
| 70 | + echo "repo=${repo}" >> "${GITHUB_OUTPUT}" |
| 71 | + echo "ref=${ref}" >> "${GITHUB_OUTPUT}" |
| 72 | +
|
| 73 | + - name: Checkout workflow scripts |
| 74 | + uses: actions/checkout@v4 |
| 75 | + with: |
| 76 | + repository: ${{ steps.workflow_scripts_source.outputs.repo }} |
| 77 | + ref: ${{ steps.workflow_scripts_source.outputs.ref }} |
| 78 | + path: workflow-scripts |
| 79 | + |
| 80 | + - name: Setup Python |
| 81 | + uses: actions/setup-python@v5 |
| 82 | + with: |
| 83 | + python-version: "3.12" |
| 84 | + |
| 85 | + - name: Cleanup registry |
| 86 | + shell: bash |
| 87 | + env: |
| 88 | + GITHUB_TOKEN: ${{ github.token }} |
| 89 | + # TODO: add a suffix to the tag name "/${{ matrix.package_suffix }}", |
| 90 | + # so that we can do granular cleanup of multiple packages from the |
| 91 | + # same repository. Right now this is not possible due to the way the |
| 92 | + # images are tagged. |
| 93 | + PACKAGE_NAME: ${{ github.event.repository.name }} |
| 94 | + CLEANUP_POLICY: ${{ inputs.CLEANUP_POLICY }} |
| 95 | + MAX_IMAGES_PER_INSTANCE: ${{ inputs.MAX_IMAGES_PER_INSTANCE }} |
| 96 | + RETENTION_DAYS: ${{ inputs.RETENTION_DAYS }} |
| 97 | + INSTANCE_MARKER_FILE: ${{ inputs.INSTANCE_MARKER_FILE }} |
| 98 | + HASH_LENGTH: ${{ inputs.HASH_LENGTH }} |
| 99 | + DRY_RUN: ${{ inputs.DRY_RUN }} |
| 100 | + run: | |
| 101 | + set -euo pipefail |
| 102 | + args=( |
| 103 | + --package-name "${PACKAGE_NAME}" |
| 104 | + --instances-root "instances" |
| 105 | + --instance-marker-file "${INSTANCE_MARKER_FILE}" |
| 106 | + --hash-length "${HASH_LENGTH}" |
| 107 | + ) |
| 108 | +
|
| 109 | + if [ "${DRY_RUN}" = "true" ]; then |
| 110 | + args+=(--dry-run) |
| 111 | + fi |
| 112 | +
|
| 113 | + case "${CLEANUP_POLICY}" in |
| 114 | + max_count) |
| 115 | + args+=(--max-per-instance "${MAX_IMAGES_PER_INSTANCE}") |
| 116 | + ;; |
| 117 | + retention_days) |
| 118 | + args+=(--retention-days "${RETENTION_DAYS}") |
| 119 | + ;; |
| 120 | + *) |
| 121 | + echo "Invalid CLEANUP_POLICY: ${CLEANUP_POLICY}. Expected max_count or retention_days." |
| 122 | + exit 1 |
| 123 | + ;; |
| 124 | + esac |
| 125 | +
|
| 126 | + python "workflow-scripts/.github/workflows/scripts/cleanup_ghcr_instance_images.py" "${args[@]}" |
0 commit comments