Skip to content

feat: implement better clean up strategy #926

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Ron (rjaegers) merged 10 commits into from
Sep 16, 2025
Merged

feat: implement better clean up strategy #926

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
e821f8d
feat: use different action to clean up PR images
rjaegers Sep 15, 2025
2129460
feat: add cron based clean-up of orphaned images
rjaegers Sep 15, 2025
3c9e501
chore: fix packages format
rjaegers Sep 15, 2025
dad97e2
chore: add amp-devcontainer image to clean-up
rjaegers Sep 15, 2025
4b57af0
chore: remove dry-run
rjaegers Sep 15, 2025
5eb7d9c
chore: delete untagged images
rjaegers Sep 15, 2025
c0e6f24
chore: remove dry-run
rjaegers Sep 15, 2025
960b799
chore: remove test code and prepare for merge
rjaegers Sep 16, 2025
7f9664f
Merge branch 'main' into feature/implement-better-clean-up-strategy
rjaegers Sep 16, 2025
b2ccc33
Merge branch 'main' into feature/implement-better-clean-up-strategy
rjaegers Sep 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 30 additions & 0 deletions .github/workflows/image-cleanup.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
---
name: Cleanup Images

on:
schedule:
- cron: "0 0 * * 3"
workflow_dispatch:

permissions: {}

jobs:
delete-images:
runs-on: ubuntu-latest
permissions:
# dataaxiom/ghcr-cleanup-action needs packages write permission
# to delete untagged and orphaned images
packages: write
steps:
- uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
ghcr.io:443
- uses: dataaxiom/ghcr-cleanup-action@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4 # v1.0.16
with:
delete-orphaned-images: true
delete-untagged: true
packages: amp-devcontainer,amp-devcontainer-cpp,amp-devcontainer-rust
19 changes: 3 additions & 16 deletions .github/workflows/pr-image-cleanup.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,33 +7,20 @@ on:

permissions: {}

env:
REGISTRY: ghcr.io

jobs:
delete-images:
runs-on: ubuntu-latest
strategy:
matrix:
flavor: ["cpp", "rust"]
permissions:
packages: write
steps:
- uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
with:
disable-sudo: true
egress-policy: audit
- uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: bots-house/ghcr-delete-image-action@3827559c68cb4dcdf54d813ea9853be6d468d3a4 # v1.1.0
- uses: dataaxiom/ghcr-cleanup-action@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4 # v1.0.16
with:
owner: ${{ github.repository_owner }}
name: ${{ github.event.repository.name }}-${{ matrix.flavor }}
token: ${{ secrets.GITHUB_TOKEN }}
tag: pr-${{ github.event.pull_request.number }}
delete-tags: pr-${{ github.event.pull_request.number }}
packages: amp-devcontainer,amp-devcontainer-cpp,amp-devcontainer-rust
cleanup-cache:
runs-on: ubuntu-latest
permissions:
Expand Down
Loading