-
Notifications
You must be signed in to change notification settings - Fork 20
93 lines (90 loc) · 3.77 KB
/
images_cleanup.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
name: 'Clean up containers from GHR'
on:
pull_request:
types: [closed]
workflow_dispatch:
env:
NS8_MODULES: "core redis rsync restic rclone"
jobs:
ns8:
name: Find NS8 cluster informations
runs-on: ubuntu-latest
outputs:
modules: ${{ steps.modules.outputs.list }}
tag: ${{ steps.tag.outputs.name }}
gh_user: ${{ steps.gh_user.outputs.name }}
gh_user_or_org: ${{ steps.gh_user_or_org.outputs.value }}
steps:
- id: gh_user
name: "Retrieve user or organization name"
run: |
echo "name=$(dirname ${GITHUB_REPOSITORY} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
- id: gh_user_or_org
name: "Check if repo owner is a user or an organization"
run: |
resp=$(curl -s -H "Accept: application/vnd.github.v3+json" \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/orgs/${{ steps.outputs.gh_user.name }}" \
| jq '.message == "Not Found"' )
if [ "${resp}" == "true" ]; then
echo "value=users" >> $GITHUB_OUTPUT
else
echo "value=orgs" >> $GITHUB_OUTPUT
fi
- id: tag
name: "Retrieve the name of the containers tag"
run: |
if [ "${{ github.event_name }}" = "pull_request" ]
then
tag=${{ github.head_ref }}
else
tag="${{ github.ref_name }}"
fi
echo "name=${tag}" >> $GITHUB_OUTPUT
- id: modules
name: "Retrieve the list of the PR's containers"
run: |
modules_list='[]'
for module in ${NS8_MODULES}
do
res=$(podman search --limit 150 --list-tags --format json ghcr.io/${{ steps.gh_user.outputs.name }}/${module} | jq 'any(.[].Tags[]; . == "${{ steps.tag.outputs.name }}")')
if [ "$res" = "true" ]
then
modules_list=$(echo "${modules_list}" | jq -c --arg m ${module} ' . + [$m]')
fi
done
echo "list=${modules_list}" >> $GITHUB_OUTPUT
purge-image:
needs: ns8
if: ${{ needs.ns8.outputs.modules != '[]' }}
strategy:
fail-fast: false
matrix:
module: ${{ fromJSON(needs.ns8.outputs.modules) }}
name: Remove tag from ghcr.io
runs-on: ubuntu-latest
steps:
- run: |
#Check if there is more than one page
headers=$(curl -Isf -D - -o /dev/null -H "Accept: application/vnd.github.v3+json" \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"${base_url}?per_page=100")
last_page=$(echo "$headers" | grep '^link:' | sed -e 's/^link:.*page=//g' -e 's/>.*$//g')
last_page=${last_page:-1}
#Loop trough the versions list
for i in $(seq 1 $last_page); do
# check if the tag is present
id=$(curl -f -s -H "Accept: application/vnd.github.v3+json" \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"${base_url}?per_page=100&page=${i}" \
| jq '.[] | select(.metadata.container.tags[] | index("${{ needs.ns8.outputs.tag }}")) | .id')
if [ "${id}" != "" ]; then
#Remove the package version associate to the tag
curl -f -v -H "Accept: application/vnd.github.v3+json" \
-H "Authorization: token ${{ secrets.IMAGES_CLEANUP_TOKEN }}" \
-X DELETE "${base_url}/${id}"
exit 0
fi
done
env:
base_url: "https://api.github.com/${{ needs.ns8.outputs.gh_user_or_org }}/${{ needs.ns8.outputs.gh_user }}/packages/container/${{ matrix.module }}/versions"