[PATCH 1/1] ci: delete old container images
1 view
Skip to first unread message
Felix Moessbauer
Jun 13, 2024, 9:01:09 AMJun 13
to kas-...@googlegroups.com, jan.k...@siemens.com, Felix Moessbauer
This action "correctly" deletes old (untagged) container images and the
corresponding attestations. It also handles the multi-arch images
correctly.
Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
---
This has been tested on ghcr.io/fmoessbauer/kas and worked correctly there.
Nonetheless, I recommend to set the "dry-run" parameter to true before running
against the real kas registry. Also, I recommend to create a full backup of
the registry before running this action.
Best regards,
Felix
.github/workflows/next.yml | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/.github/workflows/next.yml b/.github/workflows/next.yml
index a26c782b2..869f3249c 100644
--- a/.github/workflows/next.yml
+++ b/.github/workflows/next.yml
@@ -120,3 +120,20 @@ jobs:
subject-name: ghcr.io/${{ github.repository }}/${{ matrix.image-name }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
+
+ cleanup_ghcr_containers:
+ name: cleanup untagged ${{ matrix.image-name }} containers
+ runs-on: ubuntu-latest
+ needs: build_containers
+ permissions:
+ packages: write
+ strategy:
+ matrix:
+ image-name: ["kas", "kas-isar"]
+ steps:
+ - uses: dataaxiom/ghcr-clea...@v1.0.5
+ with:
+ dry-run: false
+ validate: true
+ package: kas/${{ matrix.image-name }}
+ token: ${{ secrets.GITHUB_TOKEN }}
--
2.39.2
corresponding attestations. It also handles the multi-arch images
correctly.
Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
---
This has been tested on ghcr.io/fmoessbauer/kas and worked correctly there.
Nonetheless, I recommend to set the "dry-run" parameter to true before running
against the real kas registry. Also, I recommend to create a full backup of
the registry before running this action.
Best regards,
Felix
.github/workflows/next.yml | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/.github/workflows/next.yml b/.github/workflows/next.yml
index a26c782b2..869f3249c 100644
--- a/.github/workflows/next.yml
+++ b/.github/workflows/next.yml
@@ -120,3 +120,20 @@ jobs:
subject-name: ghcr.io/${{ github.repository }}/${{ matrix.image-name }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
+
+ cleanup_ghcr_containers:
+ name: cleanup untagged ${{ matrix.image-name }} containers
+ runs-on: ubuntu-latest
+ needs: build_containers
+ permissions:
+ packages: write
+ strategy:
+ matrix:
+ image-name: ["kas", "kas-isar"]
+ steps:
+ - uses: dataaxiom/ghcr-clea...@v1.0.5
+ with:
+ dry-run: false
+ validate: true
+ package: kas/${{ matrix.image-name }}
+ token: ${{ secrets.GITHUB_TOKEN }}
--
2.39.2
Jan Kiszka
Jun 13, 2024, 12:41:24 PMJun 13
to Felix Moessbauer, kas-...@googlegroups.com
On 13.06.24 15:00, Felix Moessbauer wrote:
> This action "correctly" deletes old (untagged) container images and the
> corresponding attestations. It also handles the multi-arch images
> correctly.
>
> Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
> ---
> This has been tested on ghcr.io/fmoessbauer/kas and worked correctly there.
> Nonetheless, I recommend to set the "dry-run" parameter to true before running
> against the real kas registry. Also, I recommend to create a full backup of
> the registry before running this action.
>
Yeah, I have some instruction by Silvano in my backlog that I can use to
> This action "correctly" deletes old (untagged) container images and the
> corresponding attestations. It also handles the multi-arch images
> correctly.
>
> Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
> ---
> This has been tested on ghcr.io/fmoessbauer/kas and worked correctly there.
> Nonetheless, I recommend to set the "dry-run" parameter to true before running
> against the real kas registry. Also, I recommend to create a full backup of
> the registry before running this action.
>
backup our packages first into a separate namespace. Will do and only
then try this. But that may take a bit time. Thanks nevertheless already.
Jan
Linux Expert Center
Reply all
Reply to author
Forward
0 new messages