This action "correctly" deletes old (untagged) container images and the
corresponding attestations. It also handles the multi-arch images
correctly.
Signed-off-by: Felix Moessbauer <
felix.mo...@siemens.com>
---
This has been tested on
ghcr.io/fmoessbauer/kas and worked correctly there.
Nonetheless, I recommend to set the "dry-run" parameter to true before running
against the real kas registry. Also, I recommend to create a full backup of
the registry before running this action.
Best regards,
Felix
.github/workflows/next.yml | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/.github/workflows/next.yml b/.github/workflows/next.yml
index a26c782b2..869f3249c 100644
--- a/.github/workflows/next.yml
+++ b/.github/workflows/next.yml
@@ -120,3 +120,20 @@ jobs:
subject-name:
ghcr.io/${{ github.repository }}/${{ matrix.image-name }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
+
+ cleanup_ghcr_containers:
+ name: cleanup untagged ${{ matrix.image-name }} containers
+ runs-on: ubuntu-latest
+ needs: build_containers
+ permissions:
+ packages: write
+ strategy:
+ matrix:
+ image-name: ["kas", "kas-isar"]
+ steps:
+ - uses: dataaxiom/ghcr-clea...@v1.0.5
+ with:
+ dry-run: false
+ validate: true
+ package: kas/${{ matrix.image-name }}
+ token: ${{ secrets.GITHUB_TOKEN }}
--
2.39.2