From 2a88cc74bfaafe1357385b9993f3e87f386c32b0 Mon Sep 17 00:00:00 2001 From: Trenton H <797416+stumpylog@users.noreply.github.com> Date: Wed, 26 Apr 2023 03:50:31 -0700 Subject: [PATCH] chore(ci): Implement a cleanup of Docker images (#2302) This adds a workflow to clean containers when the pull request closes and remove untagged images generated as tags are updated --- .github/workflows/docker-cleanup.yml | 77 ++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 .github/workflows/docker-cleanup.yml diff --git a/.github/workflows/docker-cleanup.yml b/.github/workflows/docker-cleanup.yml new file mode 100644 index 0000000000..f0a6ea4398 --- /dev/null +++ b/.github/workflows/docker-cleanup.yml @@ -0,0 +1,77 @@ +# This workflow runs on certain conditions to check for and potentially +# delete container images from the GHCR which no longer have an associated +# code branch. +# Requires a PAT with the correct scope set in the secrets. +# +# This workflow will not trigger runs on forked repos. + +name: Cleanup Old Docker Images + +on: + pull_request: + types: + - "closed" + push: + paths: + - ".github/workflows/docker-cleanup.yml" + +concurrency: + group: registry-tags-cleanup + cancel-in-progress: false + +jobs: + cleanup-images: + name: Cleanup Stale Images Tags for ${{ matrix.primary-name }} + runs-on: ubuntu-22.04 + strategy: + fail-fast: false + matrix: + include: + - primary-name: "immich-server" + - primary-name: "immich-machine-learning" + - primary-name: "immich-web" + - primary-name: "immich-proxy" + env: + # Requires a personal access token with the OAuth scope delete:packages + TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }} + steps: + - + name: Clean temporary images + if: "${{ env.TOKEN != '' }}" + uses: stumpylog/image-cleaner-action/ephemeral@develop + with: + token: "${{ env.TOKEN }}" + owner: "immich-app" + is_org: "true" + package_name: "${{ matrix.primary-name }}" + scheme: "pull_request" + repo_name: "immich" + match_regex: '^pr-(\d+)$|^(\d+)$' + + cleanup-untagged-images: + name: Cleanup Untagged Images Tags for ${{ matrix.primary-name }} + runs-on: ubuntu-22.04 + needs: + - cleanup-images + strategy: + fail-fast: false + matrix: + include: + - primary-name: "immich-server" + - primary-name: "immich-machine-learning" + - primary-name: "immich-web" + - primary-name: "immich-proxy" + - primary-name: "immich-build-cache" + env: + # Requires a personal access token with the OAuth scope delete:packages + TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }} + steps: + - + name: Clean untagged images + if: "${{ env.TOKEN != '' }}" + uses: stumpylog/image-cleaner-action/untagged@develop + with: + token: "${{ env.TOKEN }}" + owner: "immich-app" + is_org: "true" + package_name: "${{ matrix.primary-name }}"