Skip to content
Cleanup old images in Test, Staging & Prod ACRs

Cleanup old images in Test, Staging & Prod ACRs #274

Sign in to view logs

Cleanup old images in Test, Staging & Prod ACRs

Cleanup old images in Test, Staging & Prod ACRs #274

Workflow file for this run

.github/workflows/cleanup_old_images.yaml at 06e5df5
name: Cleanup old images in Test, Staging & Prod ACRs
on:
schedule:
- cron: "0 0 * * *" # Runs daily at midnight UTC
jobs:
Cleanup_old_ACR_images:
runs-on: ubuntu-latest
steps:
- name: "Check out changes"
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b
- name: Connect to VPN & Login into Azure
uses: ./.github/actions/vpn-azure
with:
tls-key: ${{ secrets.TLS_KEY }}
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
- name: List test repository images
id: list-test-images
run: |
az acr login --name pdhtestcontainerregistry
az acr repository show-tags --name pdhtestcontainerregistry --repository pdhtest --orderby time_asc --output table | head -n -2 > test-images.txt
sed -i '1,2d' test-images.txt
- name: Delete old images in TEST env
env:
IMAGE_FILE: test-images.txt
run: |
if [ -e "$IMAGE_FILE" ]; then
while IFS= read -r image_id; do
az acr repository delete --name pdhtestcontainerregistry --image pdhtest:$image_id --yes
if [ $? -eq 0 ]; then
echo "Deleted image: pdhtestcontainerregistry:$image_id"
else
echo "Failed to delete image: pdhtestcontainerregistry:$image_id"
fi
done < "$IMAGE_FILE"
else
echo "File not found: $IMAGE_FILE"
fi
- name: List staging repository images
id: list-stg-images
run: |
az acr login --name pdhstagingcontainerregistry
az acr repository show-tags --name pdhstagingcontainerregistry --repository pdhstaging --orderby time_asc --output table | head -n -2 > stg-images.txt
sed -i '1,2d' stg-images.txt
- name: Delete old images in Staging env
env:
STG_FILE: stg-images.txt
run: |
if [ -e "$STG_FILE" ]; then
while IFS= read -r image_id; do
az acr repository delete --name pdhstagingcontainerregistry --image pdhstaging:$image_id --yes
if [ $? -eq 0 ]; then
echo "Deleted image: pdhstagingcontainerregistry:$image_id"
else
echo "Failed to delete image: pdhstagingcontainerregistry:$image_id"
fi
done < "$STG_FILE"
else
echo "File not found: $STG_FILE"
fi
- name: List prod repository images
id: list-prod-images
run: |
az acr login --name pdhprodcontainerregistry
az acr repository show-tags --name pdhprodcontainerregistry --repository pdhprod --orderby time_asc --output table | head -n -16 > prod-images.txt
sed -i '1,2d' prod-images.txt
- name: Delete old images in prod env
env:
PROD_FILE: prod-images.txt
run: |
if [ -e "$PROD_FILE" ]; then
while IFS= read -r image_id; do
az acr repository delete --name pdhprodcontainerregistry --image pdhprod:$image_id --yes
if [ $? -eq 0 ]; then
echo "Deleted image: pdhprodcontainerregistry:$image_id"
else
echo "Failed to delete image: pdhprodcontainerregistry:$image_id"
fi
done < "$PROD_FILE"
else
echo "File not found: $PROD_FILE"
fi
# Pushing a modified image using an existing tag untags the previously pushed image,
# resulting in an orphaned (or "dangling") image.
# The previously pushed image's manifest--and its layer data--remains in the registry.
# They still need to be removed
- name: List image manifests in Test env
id: list-test-untaged-images
run: |
az acr login --name pdhtestcontainerregistry
az acr repository show-manifests --name pdhtestcontainerregistry --repository pdhtest --orderby time_asc --output tsv --query "[*].{Digest:digest}" | head -n -4 > test-untaged-images.txt
- name: Delete image manifest in test env
env:
TEST_UNTAGED_FILE: test-untaged-images.txt
run: |
if [ -e "$TEST_UNTAGED_FILE" ]; then
while IFS= read -r manifest_id; do
az acr repository delete --name pdhtestcontainerregistry --image pdhtest@$manifest_id --yes
if [ $? -eq 0 ]; then
echo "Deleted image: pdhtest:$manifest_id"
else
echo "Failed to delete image: pdhtest:$manifest_id"
fi
done < "$TEST_UNTAGED_FILE"
else
echo "File not found: $TEST_UNTAGED_FILE"
fi
- name: List image manifests in Staging env
id: list-stg-untaged-images
run: |
az acr login --name pdhstagingcontainerregistry
az acr repository show-manifests --name pdhstagingcontainerregistry --repository pdhstaging --orderby time_asc --output tsv --query "[*].{Digest:digest}" | head -n -4 > stg-untaged-images.txt
- name: Delete image manifest in Staging env
env:
STG_UNTAGED_FILE: stg-untaged-images.txt
run: |
if [ -e "$STG_UNTAGED_FILE" ]; then
while IFS= read -r manifest_id; do
az acr repository delete --name pdhstagingcontainerregistry --image pdhstaging@$manifest_id --yes
if [ $? -eq 0 ]; then
echo "Deleted image: pdhstagingcontainerregistry:$manifest_id"
else
echo "Failed to delete image: pdhstagingcontainerregistry:$manifest_id"
fi
done < "$STG_UNTAGED_FILE"
else
echo "File not found: $STG_UNTAGED_FILE"
fi
- name: List image manifests in Prod env
id: list-prod-untaged-images
run: |
az acr login --name pdhprodcontainerregistry
az acr repository show-manifests --name pdhprodcontainerregistry --repository pdhprod --orderby time_asc --output tsv --query "[*].{Digest:digest}" | head -n -16 > prod-untaged-images.txt
- name: Delete image manifest in Prod env
env:
PROD_UNTAGED_FILE: prod-untaged-images.txt
run: |
if [ -e "$PROD_UNTAGED_FILE" ]; then
while IFS= read -r manifest_id; do
az acr repository delete --name pdhprodcontainerregistry --image pdhprod@$manifest_id --yes
if [ $? -eq 0 ]; then
echo "Deleted image: pdhprodcontainerregistry:$manifest_id"
else
echo "Failed to delete image: pdhprodcontainerregistry:$manifest_id"
fi
done < "$PROD_UNTAGED_FILE"
else
echo "File not found: $PROD_UNTAGED_FILE"
fi