generated from cloudoperators/repository-template
-
Notifications
You must be signed in to change notification settings - Fork 1
129 lines (112 loc) · 4.47 KB
/
shared-ghcr-cleanup.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: Shared GHCR package cleanup
on:
workflow_call:
inputs:
runs-on:
description: >
The runner to use for the job
required: false
default: "default"
type: string
owner:
description: >
Owner of the package (user or organization). Defaults to project owner
required: false
type: string
repository:
description: >
The GitHub repository where the package is stored. Defaults to repository
name
required: false
type: string
package:
description: >
Comma-separated list of packages to cleanup. Support dynamic packages
(wildcard or regular expression) by enabling the expand-packages option.
required: false
type: string
expand-packages:
description: >
Enable wildcard or regular expression support on the package(s) option to
support dynamic package selection. Requires use of a Personal Access Token
(PAT) for the token value.
required: false
type: boolean
# Cleanup Options
delete-tags:
description: >
Comma-separated list of tags to delete (supports wildcard syntax), can be
abbreviated as `tags`. A regular expression selector can be used instead
by setting the `use-regex` option to true
required: false
type: string
exclude-tags:
description: >
Comma-separated list of tags strictly to be preserved/excluded from
deletion (supports wildcard syntax). A regular expression selector can be
used instead by setting the `use-regex` option to true
required: false
type: string
keep-n-tagged:
description: >
Number of tagged images to keep (sorted by date, keeping newest)
required: false
type: number
delete-untagged:
description: >
Delete all untagged images. This option is set to true when no other
delete or keep options are set (true/false)
required: false
type: boolean
delete-ghost-images:
description: >
Delete multi architecture images where all underlying platform images are
missing (true/false) Default: false
required: false
type: boolean
delete-partial-images:
description: >
Delete multi architecture images where some (but not all) underlying
platform images are missing (true/false) Default: false
required: false
type: boolean
delete-orphaned-images:
description: >
Delete orphaned images (referrers/cosign etc) where the parent image
doesn't exist. Uses a tagged based check.
required: false
type: boolean
# Additional Options
validate:
description: >
Validate all multi-architecture images manifests by checking their digests
are present in the registry (true/false) Default: false
required: false
type: boolean
dry-run:
description: >
Simulate action - does not remove any packages (true/false) Default: false
required: false
type: boolean
jobs:
ghcr-cleanup:
runs-on: ${{ inputs.runs-on}}
permissions:
packages: write
steps:
- uses: dataaxiom/ghcr-cleanup-action@v1
name: ghcr.io cleanup action
with:
dry-run: ${{ inputs.dry-run }}
owner: ${{ inputs.owner }}
repository: ${{ inputs.repository }}
package: ${{ inputs.package }}
expand-packages: ${{ inputs.expand-packages }}
exclude-tags: ${{ inputs.exclude-tags }}
delete-untagged: ${{ inputs.delete-untagged }}
delete-ghost-images: ${{ inputs.delete-ghost-images }}
delete-orphaned-images: ${{ inputs.delete-orphaned-images }}
delete-partial-images: ${{ inputs.delete-partial-images }}
keep-n-tagged: ${{ inputs.keep-n-tagged }}
validate: ${{ inputs.validate }}
token: ${{ secrets.GITHUB_TOKEN }}