|
@@ -0,0 +1,77 @@
|
|
|
+# This workflow runs on certain conditions to check for and potentially
|
|
|
+# delete container images from the GHCR which no longer have an associated
|
|
|
+# code branch.
|
|
|
+# Requires a PAT with the correct scope set in the secrets.
|
|
|
+#
|
|
|
+# This workflow will not trigger runs on forked repos.
|
|
|
+
|
|
|
+name: Cleanup Old Docker Images
|
|
|
+
|
|
|
+on:
|
|
|
+ pull_request:
|
|
|
+ types:
|
|
|
+ - "closed"
|
|
|
+ push:
|
|
|
+ paths:
|
|
|
+ - ".github/workflows/docker-cleanup.yml"
|
|
|
+
|
|
|
+concurrency:
|
|
|
+ group: registry-tags-cleanup
|
|
|
+ cancel-in-progress: false
|
|
|
+
|
|
|
+jobs:
|
|
|
+ cleanup-images:
|
|
|
+ name: Cleanup Stale Images Tags for ${{ matrix.primary-name }}
|
|
|
+ runs-on: ubuntu-22.04
|
|
|
+ strategy:
|
|
|
+ fail-fast: false
|
|
|
+ matrix:
|
|
|
+ include:
|
|
|
+ - primary-name: "immich-server"
|
|
|
+ - primary-name: "immich-machine-learning"
|
|
|
+ - primary-name: "immich-web"
|
|
|
+ - primary-name: "immich-proxy"
|
|
|
+ env:
|
|
|
+ # Requires a personal access token with the OAuth scope delete:packages
|
|
|
+ TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
|
|
|
+ steps:
|
|
|
+ -
|
|
|
+ name: Clean temporary images
|
|
|
+ if: "${{ env.TOKEN != '' }}"
|
|
|
+ uses: stumpylog/image-cleaner-action/ephemeral@develop
|
|
|
+ with:
|
|
|
+ token: "${{ env.TOKEN }}"
|
|
|
+ owner: "immich-app"
|
|
|
+ is_org: "true"
|
|
|
+ package_name: "${{ matrix.primary-name }}"
|
|
|
+ scheme: "pull_request"
|
|
|
+ repo_name: "immich"
|
|
|
+ match_regex: '^pr-(\d+)$|^(\d+)$'
|
|
|
+
|
|
|
+ cleanup-untagged-images:
|
|
|
+ name: Cleanup Untagged Images Tags for ${{ matrix.primary-name }}
|
|
|
+ runs-on: ubuntu-22.04
|
|
|
+ needs:
|
|
|
+ - cleanup-images
|
|
|
+ strategy:
|
|
|
+ fail-fast: false
|
|
|
+ matrix:
|
|
|
+ include:
|
|
|
+ - primary-name: "immich-server"
|
|
|
+ - primary-name: "immich-machine-learning"
|
|
|
+ - primary-name: "immich-web"
|
|
|
+ - primary-name: "immich-proxy"
|
|
|
+ - primary-name: "immich-build-cache"
|
|
|
+ env:
|
|
|
+ # Requires a personal access token with the OAuth scope delete:packages
|
|
|
+ TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
|
|
|
+ steps:
|
|
|
+ -
|
|
|
+ name: Clean untagged images
|
|
|
+ if: "${{ env.TOKEN != '' }}"
|
|
|
+ uses: stumpylog/image-cleaner-action/untagged@develop
|
|
|
+ with:
|
|
|
+ token: "${{ env.TOKEN }}"
|
|
|
+ owner: "immich-app"
|
|
|
+ is_org: "true"
|
|
|
+ package_name: "${{ matrix.primary-name }}"
|