Stefan Reimer
8ee6e581f0
c1a48a6 Remove auto stash push / pop as being too dangerous 318c19e Add merge comment for subtree 22ed100 Fix custom branch docker tags 227e39f Allow custom GIT_TAG 38a9cda Debug CI pipeline 3efcc81 Debug CI pipeline 5023473 Make branch detection work for tagged commits cdc32e0 Improve cleanup flow 8df60af Fix derp 748a4bd Migrate to :: to allow custom make steps, add generic stubs 955afa7 Apply pep8 5819ded Improve ECR public lifecycle handling via python script 5d4e4ad Make rm-remote-untagged less noisy f00e541 Add cleanup step to remove untagged images by default 0821e91 Ensure tag names are valid for remote branches like PRs git-subtree-dir: .ci git-subtree-split: c1a48a6aede4a08ad1e230121bf8b085ce9ef9e6
64 lines
2.2 KiB
Python
Executable File
64 lines
2.2 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
|
|
import argparse
|
|
import boto3
|
|
|
|
parser = argparse.ArgumentParser(
|
|
description='Implement basic public ECR lifecycle policy')
|
|
parser.add_argument('--repo', dest='repositoryName', action='store', required=True,
|
|
help='Name of the public ECR repository')
|
|
parser.add_argument('--keep', dest='keep', action='store', default=10, type=int,
|
|
help='number of tagged images to keep, default 10')
|
|
parser.add_argument('--dev', dest='delete_dev', action='store_true',
|
|
help='also delete in-development images only having tags like v0.1.1-commitNr-githash')
|
|
|
|
args = parser.parse_args()
|
|
|
|
client = boto3.client('ecr-public', region_name='us-east-1')
|
|
|
|
images = client.describe_images(repositoryName=args.repositoryName)[
|
|
"imageDetails"]
|
|
|
|
untagged = []
|
|
kept = 0
|
|
|
|
# actual Image
|
|
# imageManifestMediaType: 'application/vnd.oci.image.manifest.v1+json'
|
|
# image Index
|
|
# imageManifestMediaType: 'application/vnd.oci.image.index.v1+json'
|
|
|
|
# Sort by date uploaded
|
|
for image in sorted(images, key=lambda d: d['imagePushedAt'], reverse=True):
|
|
# Remove all untagged
|
|
# if registry uses image index all actual images will be untagged anyways
|
|
if 'imageTags' not in image:
|
|
untagged.append({"imageDigest": image['imageDigest']})
|
|
# print("Delete untagged image {}".format(image["imageDigest"]))
|
|
continue
|
|
|
|
# check for dev tags
|
|
if args.delete_dev:
|
|
_delete = True
|
|
for tag in image["imageTags"]:
|
|
# Look for at least one tag NOT beign a SemVer dev tag
|
|
if "-" not in tag:
|
|
_delete = False
|
|
if _delete:
|
|
print("Deleting development image {}".format(image["imageTags"]))
|
|
untagged.append({"imageDigest": image['imageDigest']})
|
|
continue
|
|
|
|
if kept < args.keep:
|
|
kept = kept+1
|
|
print("Keeping tagged image {}".format(image["imageTags"]))
|
|
continue
|
|
else:
|
|
print("Deleting tagged image {}".format(image["imageTags"]))
|
|
untagged.append({"imageDigest": image['imageDigest']})
|
|
|
|
deleted_images = client.batch_delete_image(
|
|
repositoryName=args.repositoryName, imageIds=untagged)
|
|
|
|
if deleted_images["imageIds"]:
|
|
print("Deleted images: {}".format(deleted_images["imageIds"]))
|