Created
April 17, 2019 06:51
-
-
Save tomfun/df691262191045920761a3b163f505c8 to your computer and use it in GitHub Desktop.
Gitlab CI docker registry cleaner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| stages: | |
| - clean | |
| - build | |
| - check | |
| variables: | |
| ## docker image names inside the YML file to use | |
| CI_REGISTRY_IMAGE_c: $CI_REGISTRY_IMAGE/dev:${CI_COMMIT_SHORT_SHA} | |
| CI_REGISTRY_IMAGE_l: $CI_REGISTRY_IMAGE/dev:latest | |
| CI_REGISTRY_IMAGE_i: services_${CI_BUILD_ID}_api_v2 | |
| build: | |
| tags: | |
| - dind | |
| stage: build | |
| image: tmaier/docker-compose | |
| script: | |
| - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY | |
| - docker pull ${CI_REGISTRY_IMAGE_l} || true | |
| - docker build --cache-from ${CI_REGISTRY_IMAGE_l} -f docker/app/Dockerfile -t ${CI_REGISTRY_IMAGE_i} -t ${CI_REGISTRY_IMAGE_c} -t ${CI_REGISTRY_IMAGE_l} . | |
| - docker push ${CI_REGISTRY_IMAGE_c} | |
| - docker push ${CI_REGISTRY_IMAGE_l} | |
| # some job that uses the docker | |
| tslint: | |
| tags: | |
| - dind | |
| stage: check | |
| image: tmaier/docker-compose | |
| script: | |
| # pull docker image from registry, about 30sec | |
| - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY && docker pull ${CI_REGISTRY_IMAGE_c} || true | |
| # normaly should take 10sec and just use cache | |
| - docker build --cache-from ${CI_REGISTRY_IMAGE_c} -f docker/app/Dockerfile . -t services_${CI_BUILD_ID}_api_v2 | |
| # some useful command inside the docker | |
| - docker run --rm services_${CI_BUILD_ID}_api_v2 npm --silent run lint | |
| allow_failure: true | |
| ## Clear by scheduled tasks | |
| clear_docker_images: | |
| stage: clean | |
| only: | |
| - schedules | |
| image: everpeace/curl-jq:latest | |
| variables: | |
| # Name of image to clean tags | |
| IMAGE_TO_CLEAN: $CI_PROJECT_PATH/dev | |
| GIT_STRATEGY: none | |
| script: | |
| # just show information | |
| - | | |
| echo -e "\x1b[36m repositories:\x1b[0m" | |
| curl --cacert $CI_SERVER_TLS_CA_FILE --header "PRIVATE-TOKEN: ${CLEAR_DOCKER_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/registry/repositories" | jq --color-output . | |
| export IMAGE_TO_CLEAN_ID=$(curl --cacert $CI_SERVER_TLS_CA_FILE --header "PRIVATE-TOKEN: ${CLEAR_DOCKER_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/registry/repositories" | jq ".[] | select(.path == \"$IMAGE_TO_CLEAN\") | .id") | |
| echo -e "\x1b[36m $IMAGE_TO_CLEAN (id = $IMAGE_TO_CLEAN_ID) tags:\x1b[0m" | |
| curl --cacert $CI_SERVER_TLS_CA_FILE --header "PRIVATE-TOKEN: ${CLEAR_DOCKER_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/registry/repositories/$IMAGE_TO_CLEAN_ID/tags" | jq --color-output '[.[] | .location]' | |
| # remove all tags | |
| - | | |
| remove_tag_="curl --cacert $CI_SERVER_TLS_CA_FILE --request DELETE --header 'PRIVATE-TOKEN: ${CLEAR_DOCKER_TOKEN}' ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/registry/repositories/$IMAGE_TO_CLEAN_ID/tags/" | |
| curl --cacert $CI_SERVER_TLS_CA_FILE --header "PRIVATE-TOKEN: ${CLEAR_DOCKER_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/registry/repositories/$IMAGE_TO_CLEAN_ID/tags" \ | |
| | jq -r '.[] | select(.name != "latest") | .name' \ | |
| | while read -r TAG; do sh -c "$remove_tag_$TAG"; done | |
| curl --cacert $CI_SERVER_TLS_CA_FILE --header "PRIVATE-TOKEN: ${CLEAR_DOCKER_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/registry/repositories/$IMAGE_TO_CLEAN_ID/tags" | jq --color-output '[.[] | .location]' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment