diff --git a/docker/gitea/Dockerfile b/docker/gitea/Dockerfile index d2299ba813..344b44301d 100644 --- a/docker/gitea/Dockerfile +++ b/docker/gitea/Dockerfile @@ -112,4 +112,4 @@ EXPOSE 22 VOLUME ["/data"] ENTRYPOINT ["/usr/bin/entrypoint"] CMD ["/usr/sbin/sshd", "-D"] -# this comment is here to perform a test run of the job... \ No newline at end of file +# this comment is here to perform a test run of the job.... diff --git a/playbooks/zuul/build-image/promote-delete-tag.yaml b/playbooks/zuul/build-image/promote-delete-tag.yaml new file mode 100644 index 0000000000..d8435b4393 --- /dev/null +++ b/playbooks/zuul/build-image/promote-delete-tag.yaml @@ -0,0 +1,20 @@ +- name: List tags + uri: + url: "https://hub.docker.com/v2/repositories/{{ image.repository }}/tags?page_size=1000" + status_code: 200 + register: tags +- name: Set cutoff timestamp to 24 hours ago + command: "python3 -c \"import datetime; print((datetime.datetime.utcnow()-datetime.timedelta(days=1)).strftime('%Y-%m-%dT%H:%M:%fZ'))\"" + register: cutoff +- name: Delete all change tags older than the cutoff + no_log: true + loop: "{{ tags.json.results }}" + loop_control: + loop_var: docker_tag + when: docker_tag.last_updated < cutoff.stdout and docker_tag.name.startswith('change_') + uri: + url: "https://hub.docker.com/v2/repositories/{{ image.repository }}/tags/{{ docker_tag.name }}/" + method: DELETE + status_code: 204 + headers: + Authorization: "JWT {{ jwt_token.json.token }}" diff --git a/playbooks/zuul/build-image/promote-retag.yaml b/playbooks/zuul/build-image/promote-retag.yaml index 132e75a04e..77b611ac8b 100644 --- a/playbooks/zuul/build-image/promote-retag.yaml +++ b/playbooks/zuul/build-image/promote-retag.yaml @@ -1,7 +1,7 @@ - name: Get dockerhub token no_log: true uri: - url: "https://auth.docker.io/token?service=registry.docker.io&scope=repository:{{image.repository}}:pull,push" + url: "https://auth.docker.io/token?service=registry.docker.io&scope=repository:{{ image.repository }}:pull,push" user: "{{ credentials.username }}" password: "{{ credentials.password }}" force_basic_auth: true @@ -9,7 +9,7 @@ - name: Get manifest no_log: true uri: - url: "https://registry.hub.docker.com/v2/{{image.repository}}/manifests/change_{{zuul.change}}" + url: "https://registry.hub.docker.com/v2/{{ image.repository }}/manifests/change_{{ zuul.change }}" status_code: 200 headers: Accept: "application/vnd.docker.distribution.manifestv2+json" @@ -22,10 +22,18 @@ loop_control: loop_var: new_tag uri: - url: "https://registry.hub.docker.com/v2/{{image.repository}}/manifests/{{ new_tag }}" + url: "https://registry.hub.docker.com/v2/{{ image.repository }}/manifests/{{ new_tag }}" method: PUT status_code: 201 body: "{{ manifest.content | string }}" headers: Content-Type: "application/vnd.docker.distribution.manifestv2+json" Authorization: "Bearer {{ token.json.token }}" +- name: Delete the current change tag + no_log: true + uri: + url: "https://hub.docker.com/v2/repositories/{{ image.repository }}/tags/change_{{ zuul.change }}/" + method: DELETE + status_code: 204 + headers: + Authorization: "JWT {{ jwt_token.json.token }}" diff --git a/playbooks/zuul/build-image/promote.yaml b/playbooks/zuul/build-image/promote.yaml index 04858ab27d..ce7467dc6f 100644 --- a/playbooks/zuul/build-image/promote.yaml +++ b/playbooks/zuul/build-image/promote.yaml @@ -1,10 +1,22 @@ - hosts: localhost tasks: - - name: Promote dockerhub image - when: credentials is defined - block: - - name: Promote image - loop: "{{ images }}" - loop_control: - loop_var: image - include_tasks: promote-retag.yaml + # This is used by the delete tasks + - name: Get dockerhub JWT token + no_log: true + uri: + url: "https://hub.docker.com/v2/users/login/" + body_format: json + body: + username: "{{ credentials.username }}" + password: "{{ credentials.password }}" + register: jwt_token + - name: Promote image + loop: "{{ images }}" + loop_control: + loop_var: image + include_tasks: promote-retag.yaml + - name: Delete obsolete tags + loop: "{{ images }}" + loop_control: + loop_var: image + include_tasks: promote-delete-tag.yaml