Merge pull request #5 from byu-oit/tagged-image-lifecycle

GaryGSC · web-flow · commit a816e4d1c262 · 2020-08-25T15:13:17.000-06:00
Allow adjusting days to retain untagged images and number of tagged images to retain
diff --git a/README.md b/README.md
@@ -29,6 +29,39 @@ jobs:
       # ...
 ```
 
+<details>
+<summary>Or for a more complicated example, if you want to retain a certain number of tagged images...</summary>
+<p>
+
+```yaml
+on: push
+# ...
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      # ...
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_KEY }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET }}
+          aws-region: us-west-2
+      - name: Log into Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Create ECR repo if missing
+        uses: byu-oit/github-action-create-ecr-repo-if-missing@v1
+        with:
+          DOCKER_REPO_NAME: ${{ env.REPO }} # Your repo name goes here
+          NUM_DAYS_BEFORE_EXPIRING_UNTAGGED_IMAGES: 14
+          TAG_PREFIX: 'dev-v'
+          NUM_TAGGED_IMAGES_TO_RETAIN: 5
+      # ...
+```
+
+</p>
+</details>
+
 ## Contributing
 Hopefully this is useful to others at BYU. Feel free to ask me some questions about it, but I make no promises about being able to commit time to support it.
 
diff --git a/action.yml b/action.yml
@@ -6,6 +6,19 @@ inputs:
     # $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/byuapi-classes-v3-app:some-tag
     description: 'The ECR repository name'
     required: true
+  NUM_DAYS_BEFORE_EXPIRING_UNTAGGED_IMAGES:
+    description: 'The number of days after which untagged images will expire'
+    required: false
+    default: '30'
+
+  # These next two go together to create the "Expire old images as new ones are built" lifecycle policy
+  TAG_PREFIX:
+    description: 'The image tag prefix used so that we can expire old images as new ones are built'
+    required: false
+  NUM_TAGGED_IMAGES_TO_RETAIN:
+    description: 'The number of images with the given prefix to retain'
+    required: false
+    # Defaults to retaining all tagged images
 runs:
   using: 'node12'
   main: 'dist/index.js'
diff --git a/dist/index.js b/dist/index.js
diff --git a/index.js b/index.js
@@ -4,6 +4,17 @@ const AWS = require('aws-sdk')
 async function run () {
   try {
     const repositoryName = getInput('DOCKER_REPO_NAME', { required: true })
+    const daysBeforeExpiringUntaggedImages = getInput('NUM_DAYS_BEFORE_EXPIRING_UNTAGGED_IMAGES', { required: true })
+    const tagPrefix = getInput('TAG_PREFIX')
+    const numImages = getInput('NUM_TAGGED_IMAGES_TO_RETAIN')
+    if (tagPrefix && !numImages) {
+      setFailed('If TAG_PREFIX is provided, NUM_TAGGED_IMAGES_TO_RETAIN is required')
+      return
+    }
+    if (!tagPrefix && numImages) {
+      setFailed('If NUM_TAGGED_IMAGES_TO_RETAIN is provided, TAG_PREFIX is required')
+      return
+    }
 
     const ecr = new AWS.ECR({ apiVersion: '2015-09-21', region: process.env.AWS_REGION })
 
@@ -39,23 +50,39 @@ async function run () {
       ]
     })
 
-    const lifecyclePolicyText = JSON.stringify({
+    const lifecyclePolicy = {
       rules: [
         {
           rulePriority: 10,
-          description: 'Expire untagged images after 30 days',
+          description: `Expire untagged images after ${daysBeforeExpiringUntaggedImages} days`,
           selection: {
             tagStatus: 'untagged',
             countType: 'sinceImagePushed',
             countUnit: 'days',
-            countNumber: 30
+            countNumber: parseInt(daysBeforeExpiringUntaggedImages, 10)
           },
           action: {
             type: 'expire'
           }
         }
       ]
-    })
+    }
+    if (tagPrefix && numImages) {
+      lifecyclePolicy.rules.push({
+        rulePriority: 20,
+        description: 'Expire old images as new ones are built',
+        selection: {
+          tagStatus: 'tagged',
+          tagPrefixList: [tagPrefix],
+          countType: 'imageCountMoreThan',
+          countNumber: numImages
+        },
+        action: {
+          type: 'expire'
+        }
+      })
+    }
+    const lifecyclePolicyText = JSON.stringify(lifecyclePolicy)
 
     console.log('Applying repository access and lifecycle policies...')
     await Promise.all([
