Add container image cleanup workflow

3 months ago · a4ecf07b4e
1 changed files with 55 additions and 0 deletions
--- a/.github/workflows/cleanup-container-images.yml
+++ b/.github/workflows/cleanup-container-images.yml
@ -0,0 +1,55 @@
				@@ -0,0 +1,55 @@
+name: Cleanup Container Images
+
+on:
+  pull_request:
+    types: [closed]
+  delete:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.ref || github.event.pull_request.head.ref }}
+  cancel-in-progress: false
+
+jobs:
+  cleanup-images:
+    name: Delete branch container images
+    runs-on: ubuntu-24.04
+    permissions:
+      packages: write
+    steps:
+      - name: Generate image tag to delete
+        id: tag
+        run: |
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+            IMAGE_TAG="pr-${{ github.event.pull_request.number }}"
+          else
+            # For deleted branches
+            BRANCH_NAME="${{ github.event.ref }}"
+            IMAGE_TAG=$(echo "$BRANCH_NAME" | tr '[:upper:]' '[:lower:]' | sed -E 's/[^a-z0-9._-]+/-/g; s/-+/-/g; s/^-+|-+$//g' | cut -c1-128 | sed -E 's/[.-]$//')
+          fi
+          echo "tag=$IMAGE_TAG" >> $GITHUB_OUTPUT
+
+      - name: Delete container image version
+        continue-on-error: true
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          IMAGE_TAG: ${{ steps.tag.outputs.tag }}
+        run: |
+          # Get the version ID for this specific tag
+          VERSION_ID=$(gh api \
+            -H "Accept: application/vnd.github+json" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "/orgs/bitwarden/packages/container/key-connector/versions" \
+            --jq ".[] | select(.metadata.container.tags[] | contains(\"$IMAGE_TAG\")) | .id" \
+            | head -1)
+
+          if [[ -n "$VERSION_ID" ]]; then
+            echo "Deleting image with tag: $IMAGE_TAG (version ID: $VERSION_ID)"
+            gh api \
+              --method DELETE \
+              -H "Accept: application/vnd.github+json" \
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              "/orgs/bitwarden/packages/container/key-connector/versions/$VERSION_ID"
+            echo "Successfully deleted image"
+          else
+            echo "No image found with tag: $IMAGE_TAG"
+          fi