Update GHCR #270

Workflow file for this run

.github/workflows/gh_registry.yml at 67b74c1

	on:
	workflow_dispatch:
	schedule:
	- cron: 0 3 * * *

	name: Update GHCR

	jobs:
	ghcr_config:
	name: Read GHCR config
	if: github.event_name == 'workflow_dispatch' \|\| vars.enabled_workflows == 'all'
	runs-on: ubuntu-latest
	permissions:
	contents: read

	outputs:
	external_images: ${{ steps.ghcr_config.outputs.external_images }}
	internal_images: ${{ steps.ghcr_config.outputs.internal_images }}

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Get images list
	id: ghcr_config
	run: \|
	repo_owner=${{ github.repository_owner }}
	config=`cat .github/workflows/config/ghcr_config.json \| jq ".external_images"`
	images=`echo "$config" \| jq '.[].source'`
	external_images="{\"images\":[],\"tags\":[]}"
	for image in $images; do
	image_data=`echo "$config" \| jq ".[] \| select(.source==$image)"`
	source=`echo $image_data \| jq -r '.source'`
	platforms=`echo $image_data \| jq -r '.platforms'`
	original_name=`echo $source \| sed -e 's@.*\.io/@\1@'`
	package_name=${original_name#${repo_owner,,}}
	tags=`echo "$image_data" \| jq -r '.tags[]'`
	external_images=`echo $external_images \| jq ".images \|= . + [\"$source\"]"`
	info={\"$source\":{\"platforms\":\"$platforms\",\"package_name\":\"$package_name\"}}
	external_images=`echo $external_images \| jq ". \|= . + $info"`
	for tag in $tags; do
	external_images=`echo $external_images \| jq ".tags \|= . + [\"$source:$tag\"]"`
	done
	done

	config=`cat .github/workflows/config/ghcr_config.json \| jq ".internal_images"`
	images=`echo "$config" \| jq '.[].name'`
	internal_images="{\"package_names\":[]}"
	for image in $images; do
	image_data=`echo "$config" \| jq ".[] \| select(.name==$image)"`
	package_name=`echo $image_data \| jq -r '.name'`
	nr_tags_to_keep=`echo $image_data \| jq -r '.tags_to_keep'`
	internal_images=`echo $internal_images \| jq ".package_names \|= . + [\"$package_name\"]"`
	info={\"$package_name\":{\"nr_tags_to_keep\":\"$nr_tags_to_keep\"}}
	internal_images=`echo $internal_images \| jq ". \|= . + $info"`
	done

	echo "internal_images=$(echo $internal_images)" >> $GITHUB_OUTPUT
	echo "external_images=$(echo $external_images)" >> $GITHUB_OUTPUT

	delete_images:
	name: Delete old images on GHCR
	needs: ghcr_config
	runs-on: ubuntu-latest
	permissions:
	packages: write

	environment:
	name: ghcr-deployment
	url: ${{ vars.deployment_url }}

	strategy:
	matrix:
	image: ${{ fromJson(needs.ghcr_config.outputs.external_images).images }}
	fail-fast: false

	steps:
	- name: Login to GitHub CR
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ github.token }}

	- name: Delete old images
	uses: actions/delete-package-versions@v4
	with:
	package-name: ${{ fromJson(needs.ghcr_config.outputs.external_images)[format('{0}', matrix.image)].package_name }}
	package-type: 'container'
	min-versions-to-keep: 1 # the used action does not support 0 here
	continue-on-error: true

	push_images:
	name: Push new images to GHCR
	needs: [ghcr_config, delete_images]
	runs-on: ubuntu-latest
	permissions:
	packages: write

	environment:
	name: ghcr-deployment
	url: ${{ vars.deployment_url }}

	strategy:
	matrix:
	tag: ${{ fromJson(needs.ghcr_config.outputs.external_images).tags }}
	fail-fast: false

	steps:
	- name: Login to GitHub CR
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ github.token }}

	- name: Set up context for buildx
	run: \|
	docker context create builder_context

	- name: Set up buildx runner
	uses: docker/setup-buildx-action@v3
	with:
	endpoint: builder_context

	- name: Prepare push
	id: metadata
	run: \|
	dockerfile=image.Dockerfile
	echo 'FROM ${{ matrix.tag }}' > $dockerfile
	repo_owner=${{ github.repository_owner }}

	original_name=`echo ${{ matrix.tag }} \| rev \| cut -d : -f2- \| rev`
	original_tag=`echo ${{ matrix.tag }} \| rev \| cut -d : -f1 \| rev`
	external_images='${{ needs.ghcr_config.outputs.external_images }}'
	package_name=`echo $external_images \| jq -r ".\"$original_name\".package_name"`
	platforms=`echo $external_images \| jq -r ".\"$original_name\".platforms"`

	# No need to specify labels - they propagate automatically
	echo "dockerfile=$dockerfile" >> $GITHUB_OUTPUT
	echo "tags=${{ vars.registry }}/${repo_owner,,}/${package_name}:${original_tag}" >> $GITHUB_OUTPUT
	echo "platforms=$platforms" >> $GITHUB_OUTPUT

	- name: Push image to GHCR
	id: docker_build
	uses: docker/build-push-action@v5
	with:
	context: .
	file: ${{ steps.metadata.outputs.dockerfile }}
	tags: ${{ steps.metadata.outputs.tags }}
	labels: ${{ steps.metadata.outputs.labels }}
	platforms: ${{ steps.metadata.outputs.platforms }}
	push: true

	delete_internal_images:
	name: Clean up internal images on GHCR
	needs: ghcr_config
	runs-on: ubuntu-latest
	permissions:
	packages: write

	environment:
	name: ghcr-deployment
	url: ${{ vars.deployment_url }}

	strategy:
	matrix:
	package_name: ${{ fromJson(needs.ghcr_config.outputs.internal_images).package_names }}
	fail-fast: false

	steps:
	- name: Login to GitHub CR
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ github.token }}

	- name: Delete old images
	uses: actions/delete-package-versions@v4
	with:
	package-name: ${{ matrix.package_name }}
	package-type: 'container'
	min-versions-to-keep: ${{ fromJson(needs.ghcr_config.outputs.internal_images)[format('{0}', matrix.package_name)].nr_tags_to_keep }}
	continue-on-error: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update GHCR #270

Workflow file

Update GHCR #270

Jobs

Run details

Workflow file for this run