From ab15f51299fcc029f662099cb83262178f1f39fa Mon Sep 17 00:00:00 2001 From: Kirill Plis Date: Wed, 19 Nov 2025 12:11:33 +0100 Subject: [PATCH 1/3] feat: rework lifecycle policies --- .github/workflows/build-image.yaml | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index 49335bb..ff6b65b 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -151,9 +151,20 @@ jobs: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} - name: Create ${{ matrix.containerfile_targets }} ECR repository if it doesn't exist run: | - aws ecr describe-repositories --repository-names ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} || \ - aws ecr create-repository --repository-name ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} - LIFECYCLE_POLICY='{"rules":[{"rulePriority":1,"description":"Keep last 500 images","selection":{"tagStatus":"any","countType":"imageCountMoreThan","countNumber":500},"action":{"type":"expire"}}]}' + if ! aws ecr describe-repositories --repository-names ${{ inputs.APPLICATION_NAME }} 2>/dev/null; then + echo "Repository ${{ inputs.APPLICATION_NAME }} does not exist, creating it..." + aws ecr create-repository --repository-name ${{ inputs.APPLICATION_NAME }} + echo "Setting lifecycle policy..." + else + echo "Repository ${{ inputs.APPLICATION_NAME }} already exists, skipping creation" + fi + + echo "Applying lifecycle policies" + LIFECYCLE_POLICY='{"rules":[ + {"rulePriority":1,"description":"Preserve preview images","selection":{"tagStatus":"tagged","tagPatternList":["preview-*"],"countType":"sinceImagePushed","countNumber":365},"action":{"type":"expire"}}, + {"rulePriority":2,"description":"Preserve production images","selection":{"tagStatus":"tagged","tagPatternList":["v*"],"countType":"imageCountMoreThan","countNumber":50},"action":{"type":"expire"}} + {"rulePriority":3,"description":"Remove untagged images","selection":{"tagStatus":"untagged","countType":"sinceImagePushed","countNumber":7},"action":{"type":"expire"}} + ]}' aws ecr put-lifecycle-policy --repository-name ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} --lifecycle-policy-text "$LIFECYCLE_POLICY" - name: Login to Amazon ECR id: login-ecr From a37dd730920def08d49e12565582ca06ee61e84e Mon Sep 17 00:00:00 2001 From: Kirill Plis Date: Wed, 19 Nov 2025 12:18:18 +0100 Subject: [PATCH 2/3] for single build too --- .github/workflows/build-image.yaml | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index ff6b65b..cafef98 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -75,8 +75,20 @@ jobs: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} - name: Create ECR repository if it doesn't exist run: | - aws ecr describe-repositories --repository-names ${{ github.event.deployment.payload.name }} || \ - aws ecr create-repository --repository-name ${{ github.event.deployment.payload.name }} + if ! aws ecr describe-repositories --repository-names ${{ github.event.deployment.payload.name }} 2>/dev/null; then + echo "Repository ${{ github.event.deployment.payload.name }} does not exist, creating it..." + aws ecr create-repository --repository-name ${{ github.event.deployment.payload.name }} + echo "Setting lifecycle policy..." + else + echo "Repository ${{ github.event.deployment.payload.name }} already exists, skipping creation" + fi + + echo "Applying lifecycle policies" + LIFECYCLE_POLICY='{"rules":[ + {"rulePriority":1,"description":"Preserve preview images","selection":{"tagStatus":"tagged","tagPatternList":["preview-*"],"countType":"sinceImagePushed","countNumber":365},"action":{"type":"expire"}}, + {"rulePriority":2,"description":"Preserve production images","selection":{"tagStatus":"tagged","tagPatternList":["v*"],"countType":"imageCountMoreThan","countNumber":50},"action":{"type":"expire"}} + {"rulePriority":3,"description":"Remove untagged images","selection":{"tagStatus":"untagged","countType":"sinceImagePushed","countNumber":7},"action":{"type":"expire"}} + ]}' LIFECYCLE_POLICY='{"rules":[{"rulePriority":1,"description":"Keep last 500 images","selection":{"tagStatus":"any","countType":"imageCountMoreThan","countNumber":500},"action":{"type":"expire"}}]}' aws ecr put-lifecycle-policy --repository-name ${{ github.event.deployment.payload.name }} --lifecycle-policy-text "$LIFECYCLE_POLICY" - name: Login to Amazon ECR @@ -151,12 +163,12 @@ jobs: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} - name: Create ${{ matrix.containerfile_targets }} ECR repository if it doesn't exist run: | - if ! aws ecr describe-repositories --repository-names ${{ inputs.APPLICATION_NAME }} 2>/dev/null; then - echo "Repository ${{ inputs.APPLICATION_NAME }} does not exist, creating it..." - aws ecr create-repository --repository-name ${{ inputs.APPLICATION_NAME }} + if ! aws ecr describe-repositories --repository-names ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} 2>/dev/null; then + echo "Repository ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} does not exist, creating it..." + aws ecr create-repository --repository-name ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} echo "Setting lifecycle policy..." else - echo "Repository ${{ inputs.APPLICATION_NAME }} already exists, skipping creation" + echo "Repository ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} already exists, skipping creation" fi echo "Applying lifecycle policies" From 832300e955943d5220d89e1ac7490a485b1a351b Mon Sep 17 00:00:00 2001 From: Kirill Plis Date: Thu, 20 Nov 2025 08:43:05 +0100 Subject: [PATCH 3/3] remove duplicate policy --- .github/workflows/build-image.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index cafef98..f95c0b6 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -89,7 +89,6 @@ jobs: {"rulePriority":2,"description":"Preserve production images","selection":{"tagStatus":"tagged","tagPatternList":["v*"],"countType":"imageCountMoreThan","countNumber":50},"action":{"type":"expire"}} {"rulePriority":3,"description":"Remove untagged images","selection":{"tagStatus":"untagged","countType":"sinceImagePushed","countNumber":7},"action":{"type":"expire"}} ]}' - LIFECYCLE_POLICY='{"rules":[{"rulePriority":1,"description":"Keep last 500 images","selection":{"tagStatus":"any","countType":"imageCountMoreThan","countNumber":500},"action":{"type":"expire"}}]}' aws ecr put-lifecycle-policy --repository-name ${{ github.event.deployment.payload.name }} --lifecycle-policy-text "$LIFECYCLE_POLICY" - name: Login to Amazon ECR id: login-ecr