chore(ci): clean up custom release tags in dev registry#2461
Open
universal-itengineer wants to merge 5 commits into
Open
chore(ci): clean up custom release tags in dev registry#2461universal-itengineer wants to merge 5 commits into
universal-itengineer wants to merge 5 commits into
Conversation
nevermarine
requested changes
Jun 9, 2026
1c7faec to
7b075c6
Compare
werf cleanup keep policies only apply to werf-managed images, so the pr*, release-*, and v*-rc.* tags published to the /release repository via crane copy were never removed. Add a dedicated crane-based cleanup script for the /release repository and wire it into the dev registry cleanup workflow with a dry-run input and full git history checkout. Signed-off-by: Nikita Korolev <nikita.korolev@flant.com>
Signed-off-by: Nikita Korolev <nikita.korolev@flant.com>
Skip the per-tag crane config call for protected tags (main, stable vX.Y.Z, release channels) by checking the tag name pattern first. Only cleanup candidates (pr*, release-*, v*-rc.*) now trigger a network round-trip to resolve their creation time. Signed-off-by: Nikita Korolev <nikita.korolev@flant.com>
The workflow's purpose is to delete obsolete tags, so it always runs in delete mode. Remove the dry_run workflow_dispatch input and the derived per-step env: restore the global WERF_DRY_RUN: "false" and drop REGISTRY_CLEANUP_DRY_RUN (the script already defaults it to false). Signed-off-by: Nikita Korolev <nikita.korolev@flant.com>
e042e00 to
a816712
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Add a dedicated cleanup script for custom module release tags in the development registry.
The dev registry cleanup workflow now:
werf cleanup;werf cleanupfor werf-managed images;.github/scripts/bash/registry-module-cleanup.shto clean custom tags in${MODULES_MODULE_SOURCE}/${MODULES_MODULE_NAME}/release.The script removes expired
pr*,release-*, andv*-rc.*tags based on configurable TTL values (REGISTRY_CLEANUP_PR_TAG_TTL_DAYS,REGISTRY_CLEANUP_RC_TAG_TTL_DAYS) while leaving stable release tags, release channel tags, andmainuntouched. Protected tags are filtered by name first, so only cleanup candidates trigger acrane configcall to resolve their creation time.Why do we need it, and what problem does it solve?
werf cleanuppolicies are based on Git history and apply to werf-managed image versions. The module release tags published to the/releaserepository are created separately viacrane copy, so tags such aspr1234and old release candidates were not removed by the existing cleanup job.This change adds cleanup for those custom registry tags and prevents the development registry from accumulating obsolete module release images.
What is the expected result?
Cleanup dev registriesworkflow (manually or on schedule).pr*,release-*, and oldv*-rc.*tags are removed from the dev registry while stable releases and channel tags remain available.done: N deleted, M kept, K failedsummary and fails the job if any deletion failed.Checklist
Changelog entries