Skip to content

Instantly share code, notes, and snippets.

@ahmetb

ahmetb/gcrgc.sh

Last active February 26, 2024 09:14
Show Gist options
  • Save ahmetb/7ce6d741bd5baa194a3fac6b1fec8bb7 to your computer and use it in GitHub Desktop.
Save ahmetb/7ce6d741bd5baa194a3fac6b1fec8bb7 to your computer and use it in GitHub Desktop.
Download ZIP
Script to clean up Google Container Registry images pushed before a particular date
Raw
gcrgc.sh
#!/bin/bash
# Copyright © 2017 Google Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
IFS=$'\n\t'
set -eou pipefail
if [[ "$#" -ne 2 || "${1}" == '-h' || "${1}" == '--help' ]]; then
cat >&2 <<"EOF"
gcrgc.sh cleans up tagged or untagged images pushed before specified date
for a given repository (an image name without a tag/digest).
USAGE:
gcrgc.sh REPOSITORY DATE
EXAMPLE
gcrgc.sh gcr.io/ahmet/my-app 2017-04-01
would clean up everything under the gcr.io/ahmet/my-app repository
pushed before 2017-04-01.
EOF
exit 1
elif [[ "${#2}" -ne 10 ]]; then
echo "wrong DATE format; use YYYY-MM-DD." >&2
exit 1
fi
main(){
local C=0
IMAGE="${1}"
DATE="${2}"
for digest in $(gcloud container images list-tags ${IMAGE} --limit=999999 --sort-by=TIMESTAMP \
--filter="timestamp.datetime < '${DATE}'" --format='get(digest)'); do
(
set -x
gcloud container images delete -q --force-delete-tags "${IMAGE}@${digest}"
)
let C=C+1
done
echo "Deleted ${C} images in ${IMAGE}." >&2
}
main "${1}" "${2}"
@transducer
Copy link

transducer commented Oct 31, 2023
edited

Script to only keep 10 latest images for every registry in a project:

#!/bin/bash
PROJECT=<PROJECT>

# Get a list of all registries in the project (assuming eu.gcr.io)
REGISTRIES=$(gcloud container images list --repository=eu.gcr.io/$PROJECT)

# Loop over each registry
while IFS= read -r REGISTRY; do
  # Skip the header line
  if [[ $REGISTRY == "NAME" ]]; then
    continue
  fi

  while true; do
    # Get a list of all image digests, sorted by date (newest first)
    ALL_DIGESTS=$(gcloud container images list-tags $REGISTRY --format="get(digest)" --sort-by="~timestamp")

    # Reset the array and index counter
    unset DIGEST_ARRAY
    i=0

    # Process the multi-line output into an array
    while IFS= read -r line; do
      DIGEST_ARRAY[i++]="$line"
    done <<< "$ALL_DIGESTS"

    # Get the count of all digests
    DIGEST_COUNT=${#DIGEST_ARRAY[@]}

    # If there are more than 10 digests, delete the oldest ones
    if [[ $DIGEST_COUNT -gt 10 ]]; then
      for i in $(seq 10 $((DIGEST_COUNT - 1))); do
        DIGEST=${DIGEST_ARRAY[$i]}
        gcloud container images delete $REGISTRY@$DIGEST --force-delete-tags --quiet
      done
    else
      echo "There are $DIGEST_COUNT images in $REGISTRY, no images to delete."
      break
    fi

    # Sleep for a while before the next iteration (optional)
    sleep 300
  done
done <<< "$REGISTRIES"

This works for Container Registry. In Artifact Repository a cleanup policy can be configured to do the same: https://cloud.google.com/artifact-registry/docs/repositories/cleanup-policy.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment