Feature: Don't push feature development branches to DockerHub (#1219)

* Don't push to the DockerHub except for certain refs * Enables deletetion of feature images * Adds links to the API docs for the end points * Makes it clear in the logs a dry-run vs actual deletion event
2025-04-02 13:45:10 -05:00 · 2022-07-11 12:22:43 -07:00 · 2022-07-11 12:22:43 -07:00 · 5243ae80b4
commit 5243ae80b4
parent 0bb9d91eae
4 changed files with 25 additions and 32 deletions
--- a/.github/scripts/cleanup-tags.py
+++ b/.github/scripts/cleanup-tags.py
@ -21,12 +21,17 @@ class GithubContainerRegistry:
        self._session: requests.Session = session
        self._token = token
        self._owner_or_org = owner_or_org
+        # https://docs.github.com/en/rest/branches/branches
        self._BRANCHES_ENDPOINT = "https://api.github.com/repos/{OWNER}/{REPO}/branches"
        if self._owner_or_org == "paperless-ngx":
+            # https://docs.github.com/en/rest/packages#get-all-package-versions-for-a-package-owned-by-an-organization
            self._PACKAGES_VERSIONS_ENDPOINT = "https://api.github.com/orgs/{ORG}/packages/{PACKAGE_TYPE}/{PACKAGE_NAME}/versions"
+            # https://docs.github.com/en/rest/packages#delete-package-version-for-an-organization
            self._PACKAGE_VERSION_DELETE_ENDPOINT = "https://api.github.com/orgs/{ORG}/packages/{PACKAGE_TYPE}/{PACKAGE_NAME}/versions/{PACKAGE_VERSION_ID}"
        else:
+            # https://docs.github.com/en/rest/packages#get-all-package-versions-for-a-package-owned-by-the-authenticated-user
            self._PACKAGES_VERSIONS_ENDPOINT = "https://api.github.com/user/packages/{PACKAGE_TYPE}/{PACKAGE_NAME}/versions"
+            # https://docs.github.com/en/rest/packages#delete-a-package-version-for-the-authenticated-user
            self._PACKAGE_VERSION_DELETE_ENDPOINT = "https://api.github.com/user/packages/{PACKAGE_TYPE}/{PACKAGE_NAME}/versions/{PACKAGE_VERSION_ID}"

    def __enter__(self):
@ -135,23 +140,6 @@ class GithubContainerRegistry:
            )


-class DockerHubContainerRegistery:
-    def __init__(self):
-        pass
-
-    def __enter__(self):
-        return self
-
-    def __exit__(self, exc_type, exc_val, exc_tb):
-        pass
-
-    def get_image_versions(self) -> List:
-        return []
-
-    def delete_image_version(self):
-        pass
-
-
 def _main():
    parser = ArgumentParser(
        description="Using the GitHub API locate and optionally delete container"
@ -234,15 +222,20 @@ def _main():
                for tag_to_delete in to_delete:
                    package_version_info = packages_tagged_feature[tag_to_delete]

-                    logger.info(
-                        f"Deleting {tag_to_delete} (id {package_version_info['id']})",
-                    )
                    if args.delete:
+                        logger.info(
+                            f"Deleting {tag_to_delete} (id {package_version_info['id']})",
+                        )
                        gh_api.delete_package_version(
                            package_name,
                            package_version_info,
                        )

+                    else:
+                        logger.info(
+                            f"Would delete {tag_to_delete} (id {package_version_info['id']})",
+                        )
+
                if args.untagged:
                    logger.info(f"Deleting untagged packages of {package_name}")
                    for to_delete_name in untagged_packages:
@ -253,15 +246,8 @@ def _main():
                                package_name,
                                to_delete_version,
                            )
-
-        with DockerHubContainerRegistery() as dh_api:
-            docker_hub_image_version = dh_api.get_image_versions()
-
-            # TODO
-            docker_hub_to_delete = []
-
-            for x in docker_hub_to_delete:
-                dh_api.delete_image_version()
+                else:
+                    logger.info("Leaving untagged images untouched")


 if __name__ == "__main__":
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -135,12 +135,18 @@ jobs:
      -
        name: Check pushing to Docker Hub
        id: docker-hub
-        # Only push to Dockerhub from the main repo
+        # Only push to Dockerhub from the main repo AND the ref is either:
+        #  main
+        #  dev
+        #  beta
+        #  a tag
        # Otherwise forks would require a Docker Hub account and secrets setup
        run: |
-          if [[ ${{ github.repository }} == "paperless-ngx/paperless-ngx" ]] ; then
+          if [[ ${{ github.repository }} == "paperless-ngx/paperless-ngx" && ( ${{ github.ref_name }} == "main" || ${{ github.ref_name }} == "dev" || ${{ github.ref_name }} == "beta" || ${{ startsWith(github.ref, 'refs/tags/v') }} == "true" ) ]] ; then
+            echo "Enabling DockerHub image push"
            echo ::set-output name=enable::"true"
          else
+            echo "Not pushing to DockerHub"
            echo ::set-output name=enable::"false"
          fi
      -
--- a/.github/workflows/cleanup-tags.yml
+++ b/.github/workflows/cleanup-tags.yml
@ -45,4 +45,4 @@ jobs:
      -
        name: Cleanup feature tags
        run: |
-          python ${GITHUB_WORKSPACE}/.github/scripts/cleanup-tags.py --loglevel info
+          python ${GITHUB_WORKSPACE}/.github/scripts/cleanup-tags.py --loglevel info --delete
--- a/.gitignore
+++ b/.gitignore
@ -70,6 +70,7 @@ target/
 .virtualenv
 virtualenv
 /venv
+.venv/
 /docker-compose.env
 /docker-compose.yml