diff --git a/.github/workflows/containers.yaml b/.github/workflows/containers.yaml index dc2b2ea7f..41f244bd5 100644 --- a/.github/workflows/containers.yaml +++ b/.github/workflows/containers.yaml @@ -8,7 +8,8 @@ on: - "containers/**" - ".github/workflows/containers.yaml" - "python/**" - pull_request: + pull_request_target: + types: [opened, synchronize, reopened, closed] paths: - "containers/**" - ".github/workflows/containers.yaml" @@ -28,7 +29,6 @@ jobs: - name: setup docker buildx uses: docker/setup-buildx-action@v3 - name: login to ghcr.io - if: ${{ github.event_name != 'pull_request' }} uses: docker/login-action@v3 with: registry: ghcr.io @@ -59,7 +59,7 @@ jobs: file: containers/Dockerfile.${{ matrix.project }} build-args: OPENSTACK_VERSION=${{ matrix.openstack }} pull: true # ensure we always have an up to date source - push: ${{ github.event_name != 'pull_request' }} + push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} annotations: ${{ steps.meta.outputs.annotations }} @@ -71,7 +71,6 @@ jobs: - name: setup docker buildx uses: docker/setup-buildx-action@v3 - name: login to ghcr.io - if: ${{ github.event_name != 'pull_request' }} uses: docker/login-action@v3 with: registry: ghcr.io @@ -100,7 +99,7 @@ jobs: uses: docker/build-push-action@v5 with: file: containers/Dockerfile.dnsmasq - push: ${{ github.event_name != 'pull_request' }} + push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} @@ -116,7 +115,6 @@ jobs: - name: setup docker buildx uses: docker/setup-buildx-action@v3 - name: login to ghcr.io - if: ${{ github.event_name != 'pull_request' }} uses: docker/login-action@v3 with: registry: ghcr.io @@ -146,9 +144,59 @@ jobs: with: file: containers/Dockerfile.${{ matrix.container.name }} pull: true # ensure we always have an up to date source - push: ${{ github.event_name != 'pull_request' }} + push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} annotations: ${{ steps.meta.outputs.annotations }} # prod is the target that has the code installed target: prod + + clean_containers: + if: github.event_name == 'pull_request' && github.event.action == 'closed' + runs-on: ubuntu-latest + + permissions: + packages: write + + strategy: + matrix: + container: + - ironic + - neutron + - dnsmasq + - ironic-nautobot-client + + steps: + - name: clean up PR container + uses: actions/github-script@v7 + env: + CONTAINER_NAME: '${{ matrix.container }}' + with: + script: | + const container_name = `understack%2F${process.env.CONTAINER_NAME}`; + const response = github.rest.packages.getAllPackageVersionsForPackageOwnedByOrg({ + package_type: "container", + package_name: process.env.CONTAINER_NAME, + org: context.repo.owner, + }); + + const target_tag = `pr-${context.payload.pull_request.number}`; + console.log(`Looking for tag ${target_tag}` for container ${container_name}`); + + const versions = response.data; + const matchingVersion = versions.find(version => + version.metadata.container.tags.includes(target_tag) + ); + + if (matchingVersion) { + console.log(`Found tag to delete "${target_tag}":`, matchingVersion); + await github.rest.packages.deletePackageVersionForOrg({ + package_type: "container", + package_name: container_name, + org: context.repo.owner, + package_version_id: pkg_id, + }); + console.log("Tag deleted"); + } else { + console.log(`No package version found with the tag "${target_tag}".`); + }