From 9d8113ecceaa00fa0dc6ceddfdb829450c0aaa0d Mon Sep 17 00:00:00 2001 From: Andreas Beuge Date: Mon, 9 Mar 2026 13:41:56 +0100 Subject: [PATCH 1/3] chore: align ECR retention policies --- .github/workflows/container.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index 9327d89..77f6f34 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -107,9 +107,13 @@ jobs: run: | aws ecr describe-repositories --repository-names ${{ inputs.appName }} || \ aws ecr create-repository --repository-name ${{ inputs.appName }} - LIFECYCLE_POLICY='{"rules":[{"rulePriority":1,"description":"Keep last 500 images","selection":{"tagStatus":"any","countType":"imageCountMoreThan","countNumber":500},"action":{"type":"expire"}}]}' - aws ecr put-lifecycle-policy --repository-name ${{ inputs.appName }} --lifecycle-policy-text "$LIFECYCLE_POLICY" - - name: Login to Amazon ECR + echo "Applying lifecycle policies" + LIFECYCLE_POLICY='{"rules":[ + {"rulePriority":1,"description":"Preserve preview images","selection":{"tagStatus":"tagged","tagPatternList":["preview-*"],"countType":"sinceImagePushed","countUnit":"days","countNumber":365},"action":{"type":"expire"}}, + {"rulePriority":2,"description":"Preserve production images","selection":{"tagStatus":"tagged","tagPatternList":["v*"],"countType":"imageCountMoreThan","countNumber":50},"action":{"type":"expire"}}, + {"rulePriority":3,"description":"Remove untagged images","selection":{"tagStatus":"untagged","countType":"sinceImagePushed","countUnit":"days","countNumber":7},"action":{"type":"expire"}} + ]}' + aws ecr put-lifecycle-policy --repository-name ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} --lifecycle-policy-text "$LIFECYCLE_POLICY" - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v2 - name: Build image From a018d1868ebc013ce3d8738eca17213f1af13615 Mon Sep 17 00:00:00 2001 From: Andreas Beuge Date: Mon, 9 Mar 2026 13:53:29 +0100 Subject: [PATCH 2/3] chore: correct ecr retention command --- .github/workflows/container.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index 77f6f34..d16653b 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -113,7 +113,7 @@ jobs: {"rulePriority":2,"description":"Preserve production images","selection":{"tagStatus":"tagged","tagPatternList":["v*"],"countType":"imageCountMoreThan","countNumber":50},"action":{"type":"expire"}}, {"rulePriority":3,"description":"Remove untagged images","selection":{"tagStatus":"untagged","countType":"sinceImagePushed","countUnit":"days","countNumber":7},"action":{"type":"expire"}} ]}' - aws ecr put-lifecycle-policy --repository-name ${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }} --lifecycle-policy-text "$LIFECYCLE_POLICY" - name: Login to Amazon ECR + aws ecr put-lifecycle-policy --repository-name ${{ inputs.appName }} --lifecycle-policy-text "$LIFECYCLE_POLICY" id: login-ecr uses: aws-actions/amazon-ecr-login@v2 - name: Build image From a8fb0357357ed79515892223a65de09f254fc7d0 Mon Sep 17 00:00:00 2001 From: Andreas Beuge Date: Mon, 9 Mar 2026 13:58:06 +0100 Subject: [PATCH 3/3] chore: fix pipeline --- .github/workflows/container.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index d16653b..c91d88d 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -114,7 +114,7 @@ jobs: {"rulePriority":3,"description":"Remove untagged images","selection":{"tagStatus":"untagged","countType":"sinceImagePushed","countUnit":"days","countNumber":7},"action":{"type":"expire"}} ]}' aws ecr put-lifecycle-policy --repository-name ${{ inputs.appName }} --lifecycle-policy-text "$LIFECYCLE_POLICY" - id: login-ecr + - id: login-ecr uses: aws-actions/amazon-ecr-login@v2 - name: Build image uses: docker/build-push-action@v6