.github/workflows/cleanup-old-docker-images.yml

name: Cleanup Old Docker Images > 6 months by the scheduler

on:
  push:
    branches-ignore:
      - master

jobs:
  cleanup:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v2

      - name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: List Docker Hub images and delete ones matching the pattern
        run: |
          REPO="spryker/php"
          curl -s "https://hub.docker.com/v2/repositories/${REPO}/tags?page_size=1000" > tags.json
          TODAY=$(date +%s)
          THRESHOLD=$((180 * 24 * 60 * 60)) # 180 days in seconds
          
          # Regex pattern to match tags that end with a hash (40-character hexadecimal)
          HASH_PATTERN=".*-[a-f0-9]{40}$"
          IMAGES_DELETED=false
          DELETED_IMAGES=""

          for TAG in $(jq -r '.results[] | @base64' < tags.json); do
            _jq() {
              echo ${TAG} | base64 --decode | jq -r ${1}
            }

            TAG_NAME=$(_jq '.name')
            LAST_UPDATED=$(_jq '.last_updated')
            LAST_UPDATED_DATE=$(date -d "${LAST_UPDATED}" +%s)

            AGE=$((TODAY - LAST_UPDATED_DATE))

            if [[ ${AGE} -ge ${THRESHOLD} ]] && [[ ${TAG_NAME} =~ ${HASH_PATTERN} ]]; then
              echo "Deleting image tag ${TAG_NAME} (last updated: ${LAST_UPDATED})"
              IMAGES_DELETED=true
              DELETED_IMAGES="${DELETED_IMAGES}\n${TAG_NAME}"

              # Uncomment the following lines to enable image deletion
              curl -X DELETE \
                -u "${{ secrets.DOCKER_USERNAME }}:${{ secrets.DOCKER_PASSWORD }}" \
                "https://hub.docker.com/v2/repositories/${REPO}/tags/${TAG_NAME}/"
            fi
          done

          if [[ ${IMAGES_DELETED} == false ]]; then
            echo "No images matching the pattern were found for deletion."
            echo "No images found" > deleted_images.txt
          else
            echo -e "Deleted images: ${DELETED_IMAGES}"
            echo "${DELETED_IMAGES}" > deleted_images.txt
          fi

      - name: Send Slack Notification
        uses: slackapi/slack-github-action@v1.24.0
        with:
          payload: |
            {
              "text": "Docker Cleanup completed for repository: ${{ github.repository }}",
              "attachments": [
                {
                  "pretext": "Deleted Docker Images",
                  "color": "${{ steps.cleanup.outcome == 'success' && 'good' || 'danger' }}",
                  "fields": [
                    {
                      "title": "Outcome",
                      "value": "${{ steps.cleanup.outcome == 'success' && 'Images were deleted' || 'No images deleted' }}",
                      "short": true
                    },
                    {
                      "title": "Deleted Images",
                      "value": "$(cat deleted_images.txt)",
                      "short": false
                    },
                  ]
                }
              ]
            }
        env:
          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}