From d37bd077d8c64fd085e2013e6ddfb088eb7619b4 Mon Sep 17 00:00:00 2001
From: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Date: Mon, 16 Jan 2023 10:09:55 +0100
Subject: [PATCH] ci: delete old images from main ref

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
---
 .github/workflows/purge-main.yml | 67 ++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 .github/workflows/purge-main.yml

diff --git a/.github/workflows/purge-main.yml b/.github/workflows/purge-main.yml
new file mode 100644
index 000000000..e0548f9a9
--- /dev/null
+++ b/.github/workflows/purge-main.yml
@@ -0,0 +1,67 @@
+name: Purge old images from main branch
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 */2 * * *"
+
+jobs:
+  find-version:
+    name: Delete version from main ref
+    runs-on: ubuntu-22.04
+    outputs:
+      version: ${{ steps.find.outputs.version }}
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+        with:
+          ref: ${{ github.head_ref }}
+
+      - name: Login to AWS
+        uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
+        with:
+          role-to-assume: arn:aws:iam::795746500882:role/GithubConstellationVersionsAPIRead
+          aws-region: eu-central-1
+
+      - name: List versions
+        id: list
+        uses: ./.github/actions/versionsapi
+        with:
+          command: list
+          ref: main
+          stream: debug
+
+      - name: Find version to delete
+        id: find
+        shell: bash
+        run: |
+          versions=$(cat versionsapi_output.txt)
+          echo "Found versions:"
+          echo "${versions}"
+
+          echo "Newest 10 versions shouldn't be deleted"
+          deletable=$(echo "${versions}" | head -n -10)
+          if [ -z "${deletable}" ]; then
+            echo "No deletable versions found"
+            exit 0
+          fi
+          echo "Found deletable versions:"
+          echo "${deletable}"
+
+          ver=$(echo "${deletable}" | head -n 1)
+          echo "Deleting oldest version: ${ver}"
+          echo "version=${ver}" >> "$GITHUB_OUTPUT"
+
+  delete:
+    name: Delete version
+    if: needs.find-version.outputs.version != ''
+    uses: ./.github/workflows/versionsapi.yml
+    needs: find-version
+    secrets: inherit
+    with:
+      command: remove
+      dryrun: true
+      version_path: ${{ needs.find-version.outputs.version }}