Feature: Introduce new payload parameters (#29)

In [release 0.7.0 of GCR Cleaner tool,](https://github.com/GoogleCloudPlatform/gcr-cleaner/releases/tag/v0.7.0) there was an introduction of new parameters: > This release introduces a new mechanism for deleting tagged images. You can now specify tag_filter_all or tag_filter_any to control how the filters match against images with multiple tags. The existing behavior of tag_filter is preserved, but will be removed in a future release. Additionally, specifying allow_tagged is no longer necessary as specifying any tag filter will automatically activate deleting tagged images. Also in this PR: * Updating examples * Updating documentation * Updating pre-commit repos URLs: using https:// instead of git://. See https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more details
mirakl · Jan 11, 2022 · 0ea8b25 · 0ea8b25
1 parent d98f660
commit 0ea8b25
Show file tree

Hide file tree

Showing 10 changed files with 122 additions and 194 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
-  - repo: git://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.58.0
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.62.3
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
@@ -21,7 +21,7 @@ repos:
           - '--args=--only=terraform_required_providers'
           - '--args=--only=terraform_standard_module_structure'
           - '--args=--only=terraform_workspace_remote'
-  - repo: git://github.com/pre-commit/pre-commit-hooks
-    rev: v4.0.1
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.1.0
     hooks:
       - id: check-merge-conflict
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/README.md b/README.md
@@ -71,23 +71,10 @@ module "gcr_cleaner" {
       project_id     = "yet-another-project-id"
       clean_all      = true
       parameters = {
-        allow_tagged = true
-        keep         = 5
-        grace        = "120h"
-        tag_filter   = "^beta.+$"
+        keep           = 5
+        grace          = "120h"
+        tag_filter_all = "^beta.+$"
       }
-    },
-    {
-      project_id     = "automation-project-id"
-      repositories = [
-        {
-          # in `test/tools/ci` repository and all its child repositories, keep only 5 tags
-          name         = "test/tools/ci"
-          allow_tagged = true
-          keep         = 5
-          recursive    = true
-        }
-      ]
     }
   ]
 }
@@ -110,7 +97,7 @@ module "gcr_cleaner" {
 
 | Name | Version |
 |------|---------|
-| <a name="provider_google"></a> [google](#provider\_google) | 4.1.0 |
+| <a name="provider_google"></a> [google](#provider\_google) | 4.6.0 |
 
 ## Modules
 
@@ -152,7 +139,7 @@ No modules.
 | <a name="input_disable_dependent_services"></a> [disable\_dependent\_services](#input\_disable\_dependent\_services) | If `true`, services that are enabled and which depend on this service should also be disabled when this service is destroyed. If `false` or unset, an error will be generated if any enabled services depend on this service when destroying it. | `bool` | `false` | no |
 | <a name="input_disable_on_destroy"></a> [disable\_on\_destroy](#input\_disable\_on\_destroy) | If `true`, disable the service when the terraform resource is destroyed. May be useful in the event that a project is long-lived but the infrastructure running in that project changes frequently. | `bool` | `false` | no |
 | <a name="input_gcr_cleaner_image"></a> [gcr\_cleaner\_image](#input\_gcr\_cleaner\_image) | The docker image of the gcr cleaner to deploy to Cloud Run. | `string` | `"gcr.io/gcr-cleaner/gcr-cleaner:latest"` | no |
-| <a name="input_gcr_repositories"></a> [gcr\_repositories](#input\_gcr\_repositories) | List of Google Container Registries objects to create:<pre>list(object({<br>    project_id      = Value of the Google project id, if ommited, it will be assigned `google_project_id` variable value (optional(string))<br>    storage_region  = Location of the storage bucket (optional(string))<br>    repositories    = Docker image repositories to clean (optional(list(object({<br>      name         = Name of the repository (string)<br>      grace        = Relative duration in which to ignore references. This value is specified as a time duration value like "5s" or "3h". If set, refs newer than the duration will not be deleted. If unspecified, the default is no grace period (all untagged image refs are deleted) (optional(string))<br>      allow_tagged = If set to true, will check all images including tagged. If unspecified, the default will only delete untagged images (optional(bool))<br>      keep         = If an integer is provided, it will always keep that minimum number of images. Note that it will not consider images inside the `grace` duration (optional(string))<br>      tag_filter   = Used for tags regexp definition to define pattern to clean, requires `allow_tagged` must be true. For example: use `"^dev.+$"` to limit cleaning only on the tags with beginning with is `dev`. The default is no filtering (optional(string))<br>      recursive    = If set to true, will recursively search all child repositories (optional(bool))<br>    }))))<br>    clean_all       = Set to `true` to clean all project's repositories (optional(bool))<br>    parameters      = Map of parameters to apply to all repositories when `clean_all` is set to `true` (optional(object({<br>      grace        = Relative duration in which to ignore references. This value is specified as a time duration value like "5s" or "3h". If set, refs newer than the duration will not be deleted. If unspecified, the default is no grace period (all untagged image refs are deleted) (optional(string))<br>      allow_tagged = If set to true, will check all images including tagged. If unspecified, the default will only delete untagged images (optional(bool))<br>      keep         = If an integer is provided, it will always keep that minimum number of images. Note that it will not consider images inside the `grace` duration (optional(string))<br>      tag_filter   = Used for tags regexp definition to define pattern to clean, requires `allow_tagged` must be true. For example: use `"^dev.+$"` to limit cleaning only on the tags with beginning with is `dev`. The default is no filtering (optional(string))<br>    })))<br>}))</pre> | <pre>list(object({<br>    project_id     = optional(string)<br>    storage_region = optional(string)<br>    repositories = optional(list(object({<br>      name         = string<br>      grace        = optional(string)<br>      allow_tagged = optional(bool)<br>      keep         = optional(string)<br>      tag_filter   = optional(string)<br>      recursive    = optional(bool)<br>    })))<br>    clean_all = optional(bool)<br>    parameters = optional(object({<br>      grace        = optional(string)<br>      allow_tagged = optional(bool)<br>      keep         = optional(string)<br>      tag_filter   = optional(string)<br>    }))<br>  }))</pre> | `[]` | no |
+| <a name="input_gcr_repositories"></a> [gcr\_repositories](#input\_gcr\_repositories) | List of Google Container Registries objects to create:<pre>list(object({<br>    project_id     = Value of the Google project id, if ommited, it will be assigned `google_project_id` variable value (optional(string))<br>    storage_region = Location of the storage bucket (optional(string))<br>    repositories = Docker image repositories to clean (optional(list(object({<br>      name           = Name of the repository (string)<br>      grace          = Relative duration in which to ignore references. This value is specified as a time duration value like "5s" or "3h". If set, refs newer than the duration will not be deleted. If unspecified, the default is no grace period (all untagged image refs are deleted) (optional(string))<br>      keep           = If an integer is provided, it will always keep that minimum number of images. Note that it will not consider images inside the `grace` duration (optional(string))<br>      tag_filter     = (Deprecated) If specified, any image where the first tag matches this given regular expression will be deleted. The image will not be deleted if other tags match the regular expression (optional(string))<br>      tag_filter_any = If specified, any image with at least one tag that matches this given regular expression will be deleted. The image will be deleted even if it has other tags that do not match the given regular expression (optional(string))<br>      tag_filter_all = If specified, any image where all tags match this given regular expression will be deleted. The image will not be delete if it has other tags that do not match the given regular expression (optional(string))<br>      recursive      = If set to true, will recursively search all child repositories (optional(bool))<br>    }))))<br>    clean_all  = Set to `true` to clean all project's repositories (optional(bool))<br>    parameters = Map of parameters to apply to all repositories when `clean_all` is set to `true` (optional(object({<br>      grace          = Relative duration in which to ignore references. This value is specified as a time duration value like "5s" or "3h". If set, refs newer than the duration will not be deleted. If unspecified, the default is no grace period (all untagged image refs are deleted) (optional(string))<br>      keep           = If an integer is provided, it will always keep that minimum number of images. Note that it will not consider images inside the `grace` duration (optional(string))<br>      tag_filter     = (Deprecated) If specified, any image where the first tag matches this given regular expression will be deleted. The image will not be deleted if other tags match the regular expression (optional(string))<br>      tag_filter_any = If specified, any image with at least one tag that matches this given regular expression will be deleted. The image will be deleted even if it has other tags that do not match the given regular expression (optional(string))<br>      tag_filter_all = If specified, any image where all tags match this given regular expression will be deleted. The image will not be delete if it has other tags that do not match the given regular expression (optional(string))<br>    })))<br>}))</pre> | <pre>list(object({<br>    project_id     = optional(string)<br>    storage_region = optional(string)<br>    repositories = optional(list(object({<br>      name           = string<br>      grace          = optional(string)<br>      keep           = optional(string)<br>      tag_filter     = optional(string)<br>      tag_filter_any = optional(string)<br>      tag_filter_all = optional(string)<br>      recursive      = optional(bool)<br>    })))<br>    clean_all = optional(bool)<br>    parameters = optional(object({<br>      grace          = optional(string)<br>      keep           = optional(string)<br>      tag_filter     = optional(string)<br>      tag_filter_any = optional(string)<br>      tag_filter_all = optional(string)<br>    }))<br>  }))</pre> | `[]` | no |
 
 ## Outputs
 

diff --git a/examples/complete/.terraform.lock.hcl b/examples/complete/.terraform.lock.hcl
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -22,24 +22,28 @@ module "gcr_cleaner" {
     {
       storage_region = "eu"
       repositories = [
+        {
+          # in `test/nginx` repository, delete all `beta` tags
+          name           = "test/nginx"
+          tag_filter_all = "^beta.+$"
+        },
         {
           # in `test/nginx` repository, delete all images older than 30 days (720h)
           name  = "test/nginx"
           grace = "720h"
         },
         {
-          # in `test/python` repository, keep 3 `alpha` tags
-          name         = "test/python"
-          allow_tagged = true
-          keep         = 3
-          tag_filter   = "^alpha.+$"
+          # in `test/python` repository, if there is at least one `alpha` tag,
+          # delete all and keep only 3 tags
+          name           = "test/python"
+          keep           = 3
+          tag_filter_any = "^alpha.+$"
         },
         {
-          # in `test/tools/ci` repository and all its child repositories, keep only 5 tags
-          name         = "test/tools/ci"
-          allow_tagged = true
-          keep         = 5
-          recursive    = true
+          # in `test/tools/ci` repository and all its child repositories, keep only 5 images
+          name      = "test/tools/ci"
+          keep      = 5
+          recursive = true
         }
       ]
     },
@@ -53,21 +57,9 @@ module "gcr_cleaner" {
       clean_all      = true
       storage_region = "eu"
       parameters = {
-        allow_tagged = true
-        keep         = 5
-        grace        = "120h"
-        tag_filter   = "^beta.+$"
-      }
-    },
-    {
-      # in all repositories, keep 10 `live` tags, ignore anything newer than 15 days
-      clean_all      = true
-      storage_region = "eu"
-      parameters = {
-        allow_tagged = true
-        keep         = 10
-        grace        = "360h"
-        tag_filter   = "^live.+$"
+        keep           = 5
+        grace          = "120h"
+        tag_filter_all = "^beta.+$"
       }
     }
   ]