ci: push dev images to ghcr (#1591)

* ci: push dev images to ghcr Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: use new ghcr images Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: use ghcr proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 14:08:34 +02:00
parent ef1cf7867c
commit 7bf587af24
11 changed files with 44 additions and 23 deletions
--- a/.github/workflows/ci-main.yml
+++ b/.github/workflows/ci-main.yml
@ -299,15 +299,15 @@ jobs:
        uses: docker/login-action@v1
        if: ${{ steps.ev.outputs.shouldBuild == 'true' }}
        with:
-          registry: beryju.org
-          username: ${{ secrets.HARBOR_USERNAME }}
-          password: ${{ secrets.HARBOR_PASSWORD }}
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Building Docker Image
        uses: docker/build-push-action@v2
        with:
          push: ${{ steps.ev.outputs.shouldBuild == 'true' }}
          tags: |
-            beryju.org/authentik/server:gh-${{ steps.ev.outputs.branchNameContainer }}
-            beryju.org/authentik/server:gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}-${{ steps.ev.outputs.sha }}
+            ghcr.io/goauthentik/dev-server:gh-${{ steps.ev.outputs.branchNameContainer }}
+            ghcr.io/goauthentik/dev-server:gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}-${{ steps.ev.outputs.sha }}
          build-args: |
            GIT_BUILD_HASH=${{ steps.ev.outputs.sha }}
--- a/.github/workflows/ci-outpost.yml
+++ b/.github/workflows/ci-outpost.yml
@ -53,17 +53,17 @@ jobs:
        uses: docker/login-action@v1
        if: ${{ steps.ev.outputs.shouldBuild == 'true' }}
        with:
-          registry: beryju.org
-          username: ${{ secrets.HARBOR_USERNAME }}
-          password: ${{ secrets.HARBOR_PASSWORD }}
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Building Docker Image
        uses: docker/build-push-action@v2
        with:
          push: ${{ steps.ev.outputs.shouldBuild == 'true' }}
          tags: |
-            beryju.org/authentik/outpost-${{ matrix.type }}:gh-${{ steps.ev.outputs.branchNameContainer }}
-            beryju.org/authentik/outpost-${{ matrix.type }}:gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}
-            beryju.org/authentik/outpost-${{ matrix.type }}:gh-${{ steps.ev.outputs.sha }}
+            ghcr.io/goauthentik/dev-${{ matrix.type }}:gh-${{ steps.ev.outputs.branchNameContainer }}
+            ghcr.io/goauthentik/dev-${{ matrix.type }}:gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}
+            ghcr.io/goauthentik/dev-${{ matrix.type }}:gh-${{ steps.ev.outputs.sha }}
          file: ${{ matrix.type }}.Dockerfile
          build-args: |
            GIT_BUILD_HASH=${{ steps.ev.outputs.sha }}
--- a/.github/workflows/ghcr-retention.yml
+++ b/.github/workflows/ghcr-retention.yml
@ -0,0 +1,21 @@
+name: ghcr-retention
+
+on:
+  schedule:
+    - cron: '0 0 * * *'  # every day at midnight
+
+jobs:
+  clean-ghcr:
+    name: Delete old unused container images
+    runs-on: ubuntu-latest
+    steps:
+      - name: Delete 'dev' containers older than a week
+        uses: sondrelg/container-retention-policy@v1
+        with:
+          image-names: dev-server,dev-ldap,dev-proxy
+          cut-off: One month ago UTC
+          account-type: org
+          org-name: goauthentik
+          untagged-only: false
+          token: ${{ secrets.GHCR_CLEANUP_TOKEN }}
+          skip-tags: gh-next,gh-master