4eed905fb6
- Added automatic GC to prune script after deleting manifests - Cronjob now uses python:3.12-slim with kubectl installed - Added serviceAccountName: registry-gc-runner for permissions - GC scales down registry, runs garbage-collect, scales back up - Deletes unreferenced blob layers to actually free disk space
42 lines
1.4 KiB
YAML
42 lines
1.4 KiB
YAML
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: registry-keep-last-3-builds
|
|
namespace: registry
|
|
spec:
|
|
schedule: "*/15 * * * *"
|
|
concurrencyPolicy: Forbid
|
|
successfulJobsHistoryLimit: 2
|
|
failedJobsHistoryLimit: 3
|
|
jobTemplate:
|
|
spec:
|
|
backoffLimit: 1
|
|
template:
|
|
spec:
|
|
serviceAccountName: registry-gc-runner
|
|
restartPolicy: Never
|
|
containers:
|
|
- name: prune
|
|
image: python:3.12-slim
|
|
command: ["sh", "-c"]
|
|
args:
|
|
- |
|
|
# Install kubectl
|
|
apt-get update && apt-get install -y curl --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
|
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
|
|
install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
|
|
# Run the prune script
|
|
python3 /scripts/prune.py
|
|
volumeMounts:
|
|
- name: script
|
|
mountPath: /scripts
|
|
- name: auth
|
|
mountPath: /auth
|
|
readOnly: true
|
|
volumes:
|
|
- name: script
|
|
configMap:
|
|
name: registry-retention-script
|
|
- name: auth
|
|
secret:
|
|
secretName: registry-regcred
|