Skip to content

Commit

Permalink
Refactor prune images service
Browse files Browse the repository at this point in the history
  • Loading branch information
@dsotirho-ucsc
dsotirho-ucsc committed Dec 13, 2024
1 parent 1db6db7 commit 65913b7
Showing 1 changed file with 34 additions and 50 deletions.
84 changes: 34 additions & 50 deletions terraform/gitlab/gitlab.tf.json.template.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1922,60 +1922,44 @@ def merge(sets: Iterable[Iterable[str]]) -> Iterable[str]:
'ExecStartPre=-/usr/bin/docker stop prune-images',
'ExecStartPre=-/usr/bin/docker rm prune-images',
'ExecStartPre=/usr/bin/docker pull ' + str(dind_image),
jw(
'ExecStart=/usr/bin/docker',
'exec', # Execute (as in `docker exec`) …
'gitlab-dind', # … inside the gitlab-dind container …
'sh -c', # … via the shell so we can redirect stdout
sq(
# Normally, output from a `docker exec` command isn't processed by docker's
# logging mechanism, however with a redirect to /proc/1/fd/1 we can send the
# output of the command being exec'd to the docker container's STDOUT.
# https://github.com/moby/moby/issues/8662#issuecomment-277396232
'docker', # The docker …
'image', # … image command …
'prune', # … to delete, …
'--force', # … without prompting for confirmation, …
'--all', # … all images …
f'--filter "until={90 * 24}h"', # … except those from more recent builds …
'> /proc/1/fd/1', # … with output sent to the container's STDOUT.
),
#
# If we deleted more recent images, we
# would risk failing the requirements
# check on sandbox builds since that
# check depends on image caching. The
# deadline below assumes that the most
# recent pipeline was run less than a
# month ago.
),
jw(
'ExecStart=/usr/bin/docker',
'exec', # Execute (as in `docker exec`) …
'gitlab-dind', # … inside the gitlab-dind container …
'sh -c', # … via the shell so we can redirect stdout
sq(
*[
jw(
'ExecStart=/usr/bin/docker',
'exec', # Execute (as in `docker exec`) …
'gitlab-dind', # … inside the gitlab-dind container …
'sh -c', # … via the shell so we can redirect stdout
# Normally, output from a `docker exec` command isn't processed by docker's
# logging mechanism, however with a redirect to /proc/1/fd/1 we can send the
# output of the command being exec'd to the docker container's STDOUT.
# https://github.com/moby/moby/issues/8662#issuecomment-277396232
'docker', # The docker …
'buildx', # … buildx command …
'prune', # … to delete, …
'--force', # … without prompting for confirmation, …
'--all', # … all images …
f'--filter "until={90 * 24}h"', # … except those from more recent builds …
'> /proc/1/fd/1', # … with output sent to the container's STDOUT.
),
#
# If we deleted more recent images, we
# would risk failing the requirements
# check on sandbox builds since that
# check depends on image caching. The
# deadline below assumes that the most
# recent pipeline was run less than a
# month ago.
),
command,
)
for command in [
sq(
'docker', # The docker …
'image', # … image command …
'prune', # … to delete, …
'--force', # … without prompting for confirmation, …
'--all', # … all images …
f'--filter "until={90 * 24}h"', # … except those from more recent builds …
'> /proc/1/fd/1', # … with output sent to the container's STDOUT.
),
sq(
'docker', # The docker …
'buildx', # … buildx command …
'prune', # … to delete, …
'--force', # … without prompting for confirmation, …
'--all', # … all images …
f'--filter "until={90 * 24}h"', # … except those from more recent builds …
'> /proc/1/fd/1', # … with output sent to the container's STDOUT.
#
# If we deleted more recent images, we would risk failing the requirements
# check on sandbox builds since that check depends on image caching. The
# deadline above assumes that the most recent pipeline was run less than
# three months ago.
)
]
],
'[Install]',
'WantedBy='
)
Expand Down

0 comments on commit 65913b7

Please sign in to comment.