From 65913b74cf43b93f946f9de9b97b2b41e30de882 Mon Sep 17 00:00:00 2001 From: Daniel Sotirhos Date: Fri, 13 Dec 2024 11:10:50 -0800 Subject: [PATCH] Refactor prune images service --- terraform/gitlab/gitlab.tf.json.template.py | 84 +++++++++------------ 1 file changed, 34 insertions(+), 50 deletions(-) diff --git a/terraform/gitlab/gitlab.tf.json.template.py b/terraform/gitlab/gitlab.tf.json.template.py index f7ca908d3..1a6fc6acb 100644 --- a/terraform/gitlab/gitlab.tf.json.template.py +++ b/terraform/gitlab/gitlab.tf.json.template.py @@ -1922,60 +1922,44 @@ def merge(sets: Iterable[Iterable[str]]) -> Iterable[str]: 'ExecStartPre=-/usr/bin/docker stop prune-images', 'ExecStartPre=-/usr/bin/docker rm prune-images', 'ExecStartPre=/usr/bin/docker pull ' + str(dind_image), - jw( - 'ExecStart=/usr/bin/docker', - 'exec', # Execute (as in `docker exec`) … - 'gitlab-dind', # … inside the gitlab-dind container … - 'sh -c', # … via the shell so we can redirect stdout - sq( - # Normally, output from a `docker exec` command isn't processed by docker's - # logging mechanism, however with a redirect to /proc/1/fd/1 we can send the - # output of the command being exec'd to the docker container's STDOUT. - # https://github.com/moby/moby/issues/8662#issuecomment-277396232 - 'docker', # The docker … - 'image', # … image command … - 'prune', # … to delete, … - '--force', # … without prompting for confirmation, … - '--all', # … all images … - f'--filter "until={90 * 24}h"', # … except those from more recent builds … - '> /proc/1/fd/1', # … with output sent to the container's STDOUT. - ), - # - # If we deleted more recent images, we - # would risk failing the requirements - # check on sandbox builds since that - # check depends on image caching. The - # deadline below assumes that the most - # recent pipeline was run less than a - # month ago. - ), - jw( - 'ExecStart=/usr/bin/docker', - 'exec', # Execute (as in `docker exec`) … - 'gitlab-dind', # … inside the gitlab-dind container … - 'sh -c', # … via the shell so we can redirect stdout - sq( + *[ + jw( + 'ExecStart=/usr/bin/docker', + 'exec', # Execute (as in `docker exec`) … + 'gitlab-dind', # … inside the gitlab-dind container … + 'sh -c', # … via the shell so we can redirect stdout # Normally, output from a `docker exec` command isn't processed by docker's # logging mechanism, however with a redirect to /proc/1/fd/1 we can send the # output of the command being exec'd to the docker container's STDOUT. # https://github.com/moby/moby/issues/8662#issuecomment-277396232 - 'docker', # The docker … - 'buildx', # … buildx command … - 'prune', # … to delete, … - '--force', # … without prompting for confirmation, … - '--all', # … all images … - f'--filter "until={90 * 24}h"', # … except those from more recent builds … - '> /proc/1/fd/1', # … with output sent to the container's STDOUT. - ), - # - # If we deleted more recent images, we - # would risk failing the requirements - # check on sandbox builds since that - # check depends on image caching. The - # deadline below assumes that the most - # recent pipeline was run less than a - # month ago. - ), + command, + ) + for command in [ + sq( + 'docker', # The docker … + 'image', # … image command … + 'prune', # … to delete, … + '--force', # … without prompting for confirmation, … + '--all', # … all images … + f'--filter "until={90 * 24}h"', # … except those from more recent builds … + '> /proc/1/fd/1', # … with output sent to the container's STDOUT. + ), + sq( + 'docker', # The docker … + 'buildx', # … buildx command … + 'prune', # … to delete, … + '--force', # … without prompting for confirmation, … + '--all', # … all images … + f'--filter "until={90 * 24}h"', # … except those from more recent builds … + '> /proc/1/fd/1', # … with output sent to the container's STDOUT. + # + # If we deleted more recent images, we would risk failing the requirements + # check on sandbox builds since that check depends on image caching. The + # deadline above assumes that the most recent pipeline was run less than + # three months ago. + ) + ] + ], '[Install]', 'WantedBy=' )