From 966a98537a49296e388fb4687f1c336454857d96 Mon Sep 17 00:00:00 2001 From: carlomazzaferro Date: Fri, 6 Oct 2023 15:58:53 +0100 Subject: [PATCH 1/3] fix: expire images but keep 20 at least --- ops/modules/ecr/main.tf | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/ops/modules/ecr/main.tf b/ops/modules/ecr/main.tf index 11fc928801..3795f9da40 100644 --- a/ops/modules/ecr/main.tf +++ b/ops/modules/ecr/main.tf @@ -11,7 +11,7 @@ resource "aws_ecr_lifecycle_policy" "remove_old_images" { { "rules": [ { - "rulePriority": 1, + "rulePriority": 2, "description": "Expire images older than 20 days", "selection": { "tagStatus": "any", @@ -22,6 +22,18 @@ resource "aws_ecr_lifecycle_policy" "remove_old_images" { "action": { "type": "expire" } + }, + { + "rulePriority": 1, + "description": "Expire all images that are not the last 20", + "selection": { + "tagStatus": "any", + "countType": "imageCountMoreThan", + "countNumber": 20 + }, + "action": { + "type": "expire" + } } ] } From 352185b9ee76ff49aaa8d468f12cfdb9163781c6 Mon Sep 17 00:00:00 2001 From: carlomazzaferro Date: Fri, 6 Oct 2023 16:15:43 +0100 Subject: [PATCH 2/3] fix: fix lifecycle priority --- ops/modules/ecr/main.tf | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/ops/modules/ecr/main.tf b/ops/modules/ecr/main.tf index 3795f9da40..d1538c0da4 100644 --- a/ops/modules/ecr/main.tf +++ b/ops/modules/ecr/main.tf @@ -11,10 +11,11 @@ resource "aws_ecr_lifecycle_policy" "remove_old_images" { { "rules": [ { - "rulePriority": 2, + "rulePriority": 1, "description": "Expire images older than 20 days", "selection": { - "tagStatus": "any", + "tagStatus": "tagged", + "tagPrefixList": ["sha"], "countType": "sinceImagePushed", "countUnit": "days", "countNumber": 20 @@ -24,7 +25,7 @@ resource "aws_ecr_lifecycle_policy" "remove_old_images" { } }, { - "rulePriority": 1, + "rulePriority": 2, "description": "Expire all images that are not the last 20", "selection": { "tagStatus": "any", From 9f242858589b28a384e188b4b4d6156b70fc3a97 Mon Sep 17 00:00:00 2001 From: carlomazzaferro Date: Mon, 9 Oct 2023 10:21:26 +0100 Subject: [PATCH 3/3] fix: better lifecycle policy --- ops/modules/ecr/main.tf | 41 ++++++++++++++++++++++++++++++++++------- 1 file changed, 34 insertions(+), 7 deletions(-) diff --git a/ops/modules/ecr/main.tf b/ops/modules/ecr/main.tf index d1538c0da4..06a89ef092 100644 --- a/ops/modules/ecr/main.tf +++ b/ops/modules/ecr/main.tf @@ -12,13 +12,12 @@ resource "aws_ecr_lifecycle_policy" "remove_old_images" { "rules": [ { "rulePriority": 1, - "description": "Expire images older than 20 days", + "description": "Expire main images that are not the last 50", "selection": { "tagStatus": "tagged", - "tagPrefixList": ["sha"], - "countType": "sinceImagePushed", - "countUnit": "days", - "countNumber": 20 + "tagPrefixList": ["main-"], + "countType": "imageCountMoreThan", + "countNumber": 50 }, "action": { "type": "expire" @@ -26,15 +25,43 @@ resource "aws_ecr_lifecycle_policy" "remove_old_images" { }, { "rulePriority": 2, - "description": "Expire all images that are not the last 20", + "description": "Expire staging images that are not the last 20", "selection": { - "tagStatus": "any", + "tagStatus": "tagged", + "tagPrefixList": ["staging-"], "countType": "imageCountMoreThan", "countNumber": 20 }, "action": { "type": "expire" } + }, + { + "rulePriority": 3, + "description": "Expire prod images that are not the last 5", + "selection": { + "tagStatus": "tagged", + "tagPrefixList": ["prod-"], + "countType": "imageCountMoreThan", + "countNumber": 5 + }, + "action": { + "type": "expire" + } + }, + { + "rulePriority": 4, + "description": "Expire images older than 60 days", + "selection": { + "tagStatus": "tagged", + "tagPrefixList": ["main-", "staging-", "prod-"], + "countType": "sinceImagePushed", + "countUnit": "days", + "countNumber": 180 + }, + "action": { + "type": "expire" + } } ] }