Keep your github container registry tidy

SO you drank the cool-aid, like me, and use GitHub Actions to build your projects and GitHub pacckages for your private containers, maven produced Jars, npm modules. Soon your honeymoon is over and you hit the storage limit of your account.

You need to clean up

Looking at the packages you will notice, that they are all there, all the version, in case of containers even the untagged ones. The root of the problem is equally the solution: a GitHub Action to delete package versions. The package is very flexible and well documented, outlining several scenarios how to put it to use

Things to watch out for

You have to decide when you want to put it to use:

• on schedule, like every Friday
• manual, pressing a button
• on each build, when you add a new package

I also experienced that {{ secrets.GITHUB_TOKEN }} wouldn't work when the package you target is private, even when it is in the same repository. Once you know, it's not a big deal, just create a PAT and add it to the repository's secrets. You might want to add workflow_dispatch to all triggers, so you can test run them anytime.

Samples

A few ideas to use, make sure you also check the scenarios outlined by the action author. Also check the version of the action, it might have an update since this blog was published.

All samples assume you handle packages in your own account/org. NUKE_TOKEN is the PAT in use.

Delete untagged container on button click

on:
  workflow_dispatch:

jobs:
  house-keeping:
    runs-on: ubuntu-latest
    steps:
      - name: Remove untagged container images
        uses: actions/delete-package-versions@v4.1.1
        with:
          package-name: 'my-fancy-container'
          package-type: 'container'
          delete-only-untagged-versions: 'true'
          min-versions-to-keep: 1
          token: ${{ secrets.NUKE_TOKEN }}

Delete one old version on push

But keep at lest 3 old ones

on:
  push:
    branches:
      - main
      - develop

jobs:
  house-keeping:
    runs-on: ubuntu-latest
    steps:
      - name: Remove one old npm when there are more than three
        uses: actions/delete-package-versions@v4.1.1
        with:
          package-name: 'my-fancy-npm'
          package-type: 'npm'
          num-old-versions-to-delete: 1
          min-versions-to-keep: 3
          token: ${{ secrets.NUKE_TOKEN }}

Remove old containers Saturday 04:00am

But keep the last 5

on:
  schedule:
    - cron: '0 4 * * 6'

jobs:
  house-keeping:
    runs-on: ubuntu-latest
    steps:
      - name: Keep the last 5
        uses: actions/delete-package-versions@v4.1.1
        with:
          package-name: 'my-fancy-container'
          package-type: 'container'
          min-versions-to-keep: 5
          num-old-versions-to-delete: 100
          token: ${{ secrets.NUKE_TOKEN }}

As usual YMMV - Test them well