Terraform module that implements gcr-cleaner, a tool that deletes untagged images in Google Cloud Container Registry and Google Cloud Artifact Registry.
- From current project (the provider's project)
- in
test/nginxrepository, delete all untagged images - in
test/pythonrepository, delete all images older than 30 days (720h)
- in
- From
another-project-idproject- in
test/os/centosrepository, delete all untagged images
- in
- From project
foobar-123- in
foo/nginxdocker repository in Google Artifact Registryfoo, delete all untagged images - in
foo/pythondocker repository in Google Artifact Registryfoo, delete all untagged images
- in
module "gcr_cleaner" {
source = "mirakl/gcr-cleaner/google"
version = "x.y.z"
app_engine_application_location = "europe-west3"
gcr_repositories = [
{
storage_region = "eu"
repositories = [
{
# in `test/nginx` repository, delete all untagged images
name = "test/nginx"
},
{
# in `test/python` repository, delete all images older than 30 days (720h)
name = "test/python"
grace = "720h"
}
]
},
{
project_id = "another-project-id"
repositories = [
{
# in `test/os/centos` repository, delete all untagged images
name = "test/nginx"
}
]
}
]
gar_repositories = [
{
name = "foo/nginx"
registry_name = "foo"
region = "europe-west1"
project_id = "foobar-123"
},
{
name = "foo/python"
registry_name = "foo"
region = "europe-west1"
project_id = "foobar-123"
}
]
}- From
yet-another-project-idproject- in all repositories, delete all untagged images
- in all repositories, keep 5
betatags, ignore anything newer than 5 days
- From
automation-project-idproject- in in
test/tools/cirepository and all its child repositories, keep only 5 tags
- in in
module "gcr_cleaner" {
source = "mirakl/gcr-cleaner/google"
version = "x.y.z"
app_engine_application_location = "us-central"
gcr_repositories = [
{
# in all repositories, delete all untagged images
project_id = "yet-another-project-id"
clean_all = true
},
{
# in all repositories, keep 5 `beta` tags, ignore anything newer than 5 days
project_id = "yet-another-project-id"
clean_all = true
parameters = {
keep = 5
grace = "120h"
tag_filter_all = "^beta.+$"
}
}
]
}- complete - complete usage of the module (setting values for all variables)
- minimal - minimal usage of the module (using default values for variables)
| Name | Version |
|---|---|
| terraform | >= 1.3.0 |
| >= 4.37.0 | |
| google-beta | >= 4.37.0 |
| Name | Version |
|---|---|
| 5.12.0 | |
| google-beta | 5.12.0 |
No modules.
| Name | Type |
|---|---|
| google-beta_google_artifact_registry_repository_iam_member.this | resource |
| google_app_engine_application.this | resource |
| google_cloud_run_service.this | resource |
| google_cloud_run_service_iam_binding.this | resource |
| google_cloud_scheduler_job.this | resource |
| google_project_iam_member.this | resource |
| google_project_service.this | resource |
| google_service_account.cleaner | resource |
| google_service_account.invoker | resource |
| google_service_account_iam_member.tf_as_cleaner | resource |
| google_service_account_iam_member.tf_as_invoker | resource |
| google_storage_bucket_access_control.this | resource |
| google_storage_bucket_iam_member.this | resource |
| google_client_openid_userinfo.terraform | data source |
| google_project.this | data source |
| google_storage_bucket.bucket | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app_engine_application_location | The location to serve the app from. | string |
"europe-west1" |
no |
| cloud_run_service_location | The location of the cloud run instance. Make sure to provide a valid location. More at https://cloud.google.com/run/docs/locations. | string |
"europe-west1" |
no |
| cloud_run_service_maximum_instances | The number of maximum instances to set for this revision. This value will be used in the autoscaling.knative.dev/maxScale annotation key. |
number |
100 |
no |
| cloud_run_service_name | The name of the cloud run service. | string |
"gcr-cleaner" |
no |
| cloud_run_service_timeout_seconds | TimeoutSeconds holds the max duration the instance is allowed for responding to a request. | number |
60 |
no |
| cloud_scheduler_job_attempt_deadline | The deadline for job attempts in seconds. If the request handler does not respond by this deadline then the request is cancelled and the attempt is marked as a DEADLINE_EXCEEDED failure. The failed attempt can be viewed in execution logs. Cloud Scheduler will retry the job according to the RetryConfig. Value must be between 15 seconds and 24 hours |
number |
320 |
no |
| cloud_scheduler_job_max_backoff_duration | The maximum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits. | number |
3600 |
no |
| cloud_scheduler_job_max_doublings | The time between retries will double maxDoublings times. A job's retry interval starts at minBackoffDuration, then doubles maxDoublings times, then increases linearly, and finally retries retries at intervals of maxBackoffDuration up to retryCount times. | number |
5 |
no |
| cloud_scheduler_job_max_retry_duration | The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retryCount, the job will be retried until both limits are reached. A duration in seconds with up to nine fractional digits. | number |
0 |
no |
| cloud_scheduler_job_min_backoff_duration | The minimum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits. | number |
5 |
no |
| cloud_scheduler_job_retry_count | The number of attempts that the system will make to run a job using the exponential backoff procedure described by maxDoublings. Values greater than 5 and negative values are not allowed. | number |
1 |
no |
| cloud_scheduler_job_schedule | Describes the schedule on which the job will be executed. | string |
"0 4 * * 1" |
no |
| cloud_scheduler_job_time_zone | Specifies the time zone to be used in interpreting schedule. The value of this field must be a time zone name from the tz database. More on https://en.wikipedia.org/wiki/List_of_tz_database_time_zones | string |
"Europe/Brussels" |
no |
| create_app_engine_app | Whether to create an App Engine application. | bool |
false |
no |
| disable_dependent_services | If true, services that are enabled and which depend on this service should also be disabled when this service is destroyed. If false or unset, an error will be generated if any enabled services depend on this service when destroying it. |
bool |
false |
no |
| disable_on_destroy | If true, disable the service when the terraform resource is destroyed. May be useful in the event that a project is long-lived but the infrastructure running in that project changes frequently. |
bool |
false |
no |
| gar_repositories | List of Google Artifact Registry objects:list(object({ |
list(object({ |
[] |
no |
| gcr_cleaner_image | The docker image of the gcr cleaner to deploy to Cloud Run. | string |
"gcr.io/gcr-cleaner/gcr-cleaner:latest" |
no |
| gcr_cleaner_log_level | By default, GCR Cleaner only emits user-level logging at the "info" level. More logs are available at the "debug" level. More at https://github.com/GoogleCloudPlatform/gcr-cleaner#debugging. | string |
"info" |
no |
| gcr_repositories | List of Google Container Registries objects to create:list(object({ |
list(object({ |
[] |
no |
| Name | Description |
|---|---|
| app_engine_application_name | The name of the app engine application. |
| cloud_run_service_id | The ID of the cloud run service. |
| cloud_scheduler_jobs | List of the created scheduler jobs. |