Create Service via UI GCP or Terraform, Account Google Cloud + iam Rules for support delete images recursive
gcloud iam service-accounts keys create gcr-cleaner.json \
--iam-account=gcr-cleaner@zeus-14235464232132.iam.gserviceaccount.com
gsutil iam ch serviceAccount:gcr-cleaner@zeus-14235464232132.iam.gserviceaccount.com:objectCreator,objectAdmin,legacyBucketReader gs://asia.artifacts.zeus-14235464232132.appspot.com
docker build --no-cache -t cron-gcr-cleaner .
docker tag cron-gcr-cleaner asia.gcr.io/zeus-14235464232132/cron-gcr-cleaner:v1
docker push asia.gcr.io/zeus-14235464232132/cron-gcr-cleaner:v1
kubectl apply -f cron-k8s.yaml
-
repo
- Full name of the repository to clean, in the formatgcr.io/project/repo
. This field is required. -
allow_tagged
- If set to true, will check all images including tagged. If unspecified, the default will only delete untagged images. -
keep
- If an integer is provided, it will always keep that minimum number of images. Note that it will not consider images inside thegrace
duration. -
recursive
- If set to true, will recursively search all child repositories.
- create 2 cron for staging and production
- run cron staging every day and run every 1 week for production (we can know on staging if there is an error)
- for prodcution
asia.gcr.io/zeus-14235464232132/production-gcr
- for staging
asia.gcr.io/zeus-14235464232132/staging-gcr