-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuntag.sh
100 lines (81 loc) · 2.87 KB
/
untag.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/bin/bash
set -e
echoError() { echo "Error: $@" >&2; }
echoInfo() { echo "Info: $@"; }
echoInfo "ACR RC Untagger (v$APP_VERSION)"
# Check required environment variables are set
for envVar in AZURE_TENANT \
AZURE_SUBSCRIPTION \
TAG \
REPO \
REGISTRY_NAME \
REGISTRY_USERNAME \
REGISTRY_PASSWORD \
DRY_RUN; do
if [[ -z "${!envVar}" ]];
then
echoError "Required environment variable '$envVar' isn't set, script exiting."
exit 1
fi
done
## Dry run message
if [[ -z ${DRY_RUN} || ${DRY_RUN} != "1" ]];
then
echoInfo "DRY_RUN is disabled, rc tags will be untagged"
else
echoInfo "DRY_RUN is enabled, rc tags won't be untagged"
fi
echoInfo "Attempting to log into Azure"
az login --service-principal \
-u "$REGISTRY_USERNAME" \
-p "$REGISTRY_PASSWORD" \
--tenant "$AZURE_TENANT" -o none
if [ $? -eq 0 ];
then
echoInfo "Login successful"
else
echoError "Login failed (exit code: $?), check the credentials are correct"
exit 1
fi
function remove_rc_tags {
## Fetch RC images
echoInfo "Attempting to fetch rc tags for repo: '$1', tag: '$TAG'"
# Note: Incorrect REGISTRY_NAME or REPO will display 'az acr' message and exit 1
allTags=$(az acr repository show-tags --subscription "$AZURE_SUBSCRIPTION" --name "$REGISTRY_NAME" --repository "$1")
rcTags=$(echo "$allTags" | jq -c '[.[] | select(contains ("'$TAG'-rc"))]')
rcCount=$(echo "$rcTags" | jq -c '. | length')
# Do we have rc tags?
if [[ -z ${rcCount} || ${rcCount} == "0" ]];
then
echoInfo "No rc tags found, exiting"
exit 0
fi
echoInfo "Fetching rc tags successful. Found: '$rcCount'"
# Loop through RC tags and create a report, or untag them
for tag in $(echo "${rcTags}" | jq -r '.[]');
do
if [[ -z ${DRY_RUN} || ${DRY_RUN} != "1" ]];
then
az acr repository untag --subscription "$AZURE_SUBSCRIPTION" --name "$REGISTRY_NAME" --image "$1:$tag"
echoInfo "Untagged: '$1:$tag'"
else
echoInfo "DRY RUN - '$1:$tag' would have been untagged"
fi
done
}
while IFS=',' read -ra ADDR; do
for i in "${ADDR[@]}"; do
remove_rc_tags "$i"
echoInfo "Removing untagged manifests from the repository '$i'"
UNTAGGED_MANIFESTS=$(az acr repository show-manifests --subscription "$AZURE_SUBSCRIPTION" --name "$REGISTRY_NAME" --repository "$i" --query "[?tags[0]==null].digest" -o tsv)
if [[ -z ${DRY_RUN} || ${DRY_RUN} != "1" ]];
then
echoInfo "DRY_RUN is disabled, manifests with no tags will be deleted"
echo "$UNTAGGED_MANIFESTS" | xargs -I% az acr repository delete --subscription "$AZURE_SUBSCRIPTION" --name "$REGISTRY_NAME" --image $i@% --yes
else
echoInfo "DRY_RUN is enabled, manifests with no tags won't be deleted"
echo "$UNTAGGED_MANIFESTS" | xargs -I% echo "Info: Manifest % would have been deleted"
fi
done
done <<< "$REPO"
echoInfo "ACR RC Untagger complete"