name: Cleanup Old Releases on: # Run after release and sidecar workflows complete schedule: - cron: '0 6 * * *' # Daily at 6am UTC workflow_dispatch: jobs: cleanup: name: Remove old releases runs-on: ubuntu-latest env: KEEP_COUNT: 5 steps: - name: Cleanup old app releases env: BUILD_TOKEN: ${{ secrets.BUILD_TOKEN }} run: | REPO_API="${GITHUB_SERVER_URL}/api/v1/repos/${GITHUB_REPOSITORY}" # Get all releases, sorted newest first (API default) RELEASES=$(curl -s -H "Authorization: token ${BUILD_TOKEN}" \ "${REPO_API}/releases?limit=50") # Separate app releases (v*) and sidecar releases (sidecar-v*) APP_IDS=$(echo "$RELEASES" | jq -r '[.[] | select(.tag_name | startswith("v") and (startswith("sidecar") | not)) | .id] | .[]') SIDECAR_IDS=$(echo "$RELEASES" | jq -r '[.[] | select(.tag_name | startswith("sidecar-v")) | .id] | .[]') # Delete app releases beyond KEEP_COUNT COUNT=0 for ID in $APP_IDS; do COUNT=$((COUNT + 1)) if [ $COUNT -le ${{ env.KEEP_COUNT }} ]; then continue fi TAG=$(echo "$RELEASES" | jq -r ".[] | select(.id == $ID) | .tag_name") echo "Deleting app release $ID ($TAG)..." curl -s -o /dev/null -w "HTTP %{http_code}\n" -X DELETE \ -H "Authorization: token ${BUILD_TOKEN}" \ "${REPO_API}/releases/$ID" # Also delete the tag curl -s -o /dev/null -X DELETE \ -H "Authorization: token ${BUILD_TOKEN}" \ "${REPO_API}/tags/$TAG" done # Delete sidecar releases beyond KEEP_COUNT COUNT=0 for ID in $SIDECAR_IDS; do COUNT=$((COUNT + 1)) if [ $COUNT -le ${{ env.KEEP_COUNT }} ]; then continue fi TAG=$(echo "$RELEASES" | jq -r ".[] | select(.id == $ID) | .tag_name") echo "Deleting sidecar release $ID ($TAG)..." curl -s -o /dev/null -w "HTTP %{http_code}\n" -X DELETE \ -H "Authorization: token ${BUILD_TOKEN}" \ "${REPO_API}/releases/$ID" curl -s -o /dev/null -X DELETE \ -H "Authorization: token ${BUILD_TOKEN}" \ "${REPO_API}/tags/$TAG" done echo "Cleanup complete. Kept latest ${{ env.KEEP_COUNT }} of each type."