ci: run registry garbage collection every week

In the old OpenShift cluster the registry consumer 800+ GB of data. Once running the garbage collection manually, the consumption reduced to a little over 8GB. Let's be nice users of the infrastructure and run garbage collection weekly. Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-09-19 15:09:56 +00:00 · 2023-03-20 13:36:17 +01:00 · 2023-03-20 13:36:17 +01:00 · cca994eb1a
commit cca994eb1a
parent 8181d13313
1 changed files with 44 additions and 0 deletions
--- a/deploy/docker-gc.yaml
+++ b/deploy/docker-gc.yaml
@ -0,0 +1,44 @@
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: docker-gc
+  labels:
+    app: docker-gc
+spec:
+  schedule: '@weekly'
+  jobTemplate:
+    spec:
+      template:
+        metadata:
+          labels:
+            app: docker-gc
+        spec:
+          containers:
+            - name: docker-gc
+              image: docker.io/library/registry:2
+              args:
+                - registry
+                - garbage-collect
+                - /config/config.yml
+                - --delete-untagged
+              volumeMounts:
+                - name: container-images
+                  mountPath: /var/lib/registry
+                - name: config
+                  mountPath: /config
+              securityContext:
+                allowPrivilegeEscalation: false
+                runAsNonRoot: true
+                capabilities:
+                  drop: ["ALL"]
+                seccompProfile:
+                  type: RuntimeDefault
+          volumes:
+            - name: container-images
+              persistentVolumeClaim:
+                claimName: ceph-csi-image-registry
+            - name: config
+              secret:
+                secretName: container-registry-config
+          restartPolicy: OnFailure