/ecr-cleaner

A Serverless implementation for removing old images from ECR Repositories with some intelligence.

Primary LanguageJavaScriptMIT LicenseMIT

Serverless ECR Cleaner

serverless

Setup

Requires Serverless to be installed (Project currently Serverless v0.5.x)

git clone https://github.com/trek10inc/ecr-cleaner

With admin credentials for your account in the cloned directory serverless project init

Otherwise, generate CF template and deploy resources manually with console serverless project init -c (Doesn't execute CF, just generates it)

Install Dependencies cd main && npm install

Setup environment variables... (Be sure to remove the comments!)

# _meta/variables/s-variables-common.json

{
  "project": "ecr-cleaner",
  "projectBucket": "serverless.us-east-1.ecr-cleaner",
  "domain": "ecr-cleaner",
  "notificationEmail": "johndoe@example.com",
  "region": "us-east-1",
  "repoToClean": "ecr-cleanup-target",
  "repoRegion": "us-east-1", // DEFAULT
  "ecsRegion": "us-east-1", // DEFAULT
  "repoAgeThreshold": 90, // DEFAULT
  "awsAccountId": "123456789012",
  "ecsConcurrency": 10, // DEFAULT
  "apiDelay": 500 // DEFAULT
}

# main/s-function.json

{
  "name": "main",
  ....
  // If you want to make changes to the schedule ECR cleaner runs on
  //   do so here. Details on scheduled events at
  //   http://docs.aws.amazon.com/lambda/latest/dg/tutorial-scheduled-events-schedule-expressions.html
  "events": [{
      "name" : "dailyRun",
      "type": "schedule",
      "config": {
         "schedule": "rate(1 day)",
         "enabled": true
      }
    }],
  "environment": {
    "SERVERLESS_PROJECT": "${project}",
    "SERVERLESS_STAGE": "${stage}",
    "SERVERLESS_REGION": "${region}",
    "AWS_ACCOUNT_ID": "${awsAccountId}",
    "REPO_REGION": "${repoRegion}",
    "ECS_REGION": "${ecsRegion}",
    "REPO_AGE_THRESHOLD": "${repoAgeThreshold}",
    "REPO_TO_CLEAN": "${repoToClean}"
  },
  ....
}

Deploy

sls dash deploy

Dry Run

To test and make sure things are working as you expect before deleting a whole bunch of images you can pass in a dry run options as part of the lambda event either via the console or when running locally.

# main/event.json
{
	"dryRun":true
}

// Local run command: sls function run main --stage dev

Many Thanks

Many thanks to Stephen Ennis and OffGrid Electric for their help and contributions to this project!