Have you written a Docker Registry API client in GitLab CI/CD YAML? I have.

# Delete candidate image from CI repository.
clean-image:
  stage: .post
  except:
    - main

  variables:
    AUTH_API: "$CI_SERVER_URL/jwt/auth"
    SCOPE: "repository:$CI_PROJECT_PATH"
    REGISTRY_API: "https://$CI_REGISTRY/v2/$CI_PROJECT_PATH"

  before_script:
    - >
      which jq >/dev/null
      || (sudo apt-get update
      && sudo apt-get -y install jq)

  script:
    - echo "Deleting $CANDIDATE_IMAGE"
    - >
      TOKEN=$(curl -s
      -u "$CI_REGISTRY_USER:$CI_REGISTRY_PASSWORD"
      "$AUTH_API?service=container_registry&scope=$SCOPE:delete,pull"
      | jq -r .token)
    - >
      DIGEST=$(curl -s -I
      -H "Authorization: Bearer $TOKEN"
      -H "Accept: application/vnd.docker.distribution.manifest.v2+json"
      "$REGISTRY_API/manifests/$CI_COMMIT_SHORT_SHA"
      | tr -d "\r"
      | grep -i "^docker-content-digest: "
      | sed "s/^[^:]*: *//")
    - >
      curl -s
      -X DELETE
      -H "Authorization: Bearer $TOKEN"
      "$REGISTRY_API/manifests/"$(echo $DIGEST | sed "s/:/%3A/g")

Published by gbenson

I make things // he/him

Published