name: ghcr-retention

on:
  schedule:
    - cron: '0 0 * * *'  # every day at midnight
  workflow_dispatch:

jobs:
  clean-ghcr:
    name: Delete old unused container images
    runs-on: ubuntu-latest
    steps:
      - name: Delete 'dev' containers older than a week
        uses: snok/container-retention-policy@v1
        with:
          image-names: dev-server,dev-ldap,dev-proxy
          cut-off: One week ago UTC
          account-type: org
          org-name: goauthentik
          untagged-only: false
          token: ${{ secrets.BOT_GITHUB_TOKEN }}
          skip-tags: gh-next,gh-main