Metadata-Version: 2.3
Name: ecr_cleaner
Version: 0.1.5
Summary: ECR Image Cleanup Tool
Project-URL: Bug reports, https://github.com/rahulinux/ecr-cleaner/issues/new
Project-URL: Documentation, https://github.com/rahulinux/ecr-cleaner/blob/main/python/README.md
Project-URL: Source, https://github.com/rahulinux/ecr-cleaner
Author-email: Rahul Patil <4476687+rahulinux@users.noreply.github.com>
License-Expression: Apache-2.0
License-File: LICENSE
Keywords: aws,cleanup,ecr,package,python
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Natural Language :: English
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Requires-Python: >=3.9
Requires-Dist: boto3==1.35.44
Requires-Dist: mypy-boto3-ecr==1.35.21
Requires-Dist: pytz==2024.2
Requires-Dist: structlog==24.4.0
Requires-Dist: types-pytz==2024.2.0.20241003
Provides-Extra: cli
Requires-Dist: pyyaml==6.0.2; extra == 'cli'
Requires-Dist: types-pyyaml==6.0.12.20240917; extra == 'cli'
Provides-Extra: dev
Requires-Dist: boto3==1.35.44; extra == 'dev'
Requires-Dist: build==1.2.2; extra == 'dev'
Requires-Dist: mock==5.1.0; extra == 'dev'
Requires-Dist: moto==5.0.17; extra == 'dev'
Requires-Dist: mypy-boto3-ecr==1.35.21; extra == 'dev'
Requires-Dist: pre-commit==3.8.0; extra == 'dev'
Requires-Dist: pytest==8.3.3; extra == 'dev'
Requires-Dist: pytz==2024.2; extra == 'dev'
Requires-Dist: structlog==24.4.0; extra == 'dev'
Requires-Dist: toml==0.10.2; extra == 'dev'
Requires-Dist: twine==5.1.1; extra == 'dev'
Requires-Dist: wheel-inspect==1.7.1; extra == 'dev'
Requires-Dist: wheel==0.44.0; extra == 'dev'
Description-Content-Type: text/markdown

## ECR Image Cleanup Tool

![Build Status](https://github.com/rahulinux/ecr-cleaner/actions/workflows/python-tests.yml/badge.svg)
[![PyPI version](https://badge.fury.io/py/ecr-cleaner.svg)](https://badge.fury.io/py/ecr-cleaner)
[![Python Versions](https://img.shields.io/pypi/pyversions/ecr-cleaner.svg)](https://pypi.org/project/ecr-cleaner/)
[![License](https://img.shields.io/github/license/rahulinux/ecr-cleaner.svg)](LICENSE)

## Table of Contents
- [Overview](#overview)
- [Features](#features)
- [Installation](#installation)
- [Usage](#usage)


## Overview

The ECR Image Cleanup Tool addresses limitations in Amazon ECR's built-in lifecycle policies, particularly for multi-architecture images. It helps prevent repositories from hitting the 10,000 image hard limit imposed by ECR by providing more flexible and architecture-aware cleanup options.

## Features

1. Supports multi-architecture image cleanup
2. Allows fine-grained control over image retention
3. Can keep a specified number of recent images for each tag
4. Manages untagged images separately
5. Provides a dry-run option to preview actions before execution


### Installation

```shell
pip install ecr-cleaner
```

### Usage

Support following CLI argument

```shell
usage: ecr_cleaner [-h] [--config-file CONFIG_FILE] [--repositories REPOSITORIES [REPOSITORIES ...]] [--region REGION] [--batch-size BATCH_SIZE] [--dry-run] [--debug]

ECR Cleaner CLI

options:
  -h, --help            show this help message and exit
  --config-file CONFIG_FILE
                        Path to configuration file in YAML format. See example in README.md
  --repositories REPOSITORIES [REPOSITORIES ...]
                        List of repository names and policies(keep-most-recent). (e.g. my-repo:latest=3,tag-prefix=2,untagged=10)
  --region REGION       ECR region
  --batch-size BATCH_SIZE
                        Max number of images that can be deleted in one call
  --dry-run             Check result without deleting images
  --debug               Enable debug logging
```

Clean-up will keep most recent number of images based on inputs and it will delete remaining matching tagPrefix


## Helm chart

## Prerequisites

AWS IAM role permission to manage ECR repositories

```json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "ecr-cleaner",
      "Effect": "Allow",
      "Action": [
        "ecr:BatchDeleteImage",
        "ecr:BatchGetImage",
        "ecr:DescribeImages",
        "ecr:ListImages",
        "ecr:DescribeRepositories"
      ]
    }
  ]
}
```

## Installation

[Helm Readme](./charts/ecr-cleaner/README.md)

## Service account annotation

If you are using IRSA then you can use following in helm values

```yaml
serviceAccount:
  create: true
  name: ecr-cleaner
  annotations:
    eks.amazonaws.com/role-arn: arn:aws:iam::111122223333:role/my-role
```
