Skip to content
Snippets Groups Projects
Verified Commit 48ccb457 authored by Kristian Klausen's avatar Kristian Klausen :tada:
Browse files

Revert "Use job token instead of project access token for deleting old packages"

The maintainer role is required for deleting packages, which I missed.

We could bump archbot to the maintainer role, but to ensure some kind of
"principle of least privilege", let's use a dedicated project access
token for it.

This reverts commit afa85791.

Ref #165
parent f0c7c7e7
No related branches found
No related tags found
No related merge requests found
Pipeline #112169 passed
......@@ -208,7 +208,7 @@ cleanup:
script:
- |
for id in $(curl --silent --fail --show-error "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages?per_page=100&order_by=created_at&sort=asc" | jq '.[] | select(.created_at | split("T")[0] | . < (now-60*60*24*90|strflocaltime("%Y-%m-%d"))) | .id'); do
curl --silent --fail --show-error --request DELETE --header "JOB-TOKEN: ${CI_JOB_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/${id}"
curl --silent --fail --show-error --request DELETE --header "PRIVATE-TOKEN: ${GITLAB_PROJECT_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/${id}"
done
issue-bot:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment