66 type Tag ,
77 RepositoryNotFoundException ,
88 GetAuthorizationTokenCommand ,
9+ PutLifecyclePolicyCommand ,
910} from "@aws-sdk/client-ecr" ;
1011import { STSClient , AssumeRoleCommand } from "@aws-sdk/client-sts" ;
1112import { tryCatch } from "@trigger.dev/core" ;
@@ -213,7 +214,14 @@ async function createEcrRepository({
213214 const result = await ecr . send (
214215 new CreateRepositoryCommand ( {
215216 repositoryName,
216- imageTagMutability : "IMMUTABLE" ,
217+ imageTagMutability : "IMMUTABLE_WITH_EXCLUSION" ,
218+ imageTagMutabilityExclusionFilters : [
219+ {
220+ // only the `cache` tag will be mutable, all other tags will be immutable
221+ filter : "cache" ,
222+ filterType : "WILDCARD" ,
223+ } ,
224+ ] ,
217225 encryptionConfiguration : {
218226 encryptionType : "AES256" ,
219227 } ,
@@ -227,6 +235,30 @@ async function createEcrRepository({
227235 throw new Error ( `Failed to create ECR repository: ${ repositoryName } ) ;
228236 }
229237
238+ // When the `cache` tag is mutated, the old cache images are untagged.
239+ // This policy matches those images and expires them to avoid bloating the repository.
240+ await ecr . send (
241+ new PutLifecyclePolicyCommand ( {
242+ repositoryName : result . repository . repositoryName ,
243+ registryId : result . repository . registryId ,
244+ lifecyclePolicyText : JSON . stringify ( {
245+ rules : [
246+ {
247+ rulePriority : 1 ,
248+ description : "Expire untagged images older than 3 days" ,
249+ selection : {
250+ tagStatus : "untagged" ,
251+ countType : "sinceImagePushed" ,
252+ countUnit : "days" ,
253+ countNumber : 3 ,
254+ } ,
255+ action : { type : "expire" } ,
256+ } ,
257+ ] ,
258+ } ) ,
259+ } )
260+ ) ;
261+
230262 return result . repository ;
231263}
232264
0 commit comments