fix: stop interacting with GHCR, disable scheduled jobs

Pushes to and pulls from GHCR no longer work after 2024-12-09 because the secrets we use are no longer valid. What broke the secrets? They were (still are at the time of this commit) GitHub personal access keys belonging to the user @quipucords-bot, but on 2024-12-09 the @quipucords-bot user was demoted and removed from the org due to newly onerous security restrictions by Red Hat. Until we rewrite this code, probably to use to Quay instead of GHCR, the `reaper` repo will save no new images after PRs merge, and no scheduled jobs will run to reap the AWS and Azure accounts.
quipucords · Dec 10, 2024 · aa5d8c4 · aa5d8c4
1 parent db9d62b
commit aa5d8c4
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 9 deletions.
diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
@@ -25,6 +25,9 @@ jobs:
       - run: docker pull $IMAGE_NAME:latest || true
       - run: docker build --cache-from $IMAGE_NAME:latest .
   deploy-build-and-push-image:
+    # Pushes to GHCR no longer work after 2024-12-09 because the secrets are no longer valid.
+    # I am leaving this code alive to indicate failure risks by GH actions when new code lands on main.
+    # Images are being built but will never successfully push to the GHCR using the bot's auth token.
     name: Build and Push Image
     if: github.ref == 'refs/heads/main'
     needs: [docker-build]

diff --git a/.github/workflows/schedule-reap-aws-dev.yml b/.github/workflows/schedule-reap-aws-dev.yml
@@ -4,9 +4,11 @@ env:
   IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/reaper
   AWS_DEFAULT_REGION: us-east-1
 
-on:
-  schedule:
-    - cron: '0 2 * * *'
+# Disabling all scheduled jobs for now.
+# Pulls from GHCR no longer work after 2024-12-09 because the secrets are no longer valid.
+# on:
+#   schedule:
+#     - cron: '0 2 * * *'
 
 jobs:
   docker:

diff --git a/.github/workflows/schedule-reap-aws-stage-prod.yml b/.github/workflows/schedule-reap-aws-stage-prod.yml
@@ -4,9 +4,11 @@ env:
   IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/reaper
   AWS_DEFAULT_REGION: us-east-1
 
-on:
-  schedule:
-    - cron: '30 * * * *'
+# Disabling all scheduled jobs for now.
+# Pulls from GHCR no longer work after 2024-12-09 because the secrets are no longer valid.
+# on:
+#   schedule:
+#     - cron: '30 * * * *'
 
 jobs:
   docker:

diff --git a/.github/workflows/schedule-reap-azure.yml b/.github/workflows/schedule-reap-azure.yml
@@ -3,9 +3,11 @@ name: Scheduled reap Azure tenants
 env:
   IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/reaper
 
-on:
-  schedule:
-    - cron: '0 3 * * *'
+# Disabling all scheduled jobs for now.
+# Pulls from GHCR no longer work after 2024-12-09 because the secrets are no longer valid.
+# on:
+#   schedule:
+#     - cron: '0 3 * * *'
 
 jobs:
   docker: