This isn't robust because on failure we will fail to delete old tags. This should be changed to find all old tags on the registry using the API and delete commits older than a couple of days/weeks or something. Deleting commits immediately means that new replicas will fail to pull on new nodes.

Ok. So something like if it is older than 7 days?
Also as this package also hosts pr1234 tags and some tags like gvisor-fix that we do not want to delete, so I opted for deleting only a specific tag as filtering will include more complexity

You could also push to a public gcr.io dir instead for better safety, we could make a project on our billing account and add the CI's service account to have permissions to manage images in that project on artifact registry

Hmm. I want to keep it here for now to reduce further complexity. I will try to develop a more robust way to delete all old tags. Thanks for the feedback.

this will delete all old image tags older than 7 days that does not start with pr e.g. pr1234 and will delete images that start with main- i.e. main-632hst52

cc: @deansheather

this will also not delete custom pushed tags like gvisor-fix