Bump snok/container-retention-policy from 2.2.1 to 3.0.0

[dependabot]

Bumps snok/container-retention-policy from 2.2.1 to 3.0.0.

Release notes

Sourced from snok/container-retention-policy's releases.

v3.0.0

Disclaimer: This release breaks the API of the action to a large degree. It might be wise to run the action with dry-run: true after upgrading.

This release is a complete rewrite of the action, tackling most if not all open issues in the issue tracker. Some of the highlights include:

• Simplifying and consolidating the inputs of the action
• Improving the runtime performance, and the initialization time of the action in CI
• Support for multi-platform packages
• Support for new token types (secrets.GITHUB_TOKEN and Github app tokens)
• Much better handling of GitHub API rate limits

💥 There are a lot of breaking changes, so we've included a migration guide at the bottom of this post, to make things a bit simpler.

Since the release introduces a few thousand lines of code, we expect there may be a few things left to iron out. If you run into any problems, please share them in the v3 release issue.

---

In addition to what's mentioned above, other new features and changes include:

• Significant effort has been spent on improving the logging, to give better insights into what exactly is happening
• Updated license from BSD-3 to MIT.
• The available syntax for image-names and image-tags previously allowed wildcards (using the * character). We now also allow the ? character to express a single-character wildcard. For example, the pattern ca? will match car and cat. See the wildmatch docs for details.

In addition to changing the inputs of the action (more details below), there are a few other breaking changes:

• We'll no longer maintain mutable major and minor version tags for the action. There will be no v3 target for the action, just v3.0.0 and other exact versions. Mutable major version tags are generally hard to maintain and not much safer than tracking the main branch, so more precise tag tracking should reduce the likelihood of broken runs going forward. Paired with dependabot, upgrading should not be much harder than it has been.
• The needs-assistance output was deleted

And in terms of performance improvements:

• The action has been rewritten from a composite action to a container action, and the total size of the new image is < 10Mi.
• The action would previously take ~30 seconds to initialize and would require a Python runtime. The action now starts in less than a second, and runs as a standalone binary.
• The runtime of the action has been reduced, and assuming we need to delete less than 180 package versions, the action completes in, at most, a few seconds. See this example of a recent run. When we have to delete more than 180 package versions, there's a minute of waiting for every 180 new package versions, as a consequence of GitHub's secondary API rate limits. See the new README for details.

Migration guide

• The account-type and org-name inputs have been replaced with account, which should be set to the literal string "user" if you previously used account-type: personal and to the organization name otherwise:

  - account-type: personal
  + account: user

  or

  - account-type: organization
  - org-name: acme
  + account: acme

... (truncated)

Commits

• 4f22ef8 fix: Correct oauth scope check
• def81c2 fix(ci): Use input version tag when building image
• ab30663 chore: Update docs for release and update action image
• 7793513 chore(deps): bump docker/build-push-action from 5 to 6
• 79a0b31 Remove oauth token
• 851b141 Rewrite the action in Rust
• 178bc0b chore: Update test workflow to test v3-develop branch
• e6eea47 fix(workflows): Correct script and run every 3 hours
• 3bfc979 fix(ci): Revise test dockerfile
• e66905c refactor(ci): Add variables to reduce clutter
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)