Private Docker registry cleanup tool, supposed to be triggered by GitLab webhooks
Private Docker registry cleanup tool.
Supposed to be triggered with GitLab webhook on push event.
Note that as for docker registry v2.4.x, this tools itself does not actually remove blobs, it just mark them as unused. Run garbage collection process to truly remove data from disk.
docker run -d --name docker-registry-cleanup \-p 80:5000 \agrrh/docker-registry-cleanup
DRC_CONFIG_PATH - config file to use, defaults to ./config.ymlDRC_LISTEN_HOST - address to bind to, defaults to 0.0.0.0DRC_LISTEN_PORT - address to bind to, defaults to 5000DRC_DEBUG - set to yes or true to run in debug modeUsing httpie:
http POST :8080/event @./res/sample_payload/gitlab/push.json
Tool is configured via config.yml:
<config>
projects:- <project>- <project>
<project>
- name: myprojectgitlab:secret_token: '' # Use if specified in GitLab > Settings > Integrationsregistry:verify_ssl: falseimages:- repository: my/projectrules:- <rule>- <rule>- <rule>
Recommended ruleset scheme is:
rules:- action: remove- action: saveregexp: '^.*$'order: createdlimit: 20
<rule>First rule is default policy and must contain single action directive:
- action: remove
If default rules is remove, it will never remove :latest tag if it exists.
Let’s say, we are pushing tags in branch_name.pipeline_id format. Then other rules would define saving actions to preserve sane amount of images, e.g. save 10 newest tags matching master.[0-9]+ regular expression:
- action: saveregexp: '^master\.[0-9]+$'order: createdlimit: 10
Also we would like to save some newest images across rest of tags. Consider 40 as reasonable amount and add following rule:
- action: saveregexp: '^(?!master).*$'order: createdlimit: 40
It’s also possible to add more remove rules. In case some images matches both remove and save rules, default action would take precedence.