oxidecomputer
diff --git a/‎Cargo.lock‎
Lines changed: 2 additions & 0 deletions b/‎Cargo.lock‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎dev-tools/omdb/src/bin/omdb/nexus.rs‎
Lines changed: 17 additions & 0 deletions b/‎dev-tools/omdb/src/bin/omdb/nexus.rs‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎dev-tools/omdb/tests/env.out‎
Lines changed: 12 additions & 0 deletions b/‎dev-tools/omdb/tests/env.out‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎dev-tools/omdb/tests/successes.out‎
Lines changed: 28 additions & 0 deletions b/‎dev-tools/omdb/tests/successes.out‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎nexus-config/src/nexus_config.rs‎
Lines changed: 33 additions & 0 deletions b/‎nexus-config/src/nexus_config.rs‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎nexus/background-task-interface/src/init.rs‎
Lines changed: 1 addition & 0 deletions b/‎nexus/background-task-interface/src/init.rs‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎nexus/db-model/src/schema_versions.rs‎
Lines changed: 2 additions & 1 deletion b/‎nexus/db-model/src/schema_versions.rs‎
Lines changed: 2 additions & 1 deletion
@@ -70,6 +70,7 @@ use nexus_types::internal_api::background::SupportBundleEreportStatus;
 use nexus_types::internal_api::background::TufArtifactReplicationCounters;
 use nexus_types::internal_api::background::TufArtifactReplicationRequest;
 use nexus_types::internal_api::background::TufArtifactReplicationStatus;
+use nexus_types::internal_api::background::TufRepoPrunerStatus;
 use nexus_types::inventory::BaseboardId;
 use omicron_uuid_kinds::BlueprintUuid;
 use omicron_uuid_kinds::CollectionUuid;
@@ -1199,6 +1200,9 @@ fn print_task_details(bgtask: &BackgroundTask, details: &serde_json::Value) {
         "tuf_artifact_replication" => {
             print_task_tuf_artifact_replication(details);
         }
+        "tuf_repo_pruner" => {
+            print_task_tuf_repo_pruner(details);
+        }
         "alert_dispatcher" => {
             print_task_alert_dispatcher(details);
         }
@@ -2573,6 +2577,19 @@ fn print_task_tuf_artifact_replication(details: &serde_json::Value) {
     }
 }
 
+fn print_task_tuf_repo_pruner(details: &serde_json::Value) {
+    match serde_json::from_value::<TufRepoPrunerStatus>(details.clone()) {
+        Err(error) => eprintln!(
+            "warning: failed to interpret task details: {}: {:?}",
+            InlineErrorChain::new(&error),
+            details
+        ),
+        Ok(status) => {
+            print!("{}", status);
+        }
+    }
+}
+
 fn print_task_alert_dispatcher(details: &serde_json::Value) {
     use nexus_types::internal_api::background::AlertDispatched;
     use nexus_types::internal_api::background::AlertDispatcherStatus;
 
@@ -199,6 +199,10 @@ task: "tuf_artifact_replication"
     replicate update repo artifacts across sleds
 
 
+task: "tuf_repo_pruner"
+    determine which TUF repos' artifacts can be pruned
+
+
 task: "v2p_manager"
     manages opte v2p mappings for vpc networking
 
@@ -407,6 +411,10 @@ task: "tuf_artifact_replication"
     replicate update repo artifacts across sleds
 
 
+task: "tuf_repo_pruner"
+    determine which TUF repos' artifacts can be pruned
+
+
 task: "v2p_manager"
     manages opte v2p mappings for vpc networking
 
@@ -602,6 +610,10 @@ task: "tuf_artifact_replication"
     replicate update repo artifacts across sleds
 
 
+task: "tuf_repo_pruner"
+    determine which TUF repos' artifacts can be pruned
+
+
 task: "v2p_manager"
     manages opte v2p mappings for vpc networking
 
 
@@ -434,6 +434,10 @@ task: "tuf_artifact_replication"
     replicate update repo artifacts across sleds
 
 
+task: "tuf_repo_pruner"
+    determine which TUF repos' artifacts can be pruned
+
+
 task: "v2p_manager"
     manages opte v2p mappings for vpc networking
 
@@ -819,6 +823,18 @@ task: "tuf_artifact_replication"
       copy err:         0
     local repos: 0
 
+task: "tuf_repo_pruner"
+  configured period: every <REDACTED_DURATION>m
+  last completed activation: <REDACTED ITERATIONS>, triggered by <TRIGGERED_BY_REDACTED>
+    started at <REDACTED_TIMESTAMP> (<REDACTED DURATION>s ago) and ran for <REDACTED DURATION>ms
+    configuration:
+        nkeep_recent_releases: 3
+        nkeep_recent_uploads:  3
+    repo pruned: none
+    repos kept because they're recent target releases: none
+    repos kept because they're recent uploads: none
+    other repos eligible for pruning: none
+
 task: "v2p_manager"
   configured period: every <REDACTED_DURATION>s
   last completed activation: <REDACTED ITERATIONS>, triggered by <TRIGGERED_BY_REDACTED>
@@ -1335,6 +1351,18 @@ task: "tuf_artifact_replication"
       copy err:         0
     local repos: 0
 
+task: "tuf_repo_pruner"
+  configured period: every <REDACTED_DURATION>m
+  last completed activation: <REDACTED ITERATIONS>, triggered by <TRIGGERED_BY_REDACTED>
+    started at <REDACTED_TIMESTAMP> (<REDACTED DURATION>s ago) and ran for <REDACTED DURATION>ms
+    configuration:
+        nkeep_recent_releases: 3
+        nkeep_recent_uploads:  3
+    repo pruned: none
+    repos kept because they're recent target releases: none
+    repos kept because they're recent uploads: none
+    other repos eligible for pruning: none
+
 task: "v2p_manager"
   configured period: every <REDACTED_DURATION>s
   last completed activation: <REDACTED ITERATIONS>, triggered by <TRIGGERED_BY_REDACTED>
 
@@ -430,6 +430,8 @@ pub struct BackgroundTaskConfig {
         RegionSnapshotReplacementFinishConfig,
     /// configuration for TUF artifact replication task
     pub tuf_artifact_replication: TufArtifactReplicationConfig,
+    /// configuration for TUF repo pruner task
+    pub tuf_repo_pruner: TufRepoPrunerConfig,
     /// configuration for read-only region replacement start task
     pub read_only_region_replacement_start:
         ReadOnlyRegionReplacementStartConfig,
@@ -765,6 +767,26 @@ pub struct TufArtifactReplicationConfig {
     pub min_sled_replication: usize,
 }
 
+#[serde_as]
+#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
+pub struct TufRepoPrunerConfig {
+    /// period (in seconds) for periodic activations of this background task
+    #[serde_as(as = "DurationSeconds<u64>")]
+    pub period_secs: Duration,
+
+    /// number of extra recent target releases to keep
+    ///
+    /// The system always keeps two: the current release and the previous one.
+    /// This number is in addition to that.
+    pub nkeep_extra_target_releases: u8,
+
+    /// number of extra recently uploaded repos to keep
+    ///
+    /// The system always keeps one, assuming that the operator may be about to
+    /// update to it.  This number is in addition to that.
+    pub nkeep_extra_newly_uploaded: u8,
+}
+
 #[serde_as]
 #[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
 pub struct ReadOnlyRegionReplacementStartConfig {
@@ -1119,6 +1141,9 @@ mod test {
             region_snapshot_replacement_finish.period_secs = 30
             tuf_artifact_replication.period_secs = 300
             tuf_artifact_replication.min_sled_replication = 3
+            tuf_repo_pruner.period_secs = 299
+            tuf_repo_pruner.nkeep_extra_target_releases = 51
+            tuf_repo_pruner.nkeep_extra_newly_uploaded = 52
             read_only_region_replacement_start.period_secs = 30
             alert_dispatcher.period_secs = 42
             webhook_deliverator.period_secs = 43
@@ -1342,6 +1367,11 @@ mod test {
                                 period_secs: Duration::from_secs(300),
                                 min_sled_replication: 3,
                             },
+                        tuf_repo_pruner: TufRepoPrunerConfig {
+                            period_secs: Duration::from_secs(299),
+                            nkeep_extra_target_releases: 51,
+                            nkeep_extra_newly_uploaded: 52,
+                        },
                         read_only_region_replacement_start:
                             ReadOnlyRegionReplacementStartConfig {
                                 period_secs: Duration::from_secs(30),
@@ -1449,6 +1479,9 @@ mod test {
             region_snapshot_replacement_finish.period_secs = 30
             tuf_artifact_replication.period_secs = 300
             tuf_artifact_replication.min_sled_replication = 3
+            tuf_repo_pruner.period_secs = 299
+            tuf_repo_pruner.nkeep_extra_target_releases = 51
+            tuf_repo_pruner.nkeep_extra_newly_uploaded = 52
             read_only_region_replacement_start.period_secs = 30
             alert_dispatcher.period_secs = 42
             webhook_deliverator.period_secs = 43
 
@@ -44,6 +44,7 @@ pub struct BackgroundTasks {
     pub task_region_snapshot_replacement_step: Activator,
     pub task_region_snapshot_replacement_finish: Activator,
     pub task_tuf_artifact_replication: Activator,
+    pub task_tuf_repo_pruner: Activator,
     pub task_read_only_region_replacement_start: Activator,
     pub task_alert_dispatcher: Activator,
     pub task_webhook_deliverator: Activator,
 
@@ -16,7 +16,7 @@ use std::{collections::BTreeMap, sync::LazyLock};
 ///
 /// This must be updated when you change the database schema.  Refer to
 /// schema/crdb/README.adoc in the root of this repository for details.
-pub const SCHEMA_VERSION: Version = Version::new(194, 0, 0);
+pub const SCHEMA_VERSION: Version = Version::new(195, 0, 0);
 
 /// List of all past database schema versions, in *reverse* order
 ///
@@ -28,6 +28,7 @@ static KNOWN_VERSIONS: LazyLock<Vec<KnownVersion>> = LazyLock::new(|| {
         // |  leaving the first copy as an example for the next person.
         // v
         // KnownVersion::new(next_int, "unique-dirname-with-the-sql-files"),
+        KnownVersion::new(195, "tuf-pruned-index"),
         KnownVersion::new(194, "tuf-pruned"),
         KnownVersion::new(193, "nexus-lockstep-port"),
         KnownVersion::new(192, "blueprint-source"),