You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* Adds multiple auto-pruning policies info (quay#1119)
Co-authored-by: Steven Smith <[email protected]>
* Updates a few API commands
---------
Co-authored-by: Steven Smith <[email protected]>
. By default, the auto-pruner worker at the registry level runs every 24 hours. After 24 hours, the two oldest image tags are removed, leaving the `test3` and `test4` tags if you followed these instructions. Check your {productname} organization to ensure that the two oldest tags were removed.
121
121
122
-
123
122
[id="creating-policy-v2-ui"]
124
123
== Creating an auto-prune policy for an organization by using the {productname} v2 UI
125
124
@@ -128,55 +127,10 @@ Use the following procedure to create an auto-prune policy for an organization u
128
127
.Prerequisites
129
128
130
129
* You have enabled the `FEATURE_AUTO_PRUNE` feature.
130
+
* Your organization has image tags that have been pushed to it.
131
131
132
132
.Procedure
133
133
134
-
. Tag four sample images, for example, `busybox`, that will be pushed to the repository with auto-pruning enabled. For example:
135
-
+
136
-
[source,terminal]
137
-
----
138
-
$ podman tag docker.io/library/busybox <quay-server.example.com>/<quayadmin>/busybox:test
139
-
----
140
-
+
141
-
[source,terminal]
142
-
----
143
-
$ podman tag docker.io/library/busybox <quay-server.example.com>/<quayadmin>/busybox:test2
144
-
----
145
-
+
146
-
[source,terminal]
147
-
----
148
-
$ podman tag docker.io/library/busybox <quay-server.example.com>/<quayadmin>/busybox:test3
149
-
----
150
-
+
151
-
[source,terminal]
152
-
----
153
-
$ podman tag docker.io/library/busybox <quay-server.example.com>/<quayadmin>/busybox:test4
154
-
----
155
-
156
-
. Push the four sample images, for example, `busybox`, to the repository with auto-pruning enabled by entering the following commands:
. Select the desired number of tags to keep. By default, this is set at *20* tags. For this example, the number of tags to keep is set at *3*.
193
147
194
-
. Optional. To prune only tags that match the given regex pattern, click the *Tag pattern* box and select *match*. In the regex box, enter a pattern to match tags against. For example, to automatically prune all `test` tags, enter `^test.*`. To prune a specific image, you can enter `^test1$`.
148
+
. Optional. With the introduction of _regular expressions_, you are provided the following options to fine-grain your auto-pruning policy:
149
+
+
150
+
* *Match*: When selecting this option, the auto-pruner prunes all tags that match the given _regex_ pattern.
151
+
* *Does not match*: When selecting this option, the auto-pruner prunes all tags that _do not_ match the _regex_ pattern.
152
+
+
153
+
If you do not select an option, the auto-pruner defaults to pruning all image tags.
154
+
+
155
+
For this example, click the *Tag pattern* box and select *match*. In the regex box, enter a pattern to match tags against. For example, to automatically prune all `test` tags, enter `^test.*`.
195
156
196
157
. Optional. You can create a second auto-prune policy by clicking *Add Policy* and entering the required information.
197
158
198
-
. Click *Save*. A notification that your auto-prune policy has been updated appears.
159
+
. Click *Save*. A notification that your auto-prune policy has been updated appears.
160
+
+
161
+
With this example, the organization is configured to keep the three latest tags that are named `^test.*`.
199
162
200
163
.Verification
201
164
202
-
* Navigate to the *Tags* page of your Organization's repository. With this example, tags are marked for deletion starting from the tag's oldest creation date. After a few minutes, the auto-pruner worker removes tags that no longer fit within the established criteria. In this example, it removes the `busybox:test` tag, and keeps the `busybox:test2`, `busybox:test3`, and `busybox:test4` tag.
165
+
* Navigate to the *Tags* page of your Organization's repository. After a few minutes, the auto-pruner worker removes tags that no longer fit within the established criteria. In this example, it removes the `busybox:test` tag, and keeps the `busybox:test2`, `busybox:test3`, and `busybox:test4` tag.
203
166
+
204
167
After tags are automatically pruned, they go into the {productname} time machine, or the amount of time after a tag is deleted that the tag is accessible before being garbage collected. The expiration time of an image tag is dependent on your organization's settings. For more information, see link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#garbage-collection[{productname} garbage collection].
<1> Setting `tagPatternMatches` to `true` makes it so that tags that match the given regex pattern will be pruned. In this example, tags that match `^v*` are pruned.
255
219
+
256
220
.Example output
257
221
+
@@ -317,7 +281,7 @@ The use of `/user/` in the following commands represents the user that is curren
. Click the drop down menu and select the desired policy, for example, *By number of tags*.
349
+
. Click the drop down menu and select the desired policy, for example, *By age of tags*.
431
350
432
-
. Select the desired number of tags to keep. By default, this is set at *20* tags. For this example, the number of tags to keep is set at *3*.
351
+
. Set a time, for example, `5` and an interval, for example `minutes` to delete tags older than the specified time frame. For this example, tags older than 5 minutes are marked for deletion.
433
352
434
-
. Optional. To prune only tags that match the given regex pattern, click the *Tag pattern* box and select *match*. In the regex box, enter a pattern to match tags against. For example, to automatically prune all `test` tags, enter `^test.*`. To prune a specific image, you can enter `^test1$`.
353
+
. Optional. With the introduction of _regular expressions_, you are provided the following options to fine-grain your auto-pruning policy:
354
+
+
355
+
* *Match*: When selecting this option, the auto-pruner prunes all tags that match the given _regex_ pattern.
356
+
* *Does not match*: When selecting this option, the auto-pruner prunes all tags that _do not_ match the _regex_ pattern.
357
+
+
358
+
If you do not select an option, the auto-pruner defaults to pruning all image tags.
359
+
+
360
+
For this example, click the *Tag pattern* box and select *Does not match*. In the _regex_ box, enter a pattern to match tags against. For example, to automatically prune all tags that _do not_ match the `test` tag, enter `^test.*`.
435
361
436
362
. Optional. You can create a second auto-prune policy by clicking *Add Policy* and entering the required information.
437
363
438
364
. Click *Save*. A notification that your auto-prune policy has been updated appears.
439
365
440
366
.Verification
441
367
442
-
* Navigate to the *Tags* page of your Organization's repository. With this example, tags are marked for deletion starting from the tag's oldest creation date. After a few minutes, the auto-pruner worker removes tags that no longer fit within the established criteria. In this example, it removes the `busybox:test` tag, and keeps the `busybox:test2`, `busybox:test3`, and `busybox:test4` tag.
368
+
* Navigate to the *Tags* page of your Organization's repository. With this example, Tags that are older than 5 minutesthat _do not_ match the `^test.*` _regex_ tag are automatically pruned when the pruner runs.
443
369
+
444
370
After tags are automatically pruned, they go into the {productname} time machine, or the amount of time after a tag is deleted that the tag is accessible before being garbage collected. The expiration time of an image tag is dependent on your organization's settings. For more information, see link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#garbage-collection[{productname} garbage collection].
<1> Setting `tagPatternMatches` to `false` makes it so that tags that all tags that _do not_ match the given regex pattern are pruned. In this example, all tags _but_ `^test.` are pruned.
495
422
+
496
423
.Example output
497
424
+
@@ -567,11 +494,11 @@ You can use {productname} API endpoints to manage auto-pruning policies on a rep
567
494
568
495
.Procedure
569
496
570
-
. Enter the following link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#createuserautoprunepolicy[`POST /api/v1/user/autoprunepolicy/`] command create a new policy that limits the number of tags for the current user:
497
+
. Enter the following link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#createuserautoprunepolicy[`POST /api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/`] command create a new policy that limits the number of tags for the user:
. You can update your policy for the current user by using the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#updateuserautoprunepolicy[`PUT /api/v1/user/autoprunepolicy/{policy_uuid}`] command. For example:
534
+
. You can update your policy for the current user by using the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#updateuserautoprunepolicy[`PUT /api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/<policy_uuid>`] command. For example:
608
535
+
609
536
[source,terminal]
610
537
----
@@ -613,7 +540,7 @@ $ curl -X PUT -H "Authorization: Bearer <bearer_token>" -H "Content-Type: ap
Copy file name to clipboardExpand all lines: modules/red-hat-quay-namespace-auto-pruning-overview.adoc
+14-2Lines changed: 14 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,7 +12,7 @@ Currently, two policies have been added:
12
12
13
13
After tags are automatically pruned, they go into the {productname} time machine, or the amount of time, after a tag is deleted, that the tag is accessible before being garbage collected. The expiration time of an image tag is dependent on your organization's settings. For more information, see link:https://access.redhat.com/documentation/en-us/red_hat_quay/{producty}/html-single/manage_red_hat_quay/index#garbage-collection[{productname} garbage collection].
14
14
15
-
Users can configure multiple policies per namespace or repository; this can be done through the {productname} v2 UI. Policies can also be set by using the API endpoints through the command-line interface (CLI).
15
+
Users can configure multiple policies per namespace or repository; this can be done through the {productname} v2 UI. Policies can also be set by using the API endpoints through the command-line interface (CLI).
== Prerequisites and limitations for auto-pruning and multiple policies
@@ -28,4 +28,16 @@ The following prerequisites and limitations apply to the auto-pruning feature:
28
28
* If you are configuring multiple auto-prune policies, rules are processed without particular order, and individual result sets are processed immediately before moving on to the next rule.
29
29
** For example, if an image is already subject for garbage collection by one rule, it cannot be excluded from pruning by another rule.
30
30
31
-
* If you have both an auto-pruning policy for an organization and a repository, the auto-pruning policies set at the organization level are executed first.
31
+
* If you have both an auto-pruning policy for an organization and a repository, the auto-pruning policies set at the organization level are executed first.
32
+
33
+
[id="autopruning-regular-expressions"]
34
+
== Regular expressions with auto-pruning
35
+
36
+
{productname} administrators can leverage _regular expressions_, or _regex_, to match a subset of tags for both organization- and repository-level auto-pruning policies. This provides more granular auto-pruning policies to target only certain image tags for removal. Consider the following when using _regular expressions_ with the auto-pruning feature:
37
+
38
+
* _Regular expressions_ are optional.
39
+
* If a _regular expression_ is not provided, the auto-pruner defaults to pruning all image tags in the organization or the repository. These are user-supplied and must be protected against ReDOS attacks.
40
+
* Registry-wide policies do not currently support _regular expressions_. Only organization- and repository-level auto-pruning policies support _regular expressions_.
41
+
* _Regular expressions_ can be configured to prune images that either do, or _do not_, match the provided _regex_ pattern.
42
+
43
+
Some of the following procedures provide example auto-pruning policies using _regular expressions_ that you can use as a reference when creating an auto-prune policy.
0 commit comments