I'm using a setting like this:
However, this also makes the untagged artifact immutable.
I want to delete untagged artifacts according to the retention policy, but I can't delete them because they become immutable.
Is there a good way?
Asked
Active
Viewed 469 times
2
-
This was supposedly a bug that was fixed in Harbor 2.5, based on this Github issue: https://github.com/goharbor/harbor/issues/16335. I don't know what version you are using, but if you have the capability to upgrade your Harbor installation, you can try 2.5+. – Gino Mempin Jul 13 '22 at 13:00
1 Answers
-1
You can see the test_tag_immutability.py used by Harbor, and it does states that "excluding rule will not affect matching rule" (using the bmatcuk/doublestar pattern).
In your case, since the Tag immutability rule mentions that "[y]ou can add a maximum of 15 immutability rules per project", you could try and add a tag matching rule, with an empty pattern or {} (empty sequence of characters)
This might not be supported however.
The workaround would be to add an exclusion rule for tags named "untagged".
Any image tagged "untagged" (or latest) would therefore be candidate to deletion.
VonC
- 1,262,500
- 529
- 4,410
- 5,250
-
Thanks for checking, but unfortunately, it doesn't seem to be possible to set an empty `{}` in the immutability rule, and an **image named "untagged"** is not the same as an **untagged image** which just shows up as blank (https://i.stack.imgur.com/3jry2.png) and can't be matched by doublestar pattern. Furthermore, immutability rules take precedence over deletion rules: https://github.com/goharbor/harbor/issues/10506#issuecomment-576010252. So, even if you manage to mark an untagged image for deletion, the immutability rules block it :( – Gino Mempin Jul 13 '22 at 13:08
-
@GinoMempin OK, thank you for the feedback. Hopefully, someone else will have a better option/solution. – VonC Jul 13 '22 at 13:44