Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Manage Image Overflow in our Quay.io Repository #843

Draft
wants to merge 12 commits into
base: main
Choose a base branch
from
Draft

Conversation

dlaw4608
Copy link
Contributor

Closes #769

This pull request introduces a proposed solution for managing the accumulation of image tags in the Quay.io repository.

Core Process:

It automates the cleanup process by filtering out older tags that are no longer relevant, while preserving tags deemed important (e.g., those containing a specific substring). The main components of this solution include fetching tags, filtering based on age and relevance, and deleting obsolete tags.

Key Components:

1. Tag Fetching (fetchTags):

Retrieves image tags from the Quay.io API using the appropriate authentication method.
Handles various HTTP response scenarios and errors.

2. Tag Filtering (filterTags):

Filters tags based on their last modified date and whether they contain a predefined substring.
Classifies tags into those to be deleted and those to be retained.

3. Tag Deletion (deleteTag):

Deletes specified tags from the repository using HTTP DELETE requests.
Handles different response scenarios to determine the success of the deletion operation.
package main

Testing:

To ensure the correctness of the implementation, mock tests have been added to simulate different HTTP responses and scenarios:

fetchTags Tests:

  • Error Making Request: Simulates a network error to verify error handling.

  • Non-200 Status Codes: Simulates API responses with error status codes (e.g., 400) to ensure proper error reporting.

  • JSON Parsing Errors: Tests the handling of malformed JSON responses.

  • Successful Response: Validates correct parsing of a successful response with sample tag data.

deleteTag Tests:

  • Successful Deletion: Verifies the behavior when a tag is successfully deleted.
  • Error Response: Simulates server errors during deletion to check error handling.
  • Request Error: Tests the scenario where a network error occurs during deletion.

filterTags Tests:

  • Correct Filtering: Tests filtering logic with a mix of old and recent tags, including those with preserved substrings.
  • No Deletions: Verifies the behavior when all tags are recent and should not be deleted.

Proposed future solution:

Instead of relying on a custom script that requires manual execution, leveraging the built-in expiration policy available in Quay.io presents a more clean and efficient solution. By using Quay.io's expiration policy, we can automatically manage and clean up old image tags without the need for additional maintenance.

1. Expiration Policy Setup:

Quay.io allows you to define expiration rules directly within the repository settings. These rules can automatically delete image tags after a specified period, such as 6 months, ensuring that outdated and unused images are purged from the repository.

2. Tagging Strategy:

Modify the image tagging process in your CI/CD pipeline to include a timestamp on non-critical tags. For example, tags could be formatted as v1.0.0-20250229 (for an image that expires on February 29, 2025).
Tags that should be preserved indefinitely, like latest, would not include a timestamp, thereby excluding them from the expiration policy.

3. Implementation in CI/CD Workflow:

Update your CI/CD pipeline to automatically append a 6-month expiration date to image tags that are not critical. This approach ensures that images are only retained as long as they are relevant, reducing manual cleanup efforts.

@KevFan KevFan self-assigned this Sep 4, 2024
@KevFan
Copy link
Contributor

KevFan commented Sep 4, 2024

Nice work @dlaw4608! I think this a great contribution that we'll need to run at least once across multiple quay repositories as we have so many stale/obselete tags that is comsuming unnessary quota in our quay repositories.

I'll continue on your work and address anything outstanding 👍

robotPass = os.Getenv("ROBOT_PASS")
robotUser = os.Getenv("ROBOT_USER")
accessToken = os.Getenv("ACCESS_TOKEN")
preserveSubstring = "latest" // Example Tag name that wont be deleted i.e relevant tags
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So we want to delete all old tags that are not latest!? What about vX.Y.Z release tags? We may want to expand this to a list of patterns to preserve, I suppose.

Copy link
Contributor

@KevFan KevFan Sep 4, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's only latest as it was a PoC, but yes, I'm also thinking of a list of patterns to perserve, such as released tags and release branches 🤔

@KevFan
Copy link
Contributor

KevFan commented Sep 6, 2024

Thinking on this, we should probably prevent the image overflow from continuing first (#851) before we look to run something like this to clean up the old/obselete tags

@KevFan KevFan force-pushed the overflow branch 2 times, most recently from b6c621d to c9eb415 Compare September 10, 2024 16:13
Copy link

codecov bot commented Sep 10, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 82.04%. Comparing base (ece13e8) to head (e5ea790).
Report is 179 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #843      +/-   ##
==========================================
+ Coverage   80.20%   82.04%   +1.83%     
==========================================
  Files          64       76      +12     
  Lines        4492     6092    +1600     
==========================================
+ Hits         3603     4998    +1395     
- Misses        600      747     +147     
- Partials      289      347      +58     
Flag Coverage Δ
bare-k8s-integration 4.50% <ø> (?)
controllers-integration 71.85% <ø> (?)
gatewayapi-integration 11.06% <ø> (?)
integration ?
istio-integration 56.18% <ø> (?)
unit 31.57% <ø> (+1.54%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
api/v1beta1 (u) 71.42% <ø> (ø)
api/v1beta2 (u) 85.35% <80.00%> (-6.08%) ⬇️
pkg/common (u) 88.13% <ø> (-0.70%) ⬇️
pkg/istio (u) 72.50% <ø> (-1.41%) ⬇️
pkg/log (u) 94.73% <ø> (ø)
pkg/reconcilers (u) ∅ <ø> (∅)
pkg/rlptools (u) 83.64% <ø> (+4.19%) ⬆️
controllers (i) 82.47% <82.08%> (+5.67%) ⬆️

see 43 files with indirect coverage changes

@KevFan KevFan force-pushed the overflow branch 3 times, most recently from 92eeb7c to 125b3f0 Compare September 10, 2024 16:25
@KevFan KevFan force-pushed the overflow branch 2 times, most recently from dcc8f79 to 26b34d8 Compare September 11, 2024 10:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Manage Image Overflow in our Quay.io Repository
3 participants