Last active
May 21, 2025 15:28
-
-
Save gquittet/a13715e33b74fd85217b28f065c4dc06 to your computer and use it in GitHub Desktop.
Revisions
-
gquittet revised this gist
May 21, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -111,7 +111,7 @@ for REPOSITORY in $REPOSITORIES; do for IMAGE in $VERSION_IMAGES; do BLOB_DATE=$(get_image_date "$REPOSITORY" "$TOKEN" "$IMAGE") if [ "$BLOB_DATE" -lt "$BLOB_LIMIT_DATE" ]; then delete_image "$REPOSITORY" "$TOKEN" "$IMAGE" fi done -
Apr 24, 2025 . 1 changed file with 13 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -95,7 +95,19 @@ for REPOSITORY in $REPOSITORIES; do done echo "Cleaning old versions images..." # Select all versions and sort by numbers to always keep the latest version even if the date is lower than the limit. VERSION_IMAGES=$(curl --silent -H "Authorization: Bearer $TOKEN" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/tags/list | jq -r ' .tags | map(select(test("^v\\d+\\.\\d+\\.\\d+$"))) | map({ raw: ., major: (capture("^v(?<major>\\d+)").major | tonumber), minor: (capture("^v\\d+\\.(?<minor>\\d+)").minor | tonumber), patch: (capture("^v\\d+\\.\\d+\\.(?<patch>\\d+)").patch | tonumber) }) | sort_by(.major, .minor, .patch) | map(.raw)[:-1][] ') for IMAGE in $VERSION_IMAGES; do BLOB_DATE=$(get_image_date "$REPOSITORY" "$TOKEN" "$IMAGE") if [ "$BLOB_DATE" -lt "$BLOB_LIMIT_DATE" ]; then -
Apr 3, 2025 . 1 changed file with 14 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,19 @@ #!/usr/bin/env sh install_missing_dep() { if ! command -v "$1" > /dev/null 2>&1; then echo "Installing $1..." apk add "$1" fi } DEPS="curl jq" echo "Checking dependencies..." for DEP in $DEPS; do install_missing_dep "$DEP" done # The goal of this script is to clean all images created by a CD # Remove all cache commit images + old versions (one month old) -
Apr 3, 2025 . 1 changed file with 8 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ #!/usr/bin/env sh # The goal of this script is to clean all images created by a CD # Remove all cache commit images + old versions (one month old) @@ -10,7 +10,7 @@ REGISTRY_AUTH_TOKEN_SERVICE=Authentication BLOB_LIMIT_DURATION=$((30*24*60*60)) # 30 days in seconds if test -f .env; then . .env fi REGISTRY_ENDPOINT="http://${REGISTRY_HTTP_ADDR-127.0.0.1:5000}/v2" @@ -22,12 +22,13 @@ echo "Login to registry..." # If the password is defined via env var -> don't ask and ask if it's not the case. if [ -z "$CLEAN_REGISTRY_AUTH_PASSWORD" ]; then echo "Enter the password for (admin):" # shellcheck disable=SC3045 read -rs PASSWORD else PASSWORD=$CLEAN_REGISTRY_AUTH_PASSWORD fi delete_image() { REPOSITORY=$1 TOKEN=$2 IMAGE=$3 @@ -37,7 +38,7 @@ function delete_image { curl --silent -X DELETE -H "Authorization: Bearer $TOKEN" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/manifests/"$SHA_SUM" } get_image_date() { REPOSITORY=$1 TOKEN=$2 IMAGE=$3 @@ -47,21 +48,21 @@ function get_image_date { echo "$BLOB_DATE" } list_repositories() { TOKEN=$(curl --silent -u admin:"$PASSWORD" "$CLEAN_REGISTRY_AUTH_ENDPOINT/auth?service=$REGISTRY_AUTH_TOKEN_SERVICE&scope=registry:catalog:*" | jq '.token' | tr -d '"') REPOSITORIES=$(curl --silent -H "Authorization: Bearer $TOKEN" "$REGISTRY_ENDPOINT"/_catalog | jq -r '.repositories | .[]') echo "$REPOSITORIES" } auth_repository() { REPOSITORY=$1 TOKEN=$(curl --silent -u admin:"$PASSWORD" "$CLEAN_REGISTRY_AUTH_ENDPOINT/auth?service=$REGISTRY_AUTH_TOKEN_SERVICE&scope=repository:$REPOSITORY:pull,delete" | jq '.token' | tr -d '"') echo "$TOKEN" } # Used for debug purposes only list_tags() { REPOSITORIES=$(list_repositories) for REPOSITORY in $REPOSITORIES; do TOKEN=$(auth_repository "$REPOSITORY") -
Apr 3, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,7 +4,7 @@ # Remove all cache commit images + old versions (one month old) # Replace me CLEAN_REGISTRY_AUTH_ENDPOINT=http://internal-docker-registry-auth:5001 REGISTRY_AUTH_TOKEN_SERVICE=Authentication BLOB_LIMIT_DURATION=$((30*24*60*60)) # 30 days in seconds -
Apr 3, 2025 . 1 changed file with 44 additions and 32 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,88 +4,100 @@ # Remove all cache commit images + old versions (one month old) # Replace me CLEAN_REGISTRY_AUTH_ENDPOINT="http://internal-docker-registry-auth:5001" REGISTRY_AUTH_TOKEN_SERVICE=Authentication BLOB_LIMIT_DURATION=$((30*24*60*60)) # 30 days in seconds if test -f .env; then source .env fi REGISTRY_ENDPOINT="http://${REGISTRY_HTTP_ADDR-127.0.0.1:5000}/v2" NOW=$(date +%s) BLOB_LIMIT_DATE=$(date -d@"$((NOW-BLOB_LIMIT_DURATION))" +%s) echo "Login to registry..." # If the password is defined via env var -> don't ask and ask if it's not the case. if [ -z "$CLEAN_REGISTRY_AUTH_PASSWORD" ]; then echo "Enter the password for (admin):" read -rs PASSWORD else PASSWORD=$CLEAN_REGISTRY_AUTH_PASSWORD fi function delete_image { REPOSITORY=$1 TOKEN=$2 IMAGE=$3 echo "Cleaning $REPOSITORY:$IMAGE..." SHA_SUM=$(curl --silent -v -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/manifests/"$IMAGE" 2>&1 | grep Docker-Content-Digest | awk '{print ($3)}') curl --silent -X DELETE -H "Authorization: Bearer $TOKEN" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/manifests/"$SHA_SUM" } function get_image_date { REPOSITORY=$1 TOKEN=$2 IMAGE=$3 BLOB=$(curl --silent -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/manifests/"$IMAGE" | jq -r '.config.digest') BLOB_DATE=$(curl --silent -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/blobs/"$BLOB" | jq -r '.created | sub("\\.[[:digit:]]+"; "") | fromdateiso8601') echo "$BLOB_DATE" } function list_repositories { TOKEN=$(curl --silent -u admin:"$PASSWORD" "$CLEAN_REGISTRY_AUTH_ENDPOINT/auth?service=$REGISTRY_AUTH_TOKEN_SERVICE&scope=registry:catalog:*" | jq '.token' | tr -d '"') REPOSITORIES=$(curl --silent -H "Authorization: Bearer $TOKEN" "$REGISTRY_ENDPOINT"/_catalog | jq -r '.repositories | .[]') echo "$REPOSITORIES" } function auth_repository { REPOSITORY=$1 TOKEN=$(curl --silent -u admin:"$PASSWORD" "$CLEAN_REGISTRY_AUTH_ENDPOINT/auth?service=$REGISTRY_AUTH_TOKEN_SERVICE&scope=repository:$REPOSITORY:pull,delete" | jq '.token' | tr -d '"') echo "$TOKEN" } # Used for debug purposes only function list_tags { REPOSITORIES=$(list_repositories) for REPOSITORY in $REPOSITORIES; do TOKEN=$(auth_repository "$REPOSITORY") curl --silent -H "Authorization: Bearer $TOKEN" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/tags/list done } REPOSITORIES=$(list_repositories) for REPOSITORY in $REPOSITORIES; do echo "Cleaning $REPOSITORY repository..." TOKEN=$(auth_repository "$REPOSITORY") echo "Cleaning non-version (non vA.B.C/latest images)..." COMMIT_IMAGES=$(curl --silent -H "Authorization: Bearer $TOKEN" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | test("^v\\d+\\.\\d+\\.\\d+$") | not) | select(. != "latest")') for IMAGE in $COMMIT_IMAGES; do delete_image "$REPOSITORY" "$TOKEN" "$IMAGE" done echo "Cleaning old versions images..." VERSION_IMAGES=$(curl --silent -H "Authorization: Bearer $TOKEN" "$REGISTRY_ENDPOINT"/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | test("^v\\d+\\.\\d+\\.\\d+$"))') for IMAGE in $VERSION_IMAGES; do BLOB_DATE=$(get_image_date "$REPOSITORY" "$TOKEN" "$IMAGE") if [ "$BLOB_DATE" -lt "$BLOB_LIMIT_DATE" ]; then delete_image "$REPOSITORY" "$IMAGE" fi done echo "" done echo "Running garbage collection..." registry garbage-collect --delete-untagged /etc/docker/registry/config.yml echo "" echo "Done!" echo "" echo "List of remaining tags:" list_tags echo "" -
Apr 3, 2025 . No changes.There are no files selected for viewing
-
Apr 3, 2025 . 1 changed file with 11 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -43,6 +43,17 @@ function auth_repository { echo "$TOKEN" } # Used for debug purposes only function list_tags { PASSWORD=$1 REPOSITORIES=$(list_repositories "$PASSWORD") for REPOSITORY in $REPOSITORIES; do TOKEN=$(auth_repository "$REPOSITORY" "$PASSWORD") curl --silent -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/"$REPOSITORY"/tags/list done } NOW=$(date +%s) THIRTY_DAYS_IN_SECONDS=$((30*24*60*60)) BLOB_LIMIT_DATE=$(date -d@"$(( NOW-THIRTY_DAYS_IN_SECONDS))" +%s) -
Apr 3, 2025 . 1 changed file with 59 additions and 13 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,28 +7,74 @@ AUTH_ENDPOINT="http://internal-docker-registry-auth:5001" REGISTRY_ENDPOINT="http://127.0.0.1:5000/v2" function delete_image { REPOSITORY=$1 TOKEN=$2 IMAGE=$3 echo "Cleaning $REPOSITORY:$IMAGE..." SHA_SUM=$(curl --silent -v -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" $REGISTRY_ENDPOINT/"$REPOSITORY"/manifests/"$IMAGE" 2>&1 | grep Docker-Content-Digest | awk '{print ($3)}') curl --silent -X DELETE -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/"$REPOSITORY"/manifests/"$SHA_SUM" } function get_image_date { REPOSITORY=$1 TOKEN=$2 IMAGE=$3 BLOB=$(curl --silent -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" $REGISTRY_ENDPOINT/"$REPOSITORY"/manifests/"$IMAGE" | jq -r '.config.digest') BLOB_DATE=$(curl --silent -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" $REGISTRY_ENDPOINT/"$REPOSITORY"/blobs/"$BLOB" | jq -r '.created | sub("\\.[[:digit:]]+"; "") | fromdateiso8601') echo "$BLOB_DATE" } function list_repositories { PASSWORD=$1 TOKEN=$(curl --silent -u admin:"$PASSWORD" "$AUTH_ENDPOINT/auth?service=Authentication&scope=registry:catalog:*" | jq '.token' | tr -d '"') REPOSITORIES=$(curl --silent -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/_catalog | jq -r '.repositories | .[]') echo "$REPOSITORIES" } function auth_repository { REPOSITORY=$1 PASSWORD=$2 TOKEN=$(curl --silent -u admin:"$PASSWORD" "$AUTH_ENDPOINT/auth?service=Authentication&scope=repository:$REPOSITORY:pull,delete" | jq '.token' | tr -d '"') echo "$TOKEN" } NOW=$(date +%s) THIRTY_DAYS_IN_SECONDS=$((30*24*60*60)) BLOB_LIMIT_DATE=$(date -d@"$(( NOW-THIRTY_DAYS_IN_SECONDS))" +%s) echo "Login to registry..." echo "Enter the password for (admin):" read -rs PASSWORD REPOSITORIES=$(list_repositories "$PASSWORD") for REPOSITORY in $REPOSITORIES; do echo "Cleaning $REPOSITORY repository..." echo "" TOKEN=$(auth_repository "$REPOSITORY" "$PASSWORD") echo "Cleaning non-version (non vA.B.C/latest images)..." echo "" COMMIT_IMAGES=$(curl --silent -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | test("^v\\d+\\.\\d+\\.\\d+$") | not) | select(. != "latest")') for IMAGE in $COMMIT_IMAGES; do delete_image "$REPOSITORY" "$TOKEN" "$IMAGE" done echo "Cleaning old versions images..." echo "" VERSION_IMAGES=$(curl --silent -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | test("^v\\d+\\.\\d+\\.\\d+$"))') for IMAGE in $VERSION_IMAGES; do BLOB_DATE=$(get_image_date "$REPOSITORY" "$TOKEN" "$IMAGE") if [ "$BLOB_DATE" -lt "$BLOB_LIMIT_DATE" ]; then delete_image "$REPOSITORY" "$IMAGE" fi done done echo "Running garbage collection..." registry garbage-collect --delete-untagged /etc/docker/registry/config.yml echo "Done!" -
Apr 3, 2025 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,8 @@ #!/usr/bin/env bash # The goal of this script is to clean all images created by a CD # Remove all cache commit images + old versions (one month old) # Replace me AUTH_ENDPOINT="http://internal-docker-registry-auth:5001" REGISTRY_ENDPOINT="http://127.0.0.1:5000/v2" -
Apr 3, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -20,7 +20,7 @@ for REPOSITORY in $REPOSITORIES; do IMAGES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | startswith("v") | not) | select(. != "latest")') for IMAGE in $IMAGES; do echo "Cleaning $REPOSITORY:$IMAGE..." SHA_SUM=$(curl --silent -v -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" $REGISTRY_ENDPOINT/"$REPOSITORY"/manifests/"$IMAGE" 2>&1 | grep Docker-Content-Digest | awk '{print ($3)}') curl -v -X DELETE -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/"$REPOSITORY"/manifests/"$SHA_SUM" done done -
Apr 3, 2025 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -10,18 +10,18 @@ read -rs PASSWORD echo "Listing repositories..." TOKEN=$(curl -u admin:"$PASSWORD" "$AUTH_ENDPOINT/auth?service=Authentication&scope=registry:catalog:*" | jq '.token' | tr -d '"') REPOSITORIES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/_catalog | jq -r '.repositories | .[]') for REPOSITORY in $REPOSITORIES; do echo "Cleaning $REPOSITORY repository..." echo "" TOKEN=$(curl -u admin:"$PASSWORD" "$AUTH_ENDPOINT/auth?service=Authentication&scope=repository:$REPOSITORY:pull,delete" | jq '.token' | tr -d '"') IMAGES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | startswith("v") | not) | select(. != "latest")') for IMAGE in $IMAGES; do echo "Cleaning $REPOSITORY:$IMAGE..." SHA_SUM=$(curl --silent -v -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" $REGISTRY_ENDPOINT/v2/"$REPOSITORY"/manifests/"$IMAGE" 2>&1 | grep Docker-Content-Digest | awk '{print ($3)}') curl -v -X DELETE -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/"$REPOSITORY"/manifests/"$SHA_SUM" done done -
Apr 3, 2025 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,22 +1,22 @@ #!/usr/bin/env bash # Replace me AUTH_ENDPOINT="http://internal-docker-registry-auth:5001" REGISTRY_ENDPOINT="http://127.0.0.1:5000/v2" echo "Login to registry..." echo "Enter the password:" read -rs PASSWORD echo "Listing repositories..." TOKEN=$(curl -u admin:"$PASSWORD" "$AUTH_ENDPOINT/auth?service=Authentication&scope=registry:catalog:*" | jq '.token' | tr -d '"') REPOSITORIES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/v2/_catalog | jq -r '.repositories | .[]') for REPOSITORY in $REPOSITORIES; do echo "Cleaning $REPOSITORY repository..." echo "" TOKEN=$(curl -u admin:"$PASSWORD" "$AUTH_ENDPOINT/auth?service=Authentication&scope=repository:$REPOSITORY:pull,delete" | jq '.token' | tr -d '"') IMAGES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/v2/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | startswith("v") | not) | select(. != "latest")') for IMAGE in $IMAGES; do echo "Cleaning $REPOSITORY:$IMAGE..." -
Apr 3, 2025 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -9,14 +9,14 @@ echo "Enter the password:" read -rs PASSWORD echo "Listing repositories..." TOKEN=$(curl -u admin:"$PASSWORD" "$AUTH_ENDPOINT/?service=Authentication&scope=registry:catalog:*" | jq '.token' | tr -d '"') REPOSITORIES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/v2/_catalog | jq -r '.repositories | .[]') for REPOSITORY in $REPOSITORIES; do echo "Cleaning $REPOSITORY repository..." echo "" TOKEN=$(curl -u admin:"$PASSWORD" "$AUTH_ENDPOINT/?service=Authentication&scope=repository:$REPOSITORY:pull,delete" | jq '.token' | tr -d '"') IMAGES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/v2/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | startswith("v") | not) | select(. != "latest")') for IMAGE in $IMAGES; do echo "Cleaning $REPOSITORY:$IMAGE..." -
Apr 2, 2025 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,31 @@ #!/usr/bin/env bash # Replace me AUTH_ENDPOINT="http://internal-docker-registry-auth:5001/auth" REGISTRY_ENDPOINT="http://127.0.0.1:5000/v2" echo "Login to registry..." echo "Enter the password:" read -rs PASSWORD echo "Listing repositories..." TOKEN=$(curl -u admin:"$PASSWORD" "$AUTH_ENDPOINT/auth?service=Authentication&scope=registry:catalog:*" | jq '.token' | tr -d '"') REPOSITORIES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/v2/_catalog | jq -r '.repositories | .[]') for REPOSITORY in $REPOSITORIES; do echo "Cleaning $REPOSITORY repository..." echo "" TOKEN=$(curl -u admin:"$PASSWORD" "$AUTH_ENDPOINT/auth?service=Authentication&scope=repository:$REPOSITORY:pull,delete" | jq '.token' | tr -d '"') IMAGES=$(curl -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/v2/"$REPOSITORY"/tags/list | jq -r '.tags | .[] | select(. | startswith("v") | not) | select(. != "latest")') for IMAGE in $IMAGES; do echo "Cleaning $REPOSITORY:$IMAGE..." SHA_SUM=$(curl --silent -v -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" $REGISTRY_ENDPOINT/v2/"$REPOSITORY"/manifests/"$IMAGE" 2>&1 | grep Docker-Content-Digest | awk '{print ($3)}') curl -v -X DELETE -H "Authorization: Bearer $TOKEN" $REGISTRY_ENDPOINT/v2/"$REPOSITORY"/manifests/"$SHA_SUM" done done echo "Running garbage collection..." registry garbage-collect /etc/docker/registry/config.yml echo "Done!"