it-systeme

christoph ender

about

Hello there! These pages are intended to share notes and experiences from my work as an IT freelancer – yes, you can hire me – working in OPs, networking and development.
→ read more …

contact

mobile: +49 (0)171 1592365
e-mail: christoph.ender@it-sys-ce.de
pgp: 0fe1e446f585711c3d56d45154f51a402f3c6660 2f3c6660
mastodon: @chrender@mastodon.social

latest blog entry: “removal from private docker registry”

It seems there's no easy way to remove tags / images from a private docker registry. It seems the most straightforward way is something like this:

rm-docker-img-tag.sh
#!/bin/bash

if [[ $# -lt 3 || $# -gt 4 ]]; then
  echo "Syntax: ${0} <registry-url> <name> <tag> [auth-name:auth-password]"
  exit 1
fi

REGISTRY=${1}
NAME=${2}
TAG=${3}
if [[ $# -eq 4 ]]; then AUTH_PARAMS="-u ${4}"; fi

DIGEST=$(
 curl \
  --silent \
  --head \
  -H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
  -o /dev/null \
  -w '%header{Docker-Content-Digest}' \
  ${AUTH_PARAMS} \
  "https://${REGISTRY}/v2/${NAME}/manifests/${TAG}")

curl \
  -X DELETE \
  ${AUTH_PARAMS} \
  --silent \
  --head \
  "https://${REGISTRY}/v2/${NAME}/manifests/${DIGEST}"

Before being able to delete anything, the registry's environment has to contain the following setting:

REGISTRY_STORAGE_DELETE_ENABLED=true

Once the script has been successfully run it's necessary to manually initiate the registry's garbage collection:

docker exec -it my-registry \
  bin/registry garbage-collect /etc/docker/registry/config.yml

→ read more …