Define image retention policies to ensure important images are never deleted
frontend-weight1 backend-weight1
Problem to solve
Currently, in the container expiration policies, there is no way to express something such as "no matter what, don't delete this tag". This introduces risk into the deletion process, as it's possible to delete release
or master
images.
Intended users
Proposal
- Add the
name_regex_keep
as an option to the container expiration policies. - Rename the existing column
name_regex
toname_regex_delete
to match the updates made in the bulk delete api - The default value for
name_regex_keep
for a policy will be NULL or blank, this will go into effect for existing policies. -
name_regex_keep
will be optional - Update the documentation to demonstrate how to use the feature.
UI
Permissions and Security
There are no changes to permissions and no immediate security impact.
Documentation
The container expiration policy docs will be updated showing the new option with details on how it works.
What does success look like, and how can we measure that?
- We can set a retention regex on an expiration policy specifying a pattern of tags that must not be deleted for that policy.
Links / references
Bulk Delete API issue that added the new param to the cleanup service. #27072 (closed)
Edited by Tim Rizzi