Container Registry API to bulk delete images at instance level
Problem to solve
The GitLab Container Registry allows users to build, publish and share images using the Docker client and their pipelines. Many of our users leverage GitLab CI to build images with each commit so that they can test their code. Users can delete images from their project's container registry (coming soon: group's container registry) or leveraging the project level bulk delete API.
However, we do not give administrator's the ability to purge the entire Container Registry.
Intended users
Further details
- In order to extend the delete API to the instance level, we will first need to solve performance issues with the project level API.
Proposal
Add a bulk delete API for the container registry at the instance level.
This API call performs the following operations: (same as group and project level delete)
- It orders all tags by creation date. The creation date is the time of the manifest creation, not the time of tag push.
- It removes only the tags matching the given name_regex.
- It never removes the tag named latest.
- It keeps N latest matching tags (if keep_n is specified).
- It only removes tags that are older than X amount of time (if older_than is specified).
Permissions and Security
- This API should be limited to instance owner's.
Documentation
Testing
What does success look like, and how can we measure that?
- We give administrators a way to clean up the container registry at the instance level.
- We can use the API to add a purge registry option in the UI