Reputation: 563
How can we delete images from an Azure container registry (ACR) on an automated schedule?
In Azure, there's no easy way to delete obsolete, untagged Docker images from the container registry. This quickly gets to be a problem with the basic 10GB storage space. As shown in the answers to this question, and in Microsoft's documentation, it is possible using az commands in the console. That's fine for one-time use, but we have containers being pushed up there by CI, and need to run it on a schedule.
I looked at Azure automation runbooks, scheduler jobs, and timer-triggered functions. They all offer ways to do things on a schedule, but none of them allows me to simply run something at the Azure console.
Do I have to schedule this on a local machine? That seems crazy.
Upvotes: 3
Views: 2489
Answers (2)
Reputation: 6284
In case you are using Azure DevOps (Pipelines), there is an Azure CLI task, which could be used to cleanup after builds. Not quite the same as a scheduled task, but it worked for me.
The build agent must have the Azure CLI installed, authentication is handled by the task.
E.g. at the end of each build I do this:
az acr repository show-manifests \
--name my-registry \
--repository my-image \
--orderby time_desc \
--query "[5:].digest" \
-o tsv \
| xargs -I% az acr repository delete \
--name my-registry \
--image my-image@% \
--yes
This allows me to delete all images except the latest 5 - something that does not seem to be possible even with the new ACR purge tool.
Upvotes: 2
Reputation: 187
Auto-purge (https://feedback.azure.com/forums/903958-azure-container-registry/suggestions/31243189-acr-auto-purge) is a feature we're working on. We'll have the first capabilities this fall, but it will likely just provide deleting untagged images.
I need to post our design plans to get feedback, but in the meantime;
az acr repository delete is the most feasible. From the services you mentioned, if you run the az cli, logging in with --service-principal, you should be able to account for the delete.
Let me see if we can publish a sample/blog for how to automate this.
Upvotes: 1
Related Questions
- Azure Container Registry - delete all images except 2
- 'acr purge --untagged' is removing all tagged images from an ACR repository
- PowerShell script to keep latest 10 images on azure container registry and remaining need to delete
- How to get ACR image details that are not used (pulled) for a specific period?
- Azure Container Registry retention policy
- How to delete image from Azure Container Registry
- How to delete Docker Image on Azure Container Registry in Java?
- Azure ACR task not able to pull the docker image from Azure container registry
- Script to delete old images from Azure container registry
- How to automatically remove old Docker images?