hub-feedback icon indicating copy to clipboard operation
hub-feedback copied to clipboard
verified publisher icon docker

Image management is tedious

Open hannes-ucsc opened this issue 9 months ago • 2 comments

It only operates on one page worth of images, there is no immediately apparent way of showing untagged images and there is no indicator of how many images (or pages) there are. This makes it rather tedious to delete stale or unused images.

What's really needed is a image lifecycle policy feature that would let me specify somthing like "automatically delete untagged index images and the images they refer to if all underlying (non-index) images were last pulled more than a month ago"

hannes-ucsc avatar Mar 19 '25 17:03 hannes-ucsc

Hey @hannes-ucsc we really appreciate the feedback! We are working to improve the user experience and incorporate more options to delete images in bulk!

sheltongraves avatar Mar 25 '25 13:03 sheltongraves

Please, consider adding automatic deletion of images based on criteria. I won't go and delete all old images periodically. Just let me choose a default delete policy that is used for all repositories. I don't fear loosing old images, that's why I have git, and there's a CI system, so if an image has not been pulled for over a year it means it is no longer in use.

albertca avatar Mar 26 '25 08:03 albertca

@sheltongraves can we go with our own script using a bearer token and this endpoins:

  • GET https://hub.docker.com/repository/docker/org/repository/image-management.data?filters=manifest&sortField=last_pulled&sortOrder=asc
  • DELETE https://hub.docker.com/v2/namespaces/org/repositories/repository/manifests
{"digests":["sha256:0bsdfsdfdsfsdb58070e5sdfdsfdsfdsfdsfdsfdsfdsfdsfdsfffffffffffffffsdfsdfdsfdsf"],"delete_references":true}

MostefaKamalLala avatar Apr 03 '25 21:04 MostefaKamalLala

more options to delete images in bulk!

Having an accessible API would let folks do their own bulk management rather than having to design UI and UX for it. I'd be fine if the permission to do so is only allowed via a token permission or the like (so that users can't accidentally do it and need to use a dedicated key for it).

mathstuf avatar Apr 04 '25 06:04 mathstuf

Hello! @mathstuf @hannes-ucsc @albertca We now support the OCI endpoint for deletion. You can find the endpoint documented here: https://docs.docker.com/reference/api/registry/latest/

In reference to automated deleted via policies this is something we have on the roadmap and will release in future.

sheltongraves avatar May 28 '25 17:05 sheltongraves

Thanks! However, the docs seems a bit confusing to me. First there is:

Only untagged manifests (or those not referenced by other tags or images) can be deleted. If a manifest is still referenced, the registry returns 403 Forbidden.

but then later an image is deleted that has the latest tag? If it is allowing me to delete it because latest is the only tag for it, how does that DELETE request communicate that I believe I am deleting the latest tag?

Also, does this work with skopeo delete or should I file an issue with that project to support this endpoint?

mathstuf avatar May 28 '25 19:05 mathstuf

Also, does this work with skopeo delete or should I file an issue with that project to support this endpoint?

A quick test shows that skopeo delete works!

mathstuf avatar May 28 '25 20:05 mathstuf

With that, I think the only thing missing here is the ability to list untagged images.

mathstuf avatar May 28 '25 20:05 mathstuf

has anyone successfully listed untagged images using https://hub.docker.com/repository/docker/org/repository/image-management.data?filters=manifest&sortField=last_pulled&sortOrder=asc?

LuisAlejandro avatar Jun 24 '25 14:06 LuisAlejandro

I made a script https://gist.github.com/LuisAlejandro/e73e7b6435e6c346104950f5587b8d3a#file-delete_stale-md

LuisAlejandro avatar Jun 24 '25 21:06 LuisAlejandro

Dear on top of the given comments, I was doing a bulk cleanup recently and I have seen the page index acting very weird, like continue to adding up even when removing images is really misleading, but others had already expressed improvements in that direction so i simply second those. I took a video of the UX, while doing it manually, not so awesome Thanks for any improvements you might bring in, will be better for future

https://github.com/user-attachments/assets/44dc5654-e21d-4684-a9b5-d459d7572fd8

robertodavicopersonal avatar Sep 16 '25 10:09 robertodavicopersonal

I'm wanting to do some cleanup of our old/untagged images and found no easy way to do so. I'm sure if Docker made this easy for folks they would save some disk space!

I tried the UI and fell flat (no way to filter on untagged images and the pagination limit is quite small.) The v2 API does not seem to support a way to do this directly either. Our org has lots of repos so I'm mostly interested in an API-based solution.

I'm looking at the script that @LuisAlejandro has provided.

jbiel avatar Sep 22 '25 23:09 jbiel

I'm wanting to do some cleanup of our old/untagged images and found no easy way to do so. I'm sure if Docker made this easy for folks they would save some disk space!

I tried the UI and fell flat (no way to filter on untagged images and the pagination limit is quite small.) The v2 API does not seem to support a way to do this directly either. Our org has lots of repos so I'm mostly interested in an API-based solution.

We're in the same situation, we have hundreds of repos. We tried to create an api-based solution, but insufficient testing of a solution that just deletes tags has now left ~20TB of unnecessary dangling images. We have no practical way to clean these up (it's pretty important to not accidentally delete layers of some image that's still in use), so I guess we'll just wait for a usable official way (ui or api).

The best overall solution from my perspective would be to be able to set up a policy for periodically cleaning up old/untagged images. It would be necessary to have configuration options for what constitutes 'old' (when was the last push/fetch). But right now we need a way to delete untagged images, that does not require using the ui and manually going slowly through thousands of pages.

mikkelblanne avatar Sep 23 '25 08:09 mikkelblanne

I'm wanting to do some cleanup of our old/untagged images and found no easy way to do so. I'm sure if Docker made this easy for folks they would save some disk space! I tried the UI and fell flat (no way to filter on untagged images and the pagination limit is quite small.) The v2 API does not seem to support a way to do this directly either. Our org has lots of repos so I'm mostly interested in an API-based solution.

We're in the same situation, we have hundreds of repos. We tried to create an api-based solution, but insufficient testing of a solution that just deletes tags has now left ~20TB of unnecessary dangling images. We have no practical way to clean these up (it's pretty important to not accidentally delete layers of some image that's still in use), so I guess we'll just wait for a usable official way (ui or api).

The best overall solution from my perspective would be to be able to set up a policy for periodically cleaning up old/untagged images. It would be necessary to have configuration options for what constitutes 'old' (when was the last push/fetch). But right now we need a way to delete untagged images, that does not require using the ui and manually going slowly through thousands of pages.

Even more. It probably makes a lot of sense for something like that to be the default setting.

Imagine how much money Docker, Inc would save it such a feature was implemented.

albertca avatar Sep 23 '25 09:09 albertca