Page MenuHomePhabricator

Remove obsoleted docker images
Open, MediumPublic

Description

We still serve some obsoleted, unmaintained docker images in our registry. This is wrong and potentially exposes users of those to unpatched vulnerabilities.

We should sunset and remove all such images.

To this end we need a simple cli tool to remove images (and specific tags) from the registry.

We will then need to list and confirm removal of such images in this task.

Details

Related Gerrit Patches:
operations/docker-images/docker-report : masterAdd a registryctl command-line utility

Event Timeline

Joe created this task.Mon, Jan 13, 1:32 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMon, Jan 13, 1:32 PM

Change 563482 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/docker-images/docker-report@master] Add a registryctl command-line utility

https://gerrit.wikimedia.org/r/563482

MoritzMuehlenhoff triaged this task as Medium priority.Tue, Jan 14, 9:10 AM

Change 563482 merged by jenkins-bot:
[operations/docker-images/docker-report@master] Add a registryctl command-line utility

https://gerrit.wikimedia.org/r/563482

Mentioned in SAL (#wikimedia-operations) [2020-01-14T17:21:36Z] <_joe_> upload docker-report 0.0.2 to {buster,stretch}-wikimedia T242604

brennen moved this task from Backlog to Watching on the User-brennen board.