This repo is for a docker image used to allow Nexus admins to create custom cleanup rules for docker-repo.
You can run this job as a docker image simply by replacing the env variables with your environment data:
docker run -it -e NEXUS_AUTH="[username:password]" -e NEXUS_URL="[your_nexus_url]" quay.io/travelaudience/nexus-cleanup-job:latest -p "60 '^v2\/.*\/manifests\/([a-f0-9]{64})$' last_downloaded false"
This will do a soft delete of all images tagged with 64-chars SHA that haven't been downloaded for over 60 days. In order to run hard delete and clear the storage size, please read the section 'Setting up tasks to run after cleanup'.
This image was aimed to be used on a kubernetes cron-job for periodic cleanup, but you can use it however you want to.
The image works well with Nexus chart configuration.
From Nexus version 3.21.2 Groovy scripting was disabled by default. In order to make this tool work, you will need to enable them: https://support.sonatype.com/hc/en-us/articles/360045220393-Scripting-Nexus-Repository-Manager-3#how-to-enable
The arguments that need to be passed to the image have a strict organisation and format, please follow it when using this image in your solution.
| Argument (-x) | Description | Structure |
|---|---|---|
| p | parameters for setting up custom cleanup script | "[days] [regex_for_db] [date_query_field] [not_downloaded]" |
| t | Nexus tasks IDs to run after custom cleanup | "[ID1] [ID2] [ID3]" |
Setting up cleanup script (-p)
The custom cleanup is based on Nexus's OrientDB query. The parameters that you need to pass after -p are parameters array for querying the DB (for more info look into Query.java). You can pass multiple parameters arrays by using multiple -p declarations. Each Array will create a different query to the DB.
Each set of -p parameters will create the following type of query :
SELECT * FROM asset WHERE name MATCHES '[regex_for_db]' AND [date_query_field] < [current_date - days]
** UPDATE: When using last_downloaded as [date_query_field] , the script until now didn't delete artefacts that were never downloaded ( Null field wasn't included in the query). From now, by adding another cleanup task with [not_downloaded] set to true on the script in the -p argument, The tool will create a cleanup task that will use the following DB query:
SELECT * FROM asset WHERE blob_updated < [current_date - days] AND name MATCHES '[regex_for_db]' AND last_downloaded IS NULL
The [days] argument will be used for limiting the non downloaded artefacts to ones that were only updated before [days] days. Setting up tasks to run after cleanup (-t)
Argument -t is meant to be trigger Nexus pre-configured tasks after the custom cleanup. This tasks should be configured manually in Nexus, and their ID should be passed to the image.
The most important task ID to pass is for the Admin - Compact blob store task. The custom cleanup is a soft delete and only by running this task, HD space will be actually freed.
It is important to pass this task as the last one in -t argument spaced string, as it runs synchronically.
To understand better which pre-configured tasks should be run, please look into Docker cleanup strategies in Nexus guide .
| ENV_VAR | Description | Default Value |
|---|---|---|
| NEXUS_AUTH | Authorisation for your Nexus api. it will be in the format of 'username:password'. If `nexusProxy.env.cloudIamAuthEnabled' is used , please use an auth token |
"abcd:1234" |
| NEXUS_URL | Your Nexus external URL | "https://nexus.example.com" |
| NEXUS_REPO | Docker repo name | 'docker-hosted' |
Contributions are welcomed! Read the Contributing Guide for more information.
This project is licensed under the MIT License - see the LICENSE file for details