Help admin learn about Container Registry management features
Problem to solve
The GitLab Container Registry allows developers to build, push and share Docker images/tags using the Docker client and/or GitLab CI/CD.
For organizations that build many images across many projects, it is important to regularly remove old, unused images and tags. However, many users do not know that they can use the Container Registry API to untag images run garbage collection to remove those untagged images from storage.
Intended users
Further details
Self-managed vs gitlab.com
- This is particularly problematic for our self-managed customers who are often caught off-guard by high storage costs and have the ability remove the images from storage.
- For gitlab.com, users can untag images using the UI or the Container Registry API, however they cannot run garbage collection. We still need to encourage untagging these images so that when we do add online garbage collection, we can ensure that we are not paying to storage images that are not useful.
Proposal
Create awareness amongst users that GitLab has features for untagging and removing images from storage.
- Notify Developers (and above) in the project level Container Registry UI with more than 500 image tags that they can/should untag unused images using the bulk delete API
- Notify Admin of self-managed instances in the project level Container Registry UI with more than 500 image tags that they can/should untag unused images using the bulk delete API AND remove the image tags from storage by running garbage collection.
- Notify Developers (and above) in the group level Container Registry UI with more than 500 image tags that they can/should untag unused images using the bulk delete API
- Notify Admin of self-managed instances in the group level Container Registry UI with more than 500 image tags that they can/should untag unused images using the bulk delete API AND remove the image tags from storage by running garbage collection.
Permissions and Security
- There are no permissions changes required for this issue.
Documentation
- As part of this effort, we are also working on refactoring the GitLab Container Registry Docs
Testing
Risks
- We've seen many issues related to deleting images and running garbage collection. It's a risk that by creating awareness for these features, that we will see more issues raised.
- Confirm permissions levels and that only instance owners can run garbage collection.
What does success look like, and how can we measure that?
- Success looks like more users are made aware of the Container Registry storage management features.
- Measure the number of delete APIs executed over time
- Measure the number of times garbage collection is run in self-managed instances
Edited by Iain Camacho