如何删除所有存储库中的所有图像,除了 gcloud 平台中一个名为 "devops" 的存储库

How to delete all images in all repositories except in one repository named "devops" in gcloud platform

我有删除存储库中除最新 6 个图像之外的所有图像的代码,但我想将脚本提升到下一个级别,删除存储库中除名为“devops”的存储库之外的所有图像..

IFS=$'\n\t'
set -eou pipefail

if [[ "$#" -ne 2 || "" == '-h' || "" == '--help' ]]; then
    cat >&2 <<"EOF"

EOF
    exit 1
# elif [  -ge 0 ] 2>/dev/null; then
#     echo "no number of images to remain given" >&2
#     exit 1
fi

main() {
    local C=0
    IMAGE=""
    NUMBER_OF_IMAGES_TO_REMAIN=$(( - 1))

    DATE=$(gcloud container images list-tags $IMAGE --limit=unlimited \
        --sort-by=~TIMESTAMP --format=json | TZ=/usr/share/zoneinfo/UTC jq -r '.['$NUMBER_OF_IMAGES_TO_REMAIN'].timestamp.datetime | sub("(?<before>.*):"; .before ) | strptime("%Y-%m-%d %H:%M:%S%z") | mktime | strftime("%Y-%m-%d")')

    for digest in $(gcloud container images list-tags $IMAGE --limit=unlimited --sort-by=~TIMESTAMP \
        --filter="timestamp.datetime < '${DATE}'" --format='get(digest)'); do
        (
            set -x
            gcloud container images delete -q --force-delete-tags "${IMAGE}@${digest}"
        )
        let C=C+1
    done
    echo "Deleted ${C} images in ${IMAGE}." >&2
}

main "" ```

澄清一下,我们正在谈论 Google Continaer Registry not about Google Source Repository. In order to manage GCR images I would recommend you GCR-cleaner tool which finds and deletes old images based on different criteria

令人困惑,但是,Google Container Registry 不同于其他 Google Cloud Platform 服务,因为它代表了第 3 方 (Docker) Registry API.

因此,在 Container Registry 中没有用于管理映像的 Google (!) 客户端库集,并且与几乎所有其他 gcloud 命令不同,gcloud container images 命令调用 Google 对 Docker 注册表 API 的实施。您可以通过将 --log-http 附加到 gcloud container images 命令来观察这一点。

所有这些都是为了说明 没有 Google Python SDK 用于与此服务进行交互。

另一个怪癖是 Google Cloud Platform 项目 拥有 Google Container Registry 注册表,但映射非常重要。它通常是 gcr.io/${PROJECT},但也可以是 us.gcr.io/${PROJECT}。以下脚本假定 (!) gcr.io/${PROJECT}

您在问题中包含的代码是 bash。本着这种精神(并考虑到上述情况),这里有一个脚本可以满足您的需求。

非常小心,因为如果包含删除命令,此脚本将不可撤销地删除 所有 图像 ${EXCLUDE}

之外的每个个项目

小心行事

不安全

# Exclude this project
EXCLUDE="devops"

PROJECTS=$(gcloud projects list --format="value(projectId)")

# Projects accessible to current user
for PROJECT in ${PROJECTS}
do
  printf "Project: %s\n" ${PROJECT}
  if [ "${PROJECT}" == "${EXCLUDE}" ]
  then
    printf "Excluding Repository: %s\n" ${PROJECT}
  else
    printf "Including Repository: %s\n" ${PROJECT}
    # Images in ${PROJECT} repository
    IMAGES=$(gcloud container images list --project=${PROJECT})
    for IMAGE in ${IMAGES}
    do
      printf "Deleting Image: %s\n" ${IMAGE}
      # Image delete command goes here
    done
  fi
done

不安全

# 评论替换为:

gcloud container images delete ${IMAGE} --project=${PROJECT}

最不安全

# 评论替换为:

gcloud container images delete ${IMAGE} --project=${PROJECT} --quiet

没那么可怕

向脚本提供您希望包含在清除中的项目(存储库)列表的风险较小。但是,这个脚本仍然很危险:

# Include these projects
PROJECTS=("first" "second" "third")

# Projects accessible to current user
for PROJECT in ${PROJECTS[@]}
do
  printf "Including Repository: %s\n" ${PROJECT}
  # Images in ${PROJECT} repository
  IMAGES=$(gcloud container images list --project=${PROJECT})
  for IMAGE in ${IMAGES}
  do
    printf "Deleting Image: %s\n" ${IMAGE}
    # Image delete command goes here
  done
fi

重申请谨慎行事

删除图像不可撤销,您将无法恢复已删除的图像