Problem
I have a Docker Container registry on Azure with one container holding multiple tagged versions. I'd like to remove the unused tags as they're taking up a lot of space and can be remade at any time.
Reasons
The only reason this Docker container registry exists is because of how VSTS handles builds and releases of Docker containers. When running a VSTS build, it stores the container in the registry on Azure with a new tag. Not all builds will be released so those tags can be safely removed.
VSTS manages builds very cleanly and removes them if they're not in use after 30 days (by default); although, once pushed to the Docker container registry, they will stay there indefinitely even without a matching VSTS build.
Question
How would I create a task to remove Docker containers from the registry that are no longer associated with a build in VSTS?
NOTE: The container tags match VSTS's buildId
s
As there's not a VSTS task to accomplish this task, you need to do a few steps to generate some JSON files of data then process that data and run some cmd commands through the Azure CLI.
Builds
You'll need to get the build definition id from VSTS. The link looks something like this:
https://example.visualstudio.com/CP/Example%20Team/_build/index?context=mine&path=%5C&definitionId=11&_a=completed
In this case, the defintion id is 11
: definitionId=11
.
Once you have the definition id, use this URL to query the API and get a list of only active builds. This link does not include deleted builds:
https://companionprotect.visualstudio.com/CP/_apis/build/builds?deletedFilter=exclude&definitions=BUILD_DEFINITION_ID
Tags
az login
az acr login --name {REGISTRY_NAME}
az acr repository show-tags --repository {CONTAINER_NAME} --output json > tags.json
Remove Unused Docker Container Tags
After processing the data, you can create a batch file running these commands:
az acr repository delete --yes --repository companionconnectclient_web --tag {TAG_NAME}
If you want to run multiple commands in a cmd
file, put & ^
between each command to have it continue after each one completes otherwise it will only do the first one. You can use & ^
at the end of newlines as well.
No, there is no such built-in task in VSTS, you can try scripting something to get around this limitation, but it probably wont be exactly straight forward, because there is no way to get the data you want inside the build itself, so you would have to query the VSTS api to get it.