christoph ender's

blog

wednesday the 27th of march, 2024

removal from private docker registry

It seems there's no easy way to remove tags / images from a private docker registry. It seems the most straightforward way is something like this:

rm-docker-img-tag.sh
#!/bin/bash

if [[ $# -lt 3 || $# -gt 4 ]]; then
  echo "Syntax: ${0} <registry-url> <name> <tag> [auth-name:auth-password]"
  exit 1
fi

REGISTRY=${1}
NAME=${2}
TAG=${3}
if [[ $# -eq 4 ]]; then AUTH_PARAMS="-u ${4}"; fi

DIGEST=$(
 curl \
  --silent \
  --head \
  -H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
  -o /dev/null \
  -w '%header{Docker-Content-Digest}' \
  ${AUTH_PARAMS} \
  "https://${REGISTRY}/v2/${NAME}/manifests/${TAG}")

curl \
  -X DELETE \
  ${AUTH_PARAMS} \
  --silent \
  --head \
  "https://${REGISTRY}/v2/${NAME}/manifests/${DIGEST}"

Before being able to delete anything, the registry's environment has to contain the following setting:

REGISTRY_STORAGE_DELETE_ENABLED=true

Once the script has been successfully run it's necessary to manually initiate the registry's garbage collection:

docker exec -it my-registry \
  bin/registry garbage-collect /etc/docker/registry/config.yml