Hello !

In your installation steps, you suggest to install this tool from Pypi.

However it does not seem to published there yet : https://pypi.org/project/artifactory-cleanup/

Do you plan on releasing it soon ? :)

Hi, I followed the existing rules in the codebase and created a rather convoluted one for my company's requirements. It's working quite well but I'd like to have an API that is documented and reasonably stable and some unit testing in place.

Is this a direction you're interested in for this project?

Hi Team,

Need your help!!! @allburov @jetersen @Tim55667757 @fishhead108 @Boltyk

I am trying to filter out artifacts which has retention-interval=forever.
I am using this rule rules.property_neq('retention-interval','forever')
however when I try to execute, the output provides artifacts which has the property value = retention-interval=forever. How do i filter out? These artifacts should not be deleted.

my reponame.py looks like this

from artifactory_cleanup import rules
from artifactory_cleanup.rules import CleanupPolicy

RULES = [

# ------ REPOS --------#
CleanupPolicy(
   'Show artifacts older than 300 days which can be deleted but not protected images',
    rules.repo('repo-name'),
    rules.delete_older_than(days=300),
    rules.property_neq('retention-interval','forever')
),

]

Hi Team,

We have few artifacts which we need to clean with below names
2018.11.0.7-SNAPSHOT
2019.02.0.1-local

When we tried to apply the rule (rules.include_filename('-SNAPSHOT'),
) in reponame.py. We are not getting any results, it shows the file count is 0.

Can someone help us here and let us know what is the pattern we need to follow.

We would like a feature request to have the output table to Json format.

The PrettyTable libraries can do it : https://pypi.org/project/prettytable/
If I have time, I would propose a PR

You could use TEAMCITY_VERSION to detect when running on teamcity.

Hi,

Would be great to be able to pass a list of repositories to a Repo rule for common cleaning rules
For example

  policies:
    - name: Remove all empty folders from [repo1, repo2, repo3, repo4]
      rules:
        - rule: Repo
          name:
            - repo1
            - repo2
            - repo3
            - repo4
        - rule: DeleteEmptyFolders

As of now, artifactory-cleanup search for a repository named [repo1, repo2, repo3, repo4]

artifactory-cleanup version : 1.0.1

********************************************************************************
Verbose MODE
Checking '['repo1', 'repo2', 'repo3', 'repo4']' repository exists.
404 Client Error:  for url: https://example.com/artifactory/api/storage/%5B'repo1',%20'repo2',%20'repo3',%20'repo4'%5D
The ['repo1', 'repo2', 'repo3', 'repo4'] repository does not exist

Thanks
Alex

using the example policy from README will fail if the trashcan is enabled for artifactory:

  policies:
    - name: Conan - delete empty folders (to fix the index)
      rules:
        - rule: Repo
          name: "conan-testing"
        - rule: DeleteEmptyFolders
        - rule: ExcludeFilename
          masks:
            - ".timestamp"
            - "index.json"

looks for me like: https://jfrog.atlassian.net/browse/RTFACT-11898 (but is already marked as resolved)

Checking 'ops-conan-dev-local' repository exists.
The ops-conan-dev-local repository exists.
Add AQL Filter - rule: Repo - Apply the policy to one repository.
Before AQL query: []
After AQL query: [{'repo': {'$eq': 'ops-conan-dev-local'}}]
Add AQL Filter - rule: DeleteEmptyFolders - Remove empty folders.
Before AQL query: [{'repo': {'$eq': 'ops-conan-dev-local'}}]
After AQL query: [{'repo': {'$eq': 'ops-conan-dev-local'}}, {'path': {'$match': '**'}, 'type': {'$eq': 'any'}}]
Add AQL Filter - rule: ExcludeFilename - Exclude artifacts by filename.
Before AQL query: [{'repo': {'$eq': 'ops-conan-dev-local'}}, {'path': {'$match': '**'}, 'type': {'$eq': 'any'}}]
After AQL query: [{'repo': {'$eq': 'ops-conan-dev-local'}}, {'path': {'$match': '**'}, 'type': {'$eq': 'any'}}, {'$and': [{'name': {'$nmatch': '.timestamp'}}, {'name': {'$nmatch': 'index.json'}}]}]
Add AQL Text - rule: Repo - Apply the policy to one repository.
Add AQL Text - rule: DeleteEmptyFolders - Remove empty folders.
Add AQL Text - rule: ExcludeFilename - Exclude artifacts by filename.
********************************************************************************
Result AQL Query:
items.find({"$and": [{"repo": {"$eq": "ops-conan-dev-local"}}, {"path": {"$match": "**"}, "type": {"$eq": "any"}}, {"$and": [{"name": {"$nmatch": ".timestamp"}}, {"name": {"$nmatch": "index.json"}}]}]}).include("*", "property", "stat")
********************************************************************************
Found 75638 artifacts
Filter artifacts - rule: Repo - Apply the policy to one repository.
Filter artifacts - rule: DeleteEmptyFolders - Remove empty folders.
Before count: 75638
After count: 6976
Filter artifacts - rule: ExcludeFilename - Exclude artifacts by filename.
Found 6976 artifacts AFTER filtering
DESTROY MODE - delete 'ops-conan-dev-local/Demo - 0B'
Traceback (most recent call last):
  File "/usr/local/bin/artifactory-cleanup", line 8, in <module>
    sys.exit(ArtifactoryCleanupCLI())
  File "/usr/local/lib/python3.8/dist-packages/plumbum/cli/application.py", line 177, in __new__
    return cls.run()
  File "/usr/local/lib/python3.8/dist-packages/plumbum/cli/application.py", line 634, in run
    retcode = inst.main(*tailargs)
  File "/usr/local/lib/python3.8/dist-packages/artifactory_cleanup/cli.py", line 164, in main
    for summary in cleanup.cleanup(
  File "/usr/local/lib/python3.8/dist-packages/artifactory_cleanup/artifactorycleanup.py", line 59, in cleanup
    policy.delete(artifact, destroy=self.destroy)
  File "/usr/local/lib/python3.8/dist-packages/artifactory_cleanup/rules/base.py", line 313, in delete
    r.raise_for_status()
  File "/usr/local/lib/python3.8/dist-packages/requests/models.py", line 941, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 404 Client Error:  for url: https://artifactory.mysecretdomain.de/artifactory/ops-conan-dev-local/Demo

the file is already in the trashcan. So something is not correct with the AQL, or the AQL itself is wrong.

I tried something like, but with no success:

        - rule: PropertyNeq
          property_key: module.artifact.item.repo
          property_value: auto-trashcan

It's reasonable to keep N last downloaded (or N last created) tags per image.

Hi,

Thanks a lot for this awesome tool!
I tried running it for our team's jfrog cloud artifactory (ybdb.jfrog.io). But the tool is adding /storage in between the url and the repo name.
e.g. if the repo name is yugabyte and the url for the repo is https://ybdb.jfrog.io/artifactory/yugabyte/ then the tool is trying to go the url https://ybdb.jfrog.io/artifactory/api/storage/yugabyte which doesn't exist. The error gets thrown is as below.

[bmukheja@devserver-bkumar-2 ~]$ artifactory-cleanup --destroy
********************************************************************************
Destroy MODE
Checking 'yugabyte' repository exists.
401 Client Error:  for url: https://ybdb.jfrog.io/artifactory/api/storage/yugabyte
The yugabyte repository does not exist!

Any help here?

Thank you for your awesome tool!

We would like to use it for cleaning up a conan repository.

When the conan client deploys a package, it uploads:

• conan_package.tgz

At the same time, the server side generates some metadata (see also conan-io/conan#8418)

• .timestamp
• index.json

When dowloading a conan package, it only downloads package.tar.gz, but not the additional meta files.

If I now run the rules.delete_not_used_since(days=60), rule on packages which were deployed before 60 days, but still regularly downloaded, it will delete the meta files, but keep the conan_package.tgz file. A conan package download does not trigger the download counter on the metadata files.

And this will invalidate the whole conan package (as also mentioned here jfrog/artifactory-user-plugins#319).

One solution would be to use rules.exclude_filename(['.timestamp', 'index.json']) (also suggested here jfrog/artifactory-user-plugins#399).
This would then only delete the package, but not the metadata. And therefore, the metadata is never cleaned up... So also not the perfect solution.

Do you have any suggestions how to handle this?
I guess to solve this we would need dedicated rules just for conan, similar to the docker rules?

There may also other package types affected by this (e.g., npm, pypi, conda, debian, ...), see also jfrog/artifactory-user-plugins#319 (comment)

Now the artifacts sort by path:
artifacts = sorted(artifacts, key=lambda x: x["path"])

I wonder if We can support custom sorting rules, such as:
artifacts = sorted(artifacts, key=lambda x: (x['path'], x['created']))

For example, the artifacts log4j-web sort by path as follows, 2.6.2 is at the end, but I want to let 2.6.2 at the first when I execute cleanup.
So I think sort by path and created will slove the problem.

Hi all,

When filtering by RepoByMask instead of Repo, multiple repositories could be selected.

In this case, the rule KeepLatestNFilesInFolder won't work properly because doesn't use the repository name for grouping the artifacts: https://github.com/devopshq/artifactory-cleanup/blob/master/artifactory_cleanup/rules/keep.py#L134

My proposal is to modify it to something like this:

        for artifact in result_artifact:
            path = '{repo}/{path}'.format(**artifact)
            artifacts_by_path[path].append(artifact)

It would be nice to add the repo name to this print too: https://github.com/devopshq/artifactory-cleanup/blob/master/artifactory_cleanup/rules/keep.py#L146

Thanks for this awesome tool!

Bug:

At the moment Kubernetes CronJobs are failing, due to missconfigured permissions for run.sh:

/bin/sh: 1: /app/docker/run.sh: Permission denied

Fix:

The permissions should be extended by +x.

Hi,

When I try to run the command artifactory-cleanup --help or artifactory-cleanup --user myuser --password mypassword --artifactory-server https://myrepo.com/artifactory --config myreponame.py have the following error.

Traceback (most recent call last):
  File "/home/ubuntu/.local/bin/artifactory-cleanup", line 5, in <module>
    from artifactory_cleanup.artifactorycleanup import ArtifactoryCleanupCLI
ImportError: cannot import name 'ArtifactoryCleanupCLI' from 'artifactory_cleanup.artifactorycleanup' (/home/ubuntu/.local/lib/python3.8/site-packages/artifactory_cleanup/artifactorycleanup.py)

I'm not sure if I miss something, could you help me with some advice?

Here is our local environment:

$ pip show artifactory-cleanup
Name: artifactory-cleanup
Version: 0.4.1
Summary: Rules and cleanup policies for Artifactory
Home-page: https://github.com/devopshq/artifactory-cleanup
Author: Alexey Burov
Author-email: [email protected]
License: MIT
Location: /home/ubuntu/.local/lib/python3.8/site-packages
Requires: attrs, dohq-artifactory, hurry.filesize, plumbum, prettytable, teamcity-messages, treelib
Required-by: 

$ python3 -V
Python 3.8.10

I want to useKeepLatestNVersionImagesByProperty as a safeguard to ensure that a few versions are always retained. I've been debugging the method and I'm still not sure what the intended behaviour is.

Assume the input is (with importance to the ordering):

result_artifact = [
    {"properties":{"docker.manifest":"0.1.100"},"path":"foobar/0.1.100"}, # refer to below as A
    {"properties":{"docker.manifest":"0.1.200"},"path":"foobar/0.1.200"}, # refer to below as B
    {"properties":{"docker.manifest":"0.1.99"},"path":"foobar/0.1.99"}    # refer to below as C
]

and that the rule has been called like so:

KeepLatestNVersionImagesByProperty(count=2, custom_regexp='(^ \d*\.\d*\.\d*.\d+$) ', number_of_digits_in_version=1)

The final result ends up being that nothing is deleted. I would have expected that A and B would have been filtered out and that C remains for potential deletion.

If I then alter this line (https://github.com/devopshq/artifactory-cleanup/blob/master/artifactory_cleanup/rules/docker.py#L183) from:

key = artifact["path"] + "/" + version_splitted[0]

to

key = artifact["path"].split("/")[0] + "/" + version_splitted[0]

then B and C are filtered out and A remains for potential deletion. This is because the three image versions are able to be grouped together. Previously, the version would be part of the grouping which seems incorrect to me. This still doesn't meet what I expect the result to be.

From here, it seems like the sorting isn't right (assuming what I said above is correct). https://github.com/devopshq/artifactory-cleanup/blob/master/artifactory_cleanup/rules/docker.py#L189

key=lambda x: [int(x) for x in x[0].split(".")]

Given a policy that looks like this:

image_list = [
    'image-a:*',
    'image-b:*'
]

RULES = [
    # ------ SPECIFIC IMAGES ORIGINATING FROM MASTER BRANCH --------
    CleanupPolicy(
       'Delete images older than 60 days',
        rules.include_docker_images(image_list),
        rules.delete_docker_images_not_used(days=60),
    )
]

the tool will find 0 matches as the underlying query ends up being:

items.find({"$and": [{"$and": [{"path": {"$match": "image-a/*"}}, {"path": {"$match": "image-b/*"}}]}, {"name": {"$match": "manifest.json"}, "$or": [{"stat.downloaded": {"$lte": "2022-06-20"}}, {"$and": [{"stat.downloads": {"$eq": null}}, {"created": {"$lte": "2022-06-20"}}]}]}]}).include("*", "property", "stat")

I guess the issue is here:

The following config fails with

Check failed for rule 'ExcludeDockerImages' in policy 'Remove docker images, but keep last 10':
check() missing 1 required positional argument: 'masks'

Relevant part of artifactory-cleanup.yaml

  policies:
    - name: Remove docker images, but keep last 10
      rules:
        # Select repo
        - rule: Repo
          name: docker-local
        # Keep these tags for all images
        - rule: ExcludeDockerImages
          masks:
            - "*:latest"
            - "*:release*"

When putting a repo name that is pathed "repo/my/folder" it's specifically not allowed in the init of Repo rules.
In the check function I can see a /api/storage/ request is made and that one works fine using a "/" repo path.
How is one supposed to clean up a sub folder then using this lib?

I tried to set the ARTIFACTORY_USER and ARTIFACTORY_PASSWORD env variables (per #9), but it won't run because it has mandatory = True. Maybe we need to change that somehow? I changed it to False for testing, but then there needs to be some other check added that ensures the value has been set one way or the other.

(.venv) [tmcneely@den3l1cliqa74077 artifactory-cleanup]$ export ARTIFACTORY_USER='tommy'
(.venv) [tmcneely@den3l1cliqa74077 artifactory-cleanup]$ export ARTIFACTORY_PASSWORD='NotMyPassword!'
(.venv) [tmcneely@den3l1cliqa74077 artifactory-cleanup]$ export ARTIFACTORY_SERVER='https://artifactory.company.com/artifactory'
(.venv) [tmcneely@den3l1cliqa74077 artifactory-cleanup]$ artifactory-cleanup --config artifactory-docker-rules.py 
Error: Switch --user is mandatory

Did I do it wrong?

Hi

I was trying to write some cleanup policies that make use of the multiple path feature, but it does not seem to work with the latest Artifactory version

Artifactory version : 7.41.12 rev 74112900
Artifactory-cleanup version : 0.4.2

Be aware that I ofuscated repo, microservice and url of our Artifactory

Cleanup Policies

from artifactory_cleanup import rules
from artifactory_cleanup import CleanupPolicy
RULES = [
  CleanupPolicy(
  'Test',
  rules.Repo('npm-release-local'),
  rules.IncludePath(['*@scope/microservice*', '*microservice*']),
  rules.IncludeFilename('*-test*'),
  rules.KeepLatestNFiles(count=5),
  ),
]

Output

********************************************************************************
Verbose MODE
Simulating cleanup actions that will occur on 2022-09-13
Add AQL Filter - rule: Repo - Apply the rule to one repository.
Get from npm-release-local
Checking the existence of the npm-release-local repository
The npm-release-local repository exists
Add AQL Filter - rule: IncludePath - Apply to artifacts by path / mask.
Add AQL Filter - rule: IncludeFilename - Apply to artifacts by name/mask.
Add AQL Filter - rule: KeepLatestNFiles - Leaves the last (by creation time) files in the amount of N pieces. WITHOUT accounting subfolders
********************************************************************************
AQL Query:
Add AQL Text - rule: Repo - Apply the rule to one repository.
Add AQL Text - rule: IncludePath - Apply to artifacts by path / mask.
Add AQL Text - rule: IncludeFilename - Apply to artifacts by name/mask.
Add AQL Text - rule: KeepLatestNFiles - Leaves the last (by creation time) files in the amount of N pieces. WITHOUT accounting subfolders
Before AQL text: items.find({"$and": [{"repo": {"$eq": "npm-release-local"}}, {"path": {"$match": ["*@scope/microservice*", "*microservice*"]}}, {"name": {"$match": "*-test*"}}]}).include("*", "property", "stat")
After AQL text: items.find({"$and": [{"repo": {"$eq": "npm-release-local"}}, {"path": {"$match": ["*@scope/microservice*", "*microservice*"]}}, {"name": {"$match": "*-test*"}}]}).include("*", "property", "stat").sort({"$asc" : ["created"]})

items.find({"$and": [{"repo": {"$eq": "npm-release-local"}}, {"path": {"$match": ["*@scope/microservice*", "*microservice*"]}}, {"name": {"$match": "*-test*"}}]}).include("*", "property", "stat").sort({"$asc" : ["created"]})
********************************************************************************
Add AQL Text - rule: Repo - Apply the rule to one repository.
Add AQL Text - rule: IncludePath - Apply to artifacts by path / mask.
Add AQL Text - rule: IncludeFilename - Apply to artifacts by name/mask.
Add AQL Text - rule: KeepLatestNFiles - Leaves the last (by creation time) files in the amount of N pieces. WITHOUT accounting subfolders
Before AQL text: items.find({"$and": [{"repo": {"$eq": "npm-release-local"}}, {"path": {"$match": ["*@scope/microservice*", "*microservice*"]}}, {"name": {"$match": "*-test*"}}]}).include("*", "property", "stat")
After AQL text: items.find({"$and": [{"repo": {"$eq": "npm-release-local"}}, {"path": {"$match": ["*@scope/microservice*", "*microservice*"]}}, {"name": {"$match": "*-test*"}}]}).include("*", "property", "stat").sort({"$asc" : ["created"]})

Traceback (most recent call last):
  File "/home/alex/.local/bin/artifactory-cleanup", line 8, in <module>
    sys.exit(ArtifactoryCleanupCLI())
  File "/home/alex/.local/lib/python3.10/site-packages/plumbum/cli/application.py", line 178, in __new__
    return cls.run()
  File "/home/alex/.local/lib/python3.10/site-packages/plumbum/cli/application.py", line 624, in run
    retcode = inst.main(*tailargs)
  File "/home/alex/.local/lib/python3.10/site-packages/artifactory_cleanup/cli.py", line 114, in main
    for summary in cleanup.cleanup(
  File "/home/alex/.local/lib/python3.10/site-packages/artifactory_cleanup/artifactorycleanup.py", line 54, in cleanup
    artifacts = policy.get_artifacts()
  File "/home/alex/.local/lib/python3.10/site-packages/artifactory_cleanup/rules/base.py", line 214, in get_artifacts
    r.raise_for_status()
  File "/usr/lib/python3.10/site-packages/requests/models.py", line 1021, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error:  for url: https://selfhosted.artifactory.com/artifactory/api/search/aql

And taking a look into our Artifactory logs we get this

2022-09-13T16:49:56.667Z [jfrt ] [ERROR] [247cfbc55f7e33d4] [o.a.r.r.a.AqlResource:101     ] [ttp-nio-8081-exec-26] - Fail to execute query: items.find({"$and": [{"repo": {"$eq": "npm-release-local"}}, 
{"path": {"$match": ["*@scoped/microservice*", "*microservice*"]}}, {"name": {"$match": "*-test*"}}]}).include("*", "property", "stat").sort({"$asc" : ["created"]}): 

Failed to parse query: items.find({"$and": [{"repo": {"$eq": "npm-release-local"}}, {"path": {"$match": ["*@scoped/microservice*", "*microservice*"]}}, {"name": {"$match": "*-test*"}}]}).include("*", "property", "stat").sort({"$asc" : ["created"]}), 
it looks like there is syntax error near the following sub-query: ["*@scoped/microservice*", "*microservice*"]}}, {"name": {"$match": "*-test*"}}]}).include("*", "property", "stat").sort({"$asc" : ["created"]})

We get the same error trying to use multiple items in IncludeFilename , if we write two separated cleanup policies they work just fine

Thanks
Alex

Problem Explanation

I have been looking into the KeepLatestVersionNFilesInFolder to clean up our docker images as we want to keep N highest versions. I think I found an issue with this rule in the filter function. I tested this with both a docker registry and maven repository in artifactory.

What I am seeing is that when the regex is set to something that will find my version numbers (default won't work for me), is that the run explodes with the following error --

Traceback (most recent call last):
  File "/usr/local/bin/artifactory-cleanup", line 8, in <module>
    sys.exit(ArtifactoryCleanupCLI())
  File "/usr/local/lib/python3.9/site-packages/plumbum/cli/application.py", line 178, in __new__
    return cls.run()
  File "/usr/local/lib/python3.9/site-packages/plumbum/cli/application.py", line 624, in run
    retcode = inst.main(*tailargs)
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/cli.py", line 121, in main
    for summary in cleanup.cleanup(
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/artifactorycleanup.py", line 53, in cleanup
    artifacts_to_remove = policy.filter(artifacts)
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/rules/base.py", line 284, in filter
    artifacts = rule.filter(artifacts)
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/rules/keep.py", line 181, in filter
    artifacts.keep(good_artifacts)
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/rules/base.py", line 32, in keep
    return self.remove(artifacts)
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/rules/base.py", line 42, in remove
    print(f"Filter package {artifact['path']}/{artifact['name']}")
TypeError: list indices must be integers or slices, not str

Looks like a value being sent to keep from filter is not matching the expected object type.

Debugging

Looking at the code artifactory_cleanup/rules/keep.py#L140 I see that good_artifacts is being used as an argument for artifacts.keep.

Looking into how that variables value gets set it comes from artifacts_by_path_and_name.values(). Which is appended to artifacts_by_path_and_name[key].append(artifactory_with_version) in the for loop over the artifacts provided to the filter. That is where I noticed that artifactory_with_version = [version_str, artifact] is an array with a string and dictionary values.

That means that artifacts_by_path_and_name.values() returns an array of arrays with values of ['String', 'Dict']. For example --

[ [ 'Version', { ArtifactDict } ], [ 'Version', { ArtifactDict } ] ]

Based on what I can tell the keep function is expecting to take in either an Artifact Dictionary i.e. {ArtifactDict} or an array of Artifact Dictionaries i.e. [ { ArtifactDict } ]. So passing it an array like the one above causes it to error out.

Potential fix

I believe fixed by pulling the Artifact Dictionary out of the result of artifactory_with_version[good_artifact_count:] and then calling keep with that value.

Something like --

# Replacement for https://github.com/devopshq/artifactory-cleanup/blob/master/artifactory_cleanup/rules/keep.py#L180
            good_sets = artifactory_with_version[good_artifact_count:]
  
            good_artifacts = []
  
            for good_set in good_sets:
              good_artifacts.append(good_set[1])

I am more than happy to put in a PR but wanted to submit an issue here first to see if I am missing something before doing so.

Hi,

I have the plugin installed in our Artifactory server and when I run the curl command, I see the script won't return back to prompt and northing seems to be executing. Please advise

curl POST -X -v -user admin:password "http://localhost:8081/artifactory/api/plugins/execute/cleanup?params=timeUnit=month;timeInterval=1;repos=testbuilder-maven-dev-local;dryRun=true;paceTimeMS=2000;disablePropertiesSupport=true"

Getting error:

Invoke-WebRequest : A parameter cannot be found that matches parameter name 'X'.

At line:1 char:6

• curl -X POST -v -user admin:password "http://localhost:8082/artifacto ...

•  ~~
  

  • CategoryInfo : InvalidArgument: (:) [Invoke-WebRequest], ParameterBindingException

  • FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

when i remove -X in command i'm hgetting this error

Invoke-WebRequest : A positional parameter cannot be found that accepts argument 'http://localhost:8081/artifactory/api/plugins/execute/cleanup?params=timeUnit=month;timeInterval=1;repos=test

builder-maven-dev-local;dryRun=true;paceTimeMS=2000;disablePropertiesSupport=true'.

At line:1 char:1

• curl POST -v -user admin:password "http://localhost:8081/artifactory/ ...

• 
    + CategoryInfo          : InvalidArgument: (:) [Invoke-WebRequest], ParameterBindingException
  
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
  
  
  

It seems that its working when only one image is involved. When I include multiple images, it only seems to apply the logic to one of the images:

My policy looks like this:

- name: my-policy
      rules:
        - rule: Repo
          name: "my-repo"
        - rule: IncludeDockerImages
          masks:
            - "my-image-1:*"
            - "my-image-2:*"
        - rule: DeleteDockerImagesNotUsed
          days: 60
        - rule: KeepLatestNVersionImagesByProperty
          count: 2
          number_of_digits_in_version: 1

Both images have not been used for more than 60 days. Running with either image alone results in the two latest image versions being filtered out as expected.

Originally posted by @kenny-monster in #60 (comment)

Hello! Thank you for your hard work on this tool!
I have a question regarding RepoList, i can't seem to get it to work unlike the normal Repo & Name rule.

The instructions read as follow:

- rule: RepoList
  repos:
    - repo1
    - repo2
    - repo3

my code reads as follows:

      - rule: RepoList
          repos: 
            - repo1
            - repo2
        - rule: DeleteEmptyFolders

And i am getting the following error:

'NoneType' object has no attribute 'get'

When cleaning images, it is possible to use the option KeepLatestNFiles. But this will look at docker tags, and not docker images.

Example:

If you got 3 images, both tagged with 2 tags each, so in total, you got 6 tags. If you run artifactory-cleanup with KeepLatestNFiles count=2 you may end up in the situation that you only have a single image left (with 2 tags), because each tag is counted as a file.

Proposal:

What I propose is an option, KeepLatestNImages, that only looks at the image digest, and for those images that are older, it will delete all tags. So in the example above you will be left with 2 images (still with 2 tags each, 4 in total).

Hi, I'm new to this artifactory,
I'm using windows os and when I try to run the command it shows
artifactory-cleanup: The term 'artifactory-cleanup' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Plz help me

To enhance the developer experience and facilitate validation of config in CI/CD pipelines, it would have been nice if it were a JSON Schema to validate the config against. Given a schema, the config file could be validated with e.g. yajsv:

yajsv -s artifactory-cleanup-schema.yaml artifactory-cleanup.yaml

Users of VSCode with the YAML extension (or IntelliJ users natively) could have added this at the top of their config to get auto-complete and documentation:

# yaml-language-server: $schema=https://raw.githubusercontent.com/devopshq/artifactory-cleanup/master/artifactory-cleanup-schema.yaml

(see blog-post about this extension for more info)

---
"$schema": http://json-schema.org/draft-07/schema#
type: object
properties:
  artifactory-cleanup:
    type: object
    properties:
      server:
        type: string
        format: uri
      user:
        type: string
      password:
        type: string
      policies:
        type: array
        items:
          type: object
          properties:
            name:
              type: string
            rules:
              type: array
              description:
                See all rules in
                https://github.com/devopshq/artifactory-cleanup#rules
              items:
                type: object
                properties:
                  rule:
                    type: string
                  name:
                    type: string
                  days:
                    type: integer
                  count:
                    type: integer
                  property_key:
                    type:
                      - integer
                      - string
                  property_value:
                    type:
                      - integer
                      - string
                  custom_regexp:
                    type: string
                  masks:
                    type: array
                    items:
                      type: string
                required:
                  - rule
                additionalProperties: true
          required:
            - name
            - rules
    required:
      - server
      - user
      - password
      - policies
required:
  - artifactory-cleanup

We have been trying to use the artifactory_cleanup tool to cleanup our docker images repo (which is admittedly a whole street of dumpster fires). We needed to develop the ability to filter based on presence of a specific set of properties (docker labels), so we were looking deep into the code. We were trying to figure out what is taking soo long after the "filter results" log entry. We finally found it was the _collect_docker_size method, specifically this "N*M: loop:

We are working on optimizations for this, but if anyone has ideas (we are not super-awesome python devs) for optimizing that process, we would be grateful.

Stats:

• Our "real" docker repo has ~100,000 docker images and the size of the "artifacts_list" is ~1.5M entries. It has been running for over 19 hours and has not finished processing yet.
• It takes several minutes to process our "test-docker" repo with only 5,000 images and ~100K layers.
• If you want to apply more than one filter, such as "last downloaded over 30 days ago" and "property value contains" .. it runs the collect size twice (this should be fairly easy to fix)...

Ostensibly, this is just for "show" anyhow, for the "table" at the end. We may start by making the calculate size optional.

~tommy

like described here, artifactory deletes maven-metadata.xml automatically after the .pom file was delete.

The cleanup tool tries to delete maven-metadata.xml afterwards, and fails with 404 because its missing.

DESTROY MODE - delete 'my_artifact/maven-metadata.xml - 833B'
    sys.exit(ArtifactoryCleanupCLI())
  File "/usr/local/lib/python3.9/site-packages/plumbum/cli/application.py", line 177, in __new__
    return cls.run()
  File "/usr/local/lib/python3.9/site-packages/plumbum/cli/application.py", line 634, in run
    retcode = inst.main(*tailargs)
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/cli.py", line 121, in main
    for summary in cleanup.cleanup(
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/artifactorycleanup.py", line 59, in cleanup
    policy.delete(artifact, destroy=self.destroy)
  File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/rules/base.py", line 313, in delete
    r.raise_for_status()
  File "/usr/local/lib/python3.9/site-packages/requests/models.py", line 1021, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 404 Client Error:  for url: https://artifactory-url/artifactory/my_artifact/maven-metadata.xml

Now, as I understand, although I may be mistaken, I ask you to correct me in this case, when specifying several rules, they work on the intersection (logical "and"), for example "DeleteNotUsedSince" and "DeleteOlderThanNDaysWithoutDownloads", it will take the intersection, although logically I would like to do a union (logical "or") here.

I don't know, maybe there is a workaround for this, I didn't think of something, divide it into two identical stages - it's very inconvenient in the debug, because it checks the same files 2 times and deletes them 2 times.

instead of passing server via artifactory server or even username and password from cli.

allow me to write in the config file. Perhaps even allow me to provide username and password via environment variables?

Running an aql query to get all items is very slow on large repositories. I also use object storage for the binary store which likely contributes to slower queries.

Example rule combination that I'm trying to use:

    - name: Example
      rules:
        - rule: Repo
          name: "docker"
        - rule: IncludePath
          masks: "app/*"
        - rule: DeleteDockerImagesOlderThan
          days: 14

I tested replacing this line with args = ["items.find", {"$or": [{'path': {'$match': 'app/*'}}]}] and it is significantly faster while retaining the size info.

Happy to attempt to contribute a fix. I thought about two potential options; disabling getting the size or accepting a mask on DeleteDockerImagesOlderThan.

currently config is marked as mandatory

artifactory-cleanup --remove-empty-folder --username user --password password --artifactory-server https://repo.example.com/artifactory

Hi guys,

is it possible to trigger the Pypi publish pipeline only when a new Release is created?
That way we could make sure to only release to pypi when a new release is created.
Therefore we could add multiple features (aka PRs to master) within one release and only published the finished thing.

If someone deployed artifacts or pushed docker images several days ago and nobody download or pulled them till now, these kind of artifacts and docker images can be deleted.

CleanupPolicy(
    'Delete artifacts that are older than 30 days but never been downloaded',
    rules.repo('team-technology-maturity-locator'),
    rules.delete_older_than_n_days_without_downloads(days=30),
),
CleanupPolicy(
    'Delete images that are older than 30 days but never been downloaded',
    rules.repo('team-docker-maturity-locator'),
    rules.delete_docker_images_older_than_n_days_without_downloads(days=30),
)

need a way to add custom certificates.

Using "devopshq/artifactory-cleanup:latest" docker image i get 404 error.

Command:

artifactory-cleanup --destroy --user admin --password SOME_ASSWORD --artifactory-server https://SOME_URL --config rules.py

Output:

Filter artifacts - rule: repo - Apply the rule to one repository.
Filter artifacts - rule: exclude_docker_images - Exclude Docker images by name and tags.
Filter artifacts - rule: delete_docker_images_not_used - Removes Docker image not downloaded days days
Found 1534 artifacts AFTER filtering
DESTROY MODE - delete docker-local/SOME_IMAGE
Traceback (most recent call last):
File "/usr/local/bin/artifactory-cleanup", line 8, in
sys.exit(ArtifactoryCleanup())
File "/usr/local/lib/python3.9/site-packages/plumbum/cli/application.py", line 178, in new
return cls.run()
File "/usr/local/lib/python3.9/site-packages/plumbum/cli/application.py", line 624, in run
retcode = inst.main(*tailargs)
File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/artifactorycleanup.py", line 179, in main
cleanup_rule.delete(artifact, destroy=self._destroy)
File "/usr/local/lib/python3.9/site-packages/artifactory_cleanup/rules/base.py", line 208, in delete
r.raise_for_status()
File "/usr/local/lib/python3.9/site-packages/requests/models.py", line 960, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 404 Client Error: Not Found for url: https://SOME_URL/docker-local/SOME_IMAGE

Engineers who support Artifactory sometimes don't know python but almost everyone is familiar with YAML.

Right now artifactory-cleanup import rules only from YAML, but I think the library is used limited because it requires a bit of knowing how to write python script and be familiar with its syntax.

For me, if I find a useful tool in different language and it's configurable via YAML \ JSON \ TOML - it's fine for me, I use it.
But if I find a tool that requires me to write a few lines of Ruby code to configure it - I'll think twice and try to find another solution.

The basic idea why we used python at the very first step - it gives a lot of comfort for people who know python - IDE suggestions, highlight and flexible mechanism to import from different files

I think we should move our configuration to YAML format, as follow

artifactory-cleanup.yaml (can be changed in CLI)

artifactory-cleanup:
  server: https://repo.example.com/artifactory
  # $VAR is auto populated from environment variables
  user: $ARTIFACTORY_USERNAME
  password: $ARTIFACTORY_PASSWORD

  policies:
    - name: Remove all .tmp files older than 7 days
      rules:
        - rule: RepoByMask
          mask: "*.tmp"
        - rule: DeleteOlderThan
          days: 7

    - name: My Docker Cleanup Policies
      rules:
        - rule: RepoByMask
          mask: "docker-*-tmp"
        - rule: DeleteOlderThan
          days: 7

    - name: My Docker Cleanup Policies
      rules:
        - rule: RepoByMask
          mask: "docker-*-tmp"
        - rule: ExcludeDockerImages
          masks:
            - '*:latest'
            - '*:release*'
        - rule: DeleteOlderThan
          days: 7

Hi All, @allburov @jetersen @Tim55667757

How do we tag something so that it has “forever” retention? We need to flag every artifact, recursively. I.e. flag the Helm charts, and corresponding Docker containers, and corresponding jar/war/ear files.

Looking for a way to set retention period in JFrog antifactory, which will remove SNAPSHOT versions older than 100 days.

If any teams need particular files need to be keep in artifactory for ever, need to exclude some path alone in that repo from retention policy and other directories should be removed as per the retention policy.

When trying to clean a repository's docker images filtering by their last download date, an error occurs that indicates of non-standard dict usage

It seems that a dict containing other dicts as key are being inserted into a list, which is not possible since dicts are not hashable and therefore not key-suitable.

I will create a pull request which implements a fix updating the filter list properly.

Thank you for developing this wonderful tool, it has been very useful.
Having said that, i am having some issues getting some of the docker rules to work.

For example, my yaml file looks like this:

artifactory-cleanup:
  server: $SERVER
  user: $USER
  password: $PASS

  policies:
     - name: Test
       rules:
         - rule: RepoList
           repos:
             - docker-repo
         - rule: KeepLatestNVersionImagesByProperty
           count: 2

and im getting the following error after the result queries:

********************************************************************************
Found 1457 artifacts
Filter artifacts - rule: RepoList - Apply the policy to a list of repositories.
Filter artifacts - rule: KeepLatestNVersionImagesByProperty - Leaves ``count`` Docker images with the same major.
Traceback (most recent call last):
  File "/Users/nferrovia/Library/Python/3.8/bin/artifactory-cleanup", line 8, in <module>
    sys.exit(ArtifactoryCleanupCLI())
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/plumbum/cli/application.py", line 177, in __new__
    return cls.run()
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/plumbum/cli/application.py", line 634, in run
    retcode = inst.main(*tailargs)
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/artifactory_cleanup/cli.py", line 121, in main
    for summary in cleanup.cleanup(
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/artifactory_cleanup/artifactorycleanup.py", line 53, in cleanup
    artifacts_to_remove = policy.filter(artifacts)
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/artifactory_cleanup/rules/base.py", line 284, in filter
    artifacts = rule.filter(artifacts)
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/artifactory_cleanup/rules/docker.py", line 235, in filter
    grouped = pydash.group_by(artifacts, iteratee=_groupby)
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/pydash/collections.py", line 397, in group_by
    key = cbk(value)
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/artifactory_cleanup/rules/docker.py", line 232, in _groupby
    return self.get_version(artifact)[: self.number_of_digits_in_version]
  File "/Users/nferrovia/Library/Python/3.9/lib/python/site-packages/artifactory_cleanup/rules/docker.py", line 222, in get_version
    raise ValueError(f"Can not find version in '{artifact}'")
ValueError: Can not find version in '{'repo': ............

the error leads me to believe it is some mistake on my part defining the versions, but im not sure what im doing wrong.
Our Artifactory directory looks like this:

Artifactory
     docker-repo
           microservice1
                  v2.31.0 (dockerimage)
                        manifest.json
                        layer1
                        layer2
                        layer....
                  v2.32.0
                       ....
                       ....
                  v2.....
           microservice2
           microservice....
     other-repo1
     other-repo2

It help me a lot if i could get some guidance regarding the proper syntax! ty.

I'm not sure if it's a bug or I misunderstand how the program works, but with the policy written this way, the oldest artifacts are kept and not the newest ones.

This is my example:

  policies:
    - name: example-name
      rules:
        - rule: Repo
          name: example-repo
        - rule: DeleteDockerImagesNotUsed
          days: 200       
        - rule: KeepLatestNFiles
          count: 15
        - rule: KeepLatestNFilesInFolder
          count: 10
        - rule: ExcludeDockerImages
          masks:
            - "*:latest"
            - "*:release*"

Hi,
I appreciate you have created a great project. It satisfies our cleanup requirement.

Do we have a plan to upload this package to Pypi?

Here is one scenario.
A remote repository Pypi is set up in Artifactory.
I'd like to install this package in internal network.

I know we could workaround in many ways, like packaging it in Container or uploading it in local repository.

I'm wondering if I may not be able to use this tool due to our versioning scheme. Each repo has a "Packages" subfolder that I'm including, but then also has 30+ different file names in each. I've written the equivalent number of rules for each repo, e.g.:

        - rule: KeepLatestVersionNFilesInFolder
          count: 2
          custom_regexp: "bootstrap-gui-([\d]+\.[\d]+\-[\d]+).*\.rpm"
        - rule: KeepLatestVersionNFilesInFolder
          count: 2
          custom_regexp: "bootstrap-influxdb-([\d]+\.[\d]+\-[\d]+).*\.rpm"
        - rule: KeepLatestVersionNFilesInFolder
          count: 2
          custom_regexp: "bootstrap-ingest-([\d]+\.[\d]+\-[\d]+).*\.rpm"
        - rule: KeepLatestVersionNFilesInFolder
          count: 2

etc & so forth, to cover each of the different file names. However, when I attempt to run the cleanup, the script gives me the error:

ValueError: invalid literal for int() with base 10: '6-4'

I have tested each individual regex, to make sure that they do match the version numbers for each file name. I'm pretty sure I'm just not formatting it correctly for what the script expects. I'm guessing that maybe the rule separates the digits by dots? Which won't work for us, since our last digit is separated by a dash?

Any guidance would be appreciated.

It would be interesting if there was the possibility of using regex when configuring a rule in the artifactory-cleanup.yaml file, as in the example below:

 - rule: IncludeFilename
  masks: 
   - "*/production-[0-9]+"
   - "*.develop-[0-9]+"

That way I believe you would have more control over what you want to look for in a repository.

I miss the directory docs/RULES with the Available Rules in the master branch. Is this a bug or a feature? ;-)

Thank you for your awesome tool!

Hi @allburov

Currently, the 'remove-empty-folder' feature depends on the artifactory-user-plugins

Would it be possible to implement this feature in this project and remove the post request in delete?

If this feature is valuable, feel free to assign this task to me.