This article describes how to use and what is the benefit of AQUA clean up feature.
You can configure Aqua to automatically remove the oldest images from the repositories configured in Aqua. This has two benefits:
- Force users to use more recent images
- Improve the performance of Aqua scanners by reducing the number of images to be scanned.
- Images removed from registry will not be scanned again.
The actual images will not be deleted, either from the registry or from the host on which they are located.
You can configure the maximum number of images to keep in your repositories.
If adding an image to a repository exceeds the threshold, Aqua will automatically remove the oldest image.
- In the Aqua UI: Navigate to Settings > Cleanup.
- Check "Remove the oldest images in each repository".
- Set the maximum number of images to keep in an individual repository based on your needs (10 in the example given).
- Click Save in the upper right corner of the screen.
These settings are applied to all repositories on the Aqua Server.
1) The Global image cleanup do not work with the images auto pulled from registries.
“Autopull will not clean image which are added by other flow , It will only delete images which are added by autopull.”
While deleting it check if image has active workload running. If yes, then it will not delete that image.
2) The auto pulled images from registries will only be deleted if there is a criteria to match.
3) This cleanup will not delete any image on repositories that have been added by any other way than the auto pull.
Another option to Delete repositories can be done from with In the Aqua UI:
Click the menu icon for the repository, on the right, and select Delete Repository. All images in the repository will be unregistered from Aqua.