以下是一个用于删除 Harbor 镜像仓库中旧镜像的 Python 脚本,保留每个应用最近的10个镜像,其余镜像将被删除。
import requests
import json
from datetime import datetime, timedelta
# 配置项
HARBOR_URL = 'https://harbor.example.com'
HARBOR_USERNAME = 'admin'
HARBOR_PASSWORD = 'password'
KEEP_NUM = 10 # 保留最近的10个镜像
def get_auth_token():
# 获取授权 Token
login_url = f'{HARBOR_URL}/c/login'
login_data = {
'principal': HARBOR_USERNAME,
'password': HARBOR_PASSWORD
}
resp = requests.post(login_url, json=login_data, verify=False)
resp.raise_for_status()
token = resp.headers.get('Authorization')
return token
def get_all_repos():
# 获取所有镜像仓库
repos_url = f'{HARBOR_URL}/api/repositories'
headers = {
'Authorization': get_auth_token()
}
resp = requests.get(repos_url, headers=headers, verify=False)
resp.raise_for_status()
repos = json.loads(resp.text)
return repos
def get_image_tags(repo_name):
# 获取指定仓库中所有镜像的标签
tags_url = f'{HARBOR_URL}/api/repositories/{repo_name}/tags'
headers = {
'Authorization': get_auth_token()
}
resp = requests.get(tags_url, headers=headers, verify=False)
resp.raise_for_status()
tags = json.loads(resp.text)
return tags
def delete_image(repo_name, tag_name):
# 删除指定镜像
delete_url = f'{HARBOR_URL}/api/repositories/{repo_name}/tags/{tag_name}'
headers = {
'Authorization': get_auth_token()
}
resp = requests.delete(delete_url, headers=headers, verify=False)
resp.raise_for_status()
def delete_old_images():
# 删除所有应用中的旧镜像,保留最近的10个镜像
repos = get_all_repos()
for repo in repos:
if repo['project_name'] == 'library': # 不删除系统自带的镜像
continue
repo_name = repo['name']
tags = get_image_tags(repo_name)
tag_list = []
for tag in tags:
tag_time = datetime.strptime(tag['created'], '%Y-%m-%dT%H:%M:%S.%fZ')
tag_list.append((tag['name'], tag_time))
tag_list.sort(key=lambda x: x[1], reverse=True)
for i in range(KEEP_NUM, len(tag_list)):
tag_name = tag_list[i][0]
delete_image(repo_name, tag_name)
print(f'{repo_name}:{tag_name} 已删除')
if __name__ == '__main__':
delete_old_images()