Skip to content

Instantly share code, notes, and snippets.

@PierreBeucher
Created August 4, 2023 16:06
Show Gist options
  • Save PierreBeucher/6dc1638c34b297c02e54252c488f2e8d to your computer and use it in GitHub Desktop.
Save PierreBeucher/6dc1638c34b297c02e54252c488f2e8d to your computer and use it in GitHub Desktop.
Manage GitLab Container Registry garbage collection in read-only mode
#!/bin/sh
#
# GitLab Container Registry garbage collector script
# you can configure with cron jobs to run garbage collection nightly
#
# Usage:
#
# - Update your /etc/gitlab/gitlab.rb to add 'REGISTRY-STORAGE-READONLY-ENABLE-MARKER' marker
# as comment on registry config so that script can automatically update it
#
# registry['storage'] = {
# 'maintenance' => {
# 'readonly' => {
# 'enabled' => false # REGISTRY-STORAGE-READONLY-ENABLE-MARKER
# }
# }
# }
#
# - Copy this script at /usr/local/sbin/gitlab-registry-garbage-collect.sh
# - Create cron jobs:
#
# # Start garbage collect at night
# 0 23 * * * /usr/local/sbin/gitlab-registry-garbage-collect.sh start
# # Stop garbage collect in the morning
# 0 6 * * * /usr/local/sbin/gitlab-registry-garbage-collect.sh stop
#
# On start:
# - Updates /etc/gitlab/gitlab.rb and reconfigure GitLab instance with Container Registry in read-only mode
# - Start garbage collection in the background and keep PID of process in a temporary file
#
# On stop:
# - Kill garbage collection process using PID file created on start
# - Updates /etc/gitlab/gitlab.rb and reconfigure GitLab instance with Container Registry without read-only mode
#
# Logs and PID file are stored under /tmp/gitlab-registry-garbage-collect by default, override with CLEANUP_WORKDIR var
#
# Ensure cleanup workdir exists
CLEANUP_WORKDIR="${CLEANUP_WORKDIR:-/tmp/gitlab-registry-garbage-collect}"
PID_FILE="$CLEANUP_WORKDIR/cleanup.pid"
mkdir -p $CLEANUP_WORKDIR
cleanup_start(){
gitlab_registry_readonly "true"
/opt/gitlab/embedded/bin/registry garbage-collect -m /var/opt/gitlab/registry/config.yml > $CLEANUP_WORKDIR/cleanup.log 2>&1 &
echo $! > $PID_FILE
}
cleanup_stop() {
if [ -f $PID_FILE ]; then
echo "Killing cleanup process $(cat $PID_FILE)"
kill "$(cat $PID_FILE)"
rm "$PID_FILE"
else
echo "No PID file found at $PID_FILE. Is cleanup running?"
fi
gitlab_registry_readonly "false"
}
# Enable/disable Gitlab registry read-only mode
gitlab_registry_readonly() {
echo "Setting GitLab Registry read-only: $1"
sed -i -r "s/(^.*'enabled').*# REGISTRY-STORAGE-READONLY-ENABLE-MARKER/\1 => $1 # REGISTRY-STORAGE-READONLY-ENABLE-MARKER/g" /etc/gitlab/gitlab.rb
echo "Running gitlab-ctl reconfigure. May take a few seconds... "
echo "If needed see logs at $CLEANUP_WORKDIR/gitlab-reconfigure.log"
gitlab-ctl reconfigure > $CLEANUP_WORKDIR/gitlab-reconfigure.log 2>&1
if [ $? -ne 0 ]; then
echo "gitlab-ctl reconfigure failed. Check logs at $CLEANUP_WORKDIR/gitlab-reconfigure.log."
exit 2
fi
}
help(){
echo "Run GitLab Registry cleanup in read-only mode."
echo "Detailed execution logs are saved under $CLEANUP_WORKDIR/*.log."
echo
echo "Usage:"
echo
echo "$0 start"
echo "$0 stop"
echo "$0 help"
}
case "$1" in
"start") cleanup_start;;
"stop") cleanup_stop;;
"help") help;;
"--help") help;;
*) echo "Unknwon argument $1." && help && exit 1
esac
echo "Done !"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment