Giters

yuzutech / kroki

Creates diagrams from textual descriptions!

Home Page:https://kroki.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Kroki Container Not Removing old Packages.

Festo-Nitin opened this issue · comments

commented

We seen that there are multiple versions of some packages in docker container are available, there are some stale packages also there,
it causing notification from security team for vulnerability for unused packages.

Seel list below

[root@server packages]# pwd
/app/gitlabalm/gitlab/data/gitlab-rails/shared/packages
[root@server packages]# find . -name catalog-backend* | grep logistics | grep -e .war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6226/catalog-backend-2.2.2-logistics-20230127.132317-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6670/catalog-backend-2.2.2-logistics-20230213.101426-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6232/catalog-backend-2.2.2-logistics-20230127.132317-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6834/catalog-backend-2.2.2-logistics-20230215.150142-11.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6320/catalog-backend-2.2.2-logistics-20230131.112647-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6664/catalog-backend-2.2.2-logistics-20230213.101426-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6828/catalog-backend-2.2.2-logistics-20230215.150142-11.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6476/catalog-backend-2.2.2-logistics-20230206.100547-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6326/catalog-backend-2.2.2-logistics-20230131.112647-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6544/catalog-backend-2.2.2-logistics-20230207.095304-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6470/catalog-backend-2.2.2-logistics-20230206.100547-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6553/catalog-backend-2.2.2-logistics-20230207.095304-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3535/catalog-backend-2.1.55-logistics-20221021.082602-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3568/catalog-backend-2.1.55-logistics-20221021.101150-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3589/catalog-backend-2.1.55-logistics-20221021.114019-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3559/catalog-backend-2.1.55-logistics-20221021.101150-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3184/catalog-backend-2.1.55-logistics-20221017.092357-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3553/catalog-backend-2.1.55-logistics-20221021.084448-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3175/catalog-backend-2.1.55-logistics-20221017.092357-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3595/catalog-backend-2.1.55-logistics-20221021.114019-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3547/catalog-backend-2.1.55-logistics-20221021.084448-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3541/catalog-backend-2.1.55-logistics-20221021.082602-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4341/catalog-backend-2.2.0-logistics-20221027.101930-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4469/catalog-backend-2.2.0-logistics-20221027.120629-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/3861/catalog-backend-2.2.0-logistics-20221024.135054-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4180/catalog-backend-2.2.0-logistics-20221027.071301-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4171/catalog-backend-2.2.0-logistics-20221027.071301-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4332/catalog-backend-2.2.0-logistics-20221027.101930-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/3622/catalog-backend-2.2.0-logistics-20221021.120420-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4460/catalog-backend-2.2.0-logistics-20221027.120629-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/3855/catalog-backend-2.2.0-logistics-20221024.135054-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/3609/catalog-backend-2.2.0-logistics-20221021.120420-1.war

the kroki should remove these stale packages.

The question is for now that, Can we remove old versions of these packages and keep only latest one ?
Please let us know if any workaround is available .

commented

@Festo-Nitin this files are not related to Kroki (or at least not produced by Kroki).