Kroki Container Not Removing old Packages.
Festo-Nitin opened this issue · comments
We seen that there are multiple versions of some packages in docker container are available, there are some stale packages also there,
it causing notification from security team for vulnerability for unused packages.
Seel list below
[root@server packages]# pwd
/app/gitlabalm/gitlab/data/gitlab-rails/shared/packages
[root@server packages]# find . -name catalog-backend* | grep logistics | grep -e .war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6226/catalog-backend-2.2.2-logistics-20230127.132317-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6670/catalog-backend-2.2.2-logistics-20230213.101426-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6232/catalog-backend-2.2.2-logistics-20230127.132317-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6834/catalog-backend-2.2.2-logistics-20230215.150142-11.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6320/catalog-backend-2.2.2-logistics-20230131.112647-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6664/catalog-backend-2.2.2-logistics-20230213.101426-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6828/catalog-backend-2.2.2-logistics-20230215.150142-11.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6476/catalog-backend-2.2.2-logistics-20230206.100547-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6326/catalog-backend-2.2.2-logistics-20230131.112647-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6544/catalog-backend-2.2.2-logistics-20230207.095304-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6470/catalog-backend-2.2.2-logistics-20230206.100547-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/4256/files/6553/catalog-backend-2.2.2-logistics-20230207.095304-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3535/catalog-backend-2.1.55-logistics-20221021.082602-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3568/catalog-backend-2.1.55-logistics-20221021.101150-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3589/catalog-backend-2.1.55-logistics-20221021.114019-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3559/catalog-backend-2.1.55-logistics-20221021.101150-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3184/catalog-backend-2.1.55-logistics-20221017.092357-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3553/catalog-backend-2.1.55-logistics-20221021.084448-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3175/catalog-backend-2.1.55-logistics-20221017.092357-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3595/catalog-backend-2.1.55-logistics-20221021.114019-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3547/catalog-backend-2.1.55-logistics-20221021.084448-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1508/files/3541/catalog-backend-2.1.55-logistics-20221021.082602-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4341/catalog-backend-2.2.0-logistics-20221027.101930-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4469/catalog-backend-2.2.0-logistics-20221027.120629-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/3861/catalog-backend-2.2.0-logistics-20221024.135054-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4180/catalog-backend-2.2.0-logistics-20221027.071301-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4171/catalog-backend-2.2.0-logistics-20221027.071301-5.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4332/catalog-backend-2.2.0-logistics-20221027.101930-7.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/3622/catalog-backend-2.2.0-logistics-20221021.120420-1.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/4460/catalog-backend-2.2.0-logistics-20221027.120629-9.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/3855/catalog-backend-2.2.0-logistics-20221024.135054-3.war
./73/7c/737c6b9773fa031bee4787ad780d2c9c9ecb3375a7c1f4dbd8047a6cd5c67b4c/packages/1867/files/3609/catalog-backend-2.2.0-logistics-20221021.120420-1.war
the kroki should remove these stale packages.
The question is for now that, Can we remove old versions of these packages and keep only latest one ?
Please let us know if any workaround is available .
@Festo-Nitin this files are not related to Kroki (or at least not produced by Kroki).