Currently, we have three separate tools for cleanup up Docker which need to be used together:
1. "Delete incomplete uploads" task
2. Cleanup policies, which work on docker tags
3. Orphaned manifests & layers removal
This is too much work for customers to orchestrate, especially since the documentation encourages them to run these in a specific order. (You can't control when cleanup runs!)
There are some gaps:
1. If manifests are accessed by digest, that doesn't update the 'last accessed date' of tags that refer to that manifest; this means the manifest can be reclaimed despite still being used.
2. If only some tags of a manifest are accessed (e.g. 'latest'), an aggressive cleanup policy could prune off other tags (e.g. a version tag) despite the fact that the manifest is still around.
- Delete incomplete uploads is just automatic, configured at the repository level (if at all? would a sensible default be okay?) and not something customers have to schedule
- Consolidate cleanup and orphan removal so that it operates on manifests (not tags). There are some edge cases here, though, esp. as 'last used' date and paths interact.