A general format convention for repository manager is if a remote removes a component that was already cached locally in a proxy repository, then repository manager should not automatically remove the already cached component.
Repository manager also has facilities to clean up docker components which are not accessed after a period of time.
However currently, when a docker asset (tag or layer) from a remote registry is removed, this results in the asset no longer being available in the proxy when the proxy makes an outbound request confirming that the remote does not contain the asset.
- Two Nexus instance. On one instance create a hosted docker repository, on the other create a proxy docker repository to the hosted repo.
- Upload an image to the hosted repo.
- Pull the image via the proxy repo.
- Delete the tag (asset) on the hosted repo.
- Invalidate the cache on the proxy repo.
- Request/access the tag asset via the proxy.
The proxy request returns a 404 with:
However the tag asset is still listed in the browse UI.
The same can be reproduced with a removal of a layer and in that case a 404 with the following response is returned:
Do not automatically remove a cached asset when the remote reports it as not available. Instead it will be expected that cleanup policies/tasks will be used to cleanup stale docker assets in the proxy repository.
Set the "Component Max Age" setting in the proxy repository config to -1. This will prevent Nexus from checking the remote for component changes/updates.