I've setup my cloud project and artifact registry for cleanup policies that should log to google cloud logging. However, those logs never appear. It has been weeks of monitoring. I don't believe this feature is working as expected. I only ever see `Docker-Startupload`, `Docker-FinishUpload`, update repoistory event, but I see nothing about cleaning up.
(you'd think a site like this would have inline and code block markup available.)
Hi @Zach5,
EDIT: I think that this is not really a problem, because as per documentation, you can see Audit Logging of AR, like READ and WRITE in the repository. Which kind of logs did you expect? Some related to the build?
You're wrong. I'm referring to testing the cleanup policies with a dry run. See the documentation here: https://cloud.google.com/artifact-registry/docs/repositories/cleanup-policy#dry-run
I find it annoying to be told my problem is not a problem. Read the documentation before being dismissive in the future please.
Hi @Zach5, thanks so much for bringing your question to the Google Cloud Community and providing a bit more context to the issue you're having. @MaxImbrox appreciate your trying to help.
Full Disclosure: I am not an expert in this product area, however I believe you're absolutely right. While Artifact Registry does have cleanup policies, the deletion events triggered by these policies are not logged in Cloud Logging by default. The logs you are seeing (Docker-Startupload, Docker-FinishUpload) are related to the upload process of artifacts, not their deletion.
Where to Find Cleanup Logs
The effects of your cleanup policies can be analyzed in the Artifact Registry Data Access audit logs. To view these logs, follow these steps:
By examining these logs, you should be able to see which artifacts were deleted as a result of your cleanup policies.
Important Considerations
Additional Troubleshooting
If you are still not seeing the desired logs, double-check the following:
Hopefully an expert in this area will weight in! If you have any further questions or need more assistance, feel free to ask!
@Roderick I appreciate you're help. The query isn't surfacing anything from dry-runs. I only see image upload events and repository update events. I'll move forward by reducing the complexity of the policies in place to a single "if older than" policy and see if anything changes.
I've submitted the product feedback via google cloud but it's worth noting it would be helpful if more dry-run information were logged. For instance I don't know if the policy executed, or if the policy matched anything.
User | Count |
---|---|
2 | |
2 | |
1 | |
1 | |
1 |