从 Amazon ECR 私有存储库中删除签名和其他项目 - Amazon ECR
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 中国的 Amazon Web Services 服务入门 (PDF)

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

从 Amazon ECR 私有存储库中删除签名和其他项目

您可以使用 ORAS 客户端列出和删除 Amazon ECR 私有存储库中的签名和其他参考类型项目。删除签名和其他参考工件与删除图像的方式类似(请参阅在 Amazon ECR 中删除图片)。以下是列出构件和删除签名的方法:

使用 ORAS CLI 管理图像工件

  1. 安装和配置 ORAS 客户端。

    有关安装和配置 ORAS 客户端的信息,请参阅 ORAS 文档中的安装

  2. 要列出 Amazon ECR 图像的可用构件,请使用oras discover,后面加上图像名称:

    oras discover 111222333444.dkr.ecr.us-east-1.amazonaws.com/oci:helloworld

    输出应如下所示:

    111222333444.dkr.ecr.us-east-1.amazonaws.com/oci@sha256:88c0c54329bfdc1d94d6f58cd3fcb1226d46f58670f44a8c689cb3c9b37b6925
└── application/vnd.cncf.notary.signature
    ├── sha256:387c10c1598ee18aae81dcfc86d0d06d116e46461d1c3cda8927e69c48108c42
    └── sha256:6527bcec87adf1d55460666183b9d0968b3cd4e4bc34602d485206a219851171

  3. 如前面的示例,要使用 ORAS CLI 删除签名,请运行以下命令:

    oras manifest delete 111222333444.dkr.ecr.us-east-1.amazonaws.com/oci@sha256:387c10c1598ee18aae81dcfc86d0d06d116e46461d1c3cda8927e69c48108c42

    输出应如下所示:

    Are you sure you want to delete the manifest "111222333444.dkr.ecr.us-east-1.amazonaws.com/oci@sha256:387c10c1598ee18aae81dcfc86d0d06d116e46461d1c3cda8927e69c48108c42" and all tags associated with it? [y/N] y

  4. y。应该删除该工件。

排除对象删除故障

如果签名删除(例如刚才显示的签名)失败,则会出现类似于以下内容的输出。

Error response from registry: failed to delete 111222333444.dkr.ecr.us-east-1.amazonaws.com/oci@sha256:387c10c1598ee18aae81dcfc86d0d06d116e46461d1c3cda8927e69c48108c42:
unsupported: Requested image referenced by manifest list: [sha256:005e2c97a6373e483799fa4ff29ac64a42dd10f08efcc166d6775f9b74943b5b]

删除在 OCI 1.1 发布之前推送的图像时,可能会发生此故障。如错误中所述,您必须先删除引用该图像的清单,然后才能删除该图片,如下所示:

  1. 要删除与要删除的签名关联的清单,请键入:

     oras manifest delete 111222333444.dkr.ecr.us-east-1.amazonaws.com/oci@sha256:005e2c97a6373e483799fa4ff29ac64a42dd10f08efcc166d6775f9b74943b5b

    输出应如下所示:

    Are you sure you want to delete the manifest "sha256:005e2c97a6373e483799fa4ff29ac64a42dd10f08efcc166d6775f9b74943b5b" and all tags associated with it? [y/N] y

  2. y。应删除清单。

  3. 清单消失后,你可以删除签名:

     oras manifest delete 111222333444.dkr.ecr.us-east-1.amazonaws.com/oci@sha256:387c10c1598ee18aae81dcfc86d0d06d116e46461d1c3cda8927e69c48108c42

    输出应如下所示:按 y

    Are you sure you want to delete the manifest "sha256:387c10c1598ee18aae81dcfc86d0d06d116e46461d1c3cda8927e69c48108c42" and all tags associated with it? [y/N] y
Deleted [registry] 111222333444.dkr.ecr.us-east-1.amazonaws.com/oci@sha256:387c10c1598ee18aae81dcfc86d0d06d116e46461d1c3cda8927e69c48108c42

  4. 要查看签名是否已删除,请键入:

    oras discover 111222333444.dkr.ecr.us-east-1.amazonaws.com/oci:helloworld

    输出应如下所示:

    111222333444.dkr.ecr.us-east-1.amazonaws.com/oci@sha256:88c0c54329bfdc1d94d6f58cd3fcb1226d46f58670f44a8c689cb3c9b37b6925
└── application/vnd.cncf.notary.signature
    └── sha256:6527bcec87adf1d55460666183b9d0968b3cd4e4bc34602d485206a219851171