ARTIFACTORY: Cleanup Policies FAQ

Introduction 

Managing packages efficiently in JFrog Artifactory can become challenging as repositories grow in size over time. Packages no longer in use often occupy valuable storage space and can impact system performance. To address this, Artifactory offers a Cleanup Policy feature that allows users to define specific rules for cleaning up old or unused packages. This article aims to answer frequently asked questions about the Cleanup Policy and provide a step-by-step guide to setting it up effectively. 

FAQs 

Below are the frequently asked questions regarding Cleanup Policy, along with their resolutions:

What is a Cleanup Policy?
A Cleanup Policy in JFrog Artifactory allows platform and project administrators to automate the removal of stale, unused or expired JFrog objects (Packages, Release Bundles, etc) from the platform. It is composed of three main sections:

• Scope: Defines where the policy applies (e.g., specific projects, repositories, and package types).
• Conditions: Specifies criteria for cleanup policy to be executed, such as the age of packages, their usage frequency, or the number of versions to retain.
• General Settings: Includes retention rules, execution limits, and scheduling.

By leveraging these settings, administrators can streamline artifact management, optimize storage, improve performance, and enhance the overall user experience.

How should I start using Cleanup Policies?
When first using Cleanup Policies, it's important to take a cautious approach to avoid unintended deletions or system strain. Here are a few recommended steps:

1. Start with limited scope policies: Break the cleanup process into smaller parts. Don’t apply a single policy to the entire platform right away; focus on specific projects, repositories, or package types.
2. Classify and prioritize packages: Begin by cleaning up less critical packages, such as snapshot versions or non-essential packages.
3. Use the trash can: Ensure that deleted packages are sent to the trash can, allowing you to restore them if necessary (note that packages will be kept in the trash can per GC cycles and trash can settings, click here to learn more).
4. Run policies during off-peak hours: Schedule policies to run overnight or during weekends, and configure the Max Execution Duration to limit how long they run.
5. Always use dry-run first: Perform a dry-run to generate a report of what will be deleted, allowing you to review and confirm that no important packages are being removed.
6. Enable policies after testing: Only activate the policy once you're confident that it's correctly configured and has been reviewed.

How can I evaluate the cleanup potential?
Understanding the potential impact of your Cleanup Policies is essential for planning and monitoring. The most effective way to assess the potential deletions is to run a dry run.

• After the dry run, Artifactory generates a detailed CSV report listing the packages that would be deleted.
• The report can be found in a designated repository path and is available for download from the Policies and Runs Views in the Admin Panel.

This impact analysis helps you make informed decisions and adjust policies as needed before they run live.

What safety protections are available to ensure system stability during cleanup?
Since the cleanup process can consume significant system resources, JFrog Artifactory provides several safeguards to prevent performance issues. Some protections are enforced by default, while others can be configured by the user to match the system's specific needs:

1. Run frequency limit: Cleanup policy can run at the most once every 6 hours.
2. Max Execution Duration: You can configure how long a policy is allowed to run before it automatically stops.
3. Package count limits: Each policy run is limited to a maximum of 100K packages.
4. Stop policy runs: Policy executions can be manually stopped from the UI or via the API.
5. Deactivate policy command: Policies can be deactivated, preventing them from running either manually or automatically in the next iteration.
6. Global stop and disable commands: All cleanup policies can be stopped or disabled with a single command through the UI or API.
7. Task prioritization: Cleanup tasks are treated as low-priority operations by the Query Rate Limiter (QRL), ensuring that they don’t interfere with higher-priority tasks.
8. Thread management: A maximum of 5 threads is allocated for cleanup runs.
9. Parallel run limits: Concurrent policy runs are limited, additional runs will be added to the queue and executed upon availability.
10. Sleep duration between deletions and internal queries: The duration between delete operations and package queries can be controlled to reduce database load.

Can Project Admins manage Cleanup Policies?
Yes, but platform admins control this privilege. Platform admins can delegate the ability to manage Cleanup Policies to project admins by granting the Manage Resources permission for a specific project. Once granted, project admins can create and manage policies within the project’s scope.

However, Global Cleanup Policies (created by platform admins to apply across multiple projects) are enforced platform-wide. Project admins cannot modify, disable, or opt out of these global policies.

Conclusion
Artifactory’s Cleanup Policy feature is a powerful tool for automating the removal of unused or outdated packages and helping organizations manage storage more effectively. Starting small, testing with dry-runs, and leveraging Artifactory’s built-in safety mechanisms can help administrators make the most of this feature without risking performance or data loss.
For more information, visit the official JFrog Cleanup Policy Documentation, or contact our support team for further assistance.