DevOps series: Establish governance for your image repositories

Introduction

Public cloud provides private repositories to host your images. You can maintain a shared image repository that is highly available for all your workloads across regions. As your organization grows and more and more containerized workloads are run, it is essential that you establish governance process for image repositories. This article discuss some of the governance items that you should consider

Distinguish development images from release images

When you have continuous integration setup, you end up with a lot of development images provided you do not overwrite using same tags. For a strategy similar to gitflow, you would also have images built from master/main branch. It is essential that you are able to distinguish between development and release images as that will help you clean up development images at regular basis. Consider using one of the following approaches

• Use standard image naming convention. This allows you to build automation that can use image naming standard to apply some logic.
• Use tag prefix or suffix to mark images as development or release. For example dev images can be tagged as {version}.{buildId}.dev while release images can be tagged as {version}.{buildId}.release or simply {version}.{buildId}
• Use different repos for development and release images. In this case, ensure that your build pipelines…