A bug in Nexus Repository 3.30.0 to 3.31.1 can cause loss of some Docker data when running the Delete unused manifests and images scheduled task. We recommend disabling this task immediately to avoid data loss.
How to determine if you are affected
A Nexus Repository OSS or Pro installation is potentially affected if it meets the following criteria:
- It is version 3.30.0 to 3.31.1
- The Docker - Delete unused manifests and images scheduled task is enabled
What data can be affected?
The Delete unused manifests and images task deletes layers and SHA manifests that are not reachable from tag manifests (e.g., “latest”) from hosted Docker repositories.
Nexus Repository 3.30.0 introduced a logic error that caused it to disregard recently published and updated tags when determining if layers and SHA manifests count as used. This can cause Nexus Repository to incorrectly remove those images’ layers and the associated SHA manifest.
Recently published or updated images are the most susceptible to data loss. For more information, please see NEXUS-28247.
How to Disable This Task
Log in to your Nexus Repository administrator console. Select System Tasks in the left navigation and browse the list of configured scheduled tasks.
Select any instances of Docker - Delete unused manifests and images and uncheck the Task enabled flag.