- Requires script execution and manual review

Example warning in logs:

Use the following script to scan your build logs and extract deprecated images:

👉[Find deprecated images used in previous builds](https://gist.github.com/francisco-cocozza/6046028184cc12b5ee4513bdcb4217c5)

Once you've identified deprecated images, re-push them using a modern Docker client to convert the manifest format.

Once you’ve identified deprecated images using engine metrics, the next step is to upgrade those images to a modern format (OCI or Docker manifest v2, schema 2). This is required to ensure compatibility with docker-27 and future releases.

Re-pushing an image using a modern Docker client will automatically convert its manifest to a supported version.

version:"1.0"

image_name:<target-image-name>

push:

title:"Re-pushing deprecated image"

type:push

candidate:docker/whalesay:latest

registry:docker

tag:new-manifest

image_name:codefresh/whalesay

This pulls thedeprecated image and re-pushes itunder a new name/tagwith acompliant manifest format.

This method enables scalable detection ofdeprecatedimages by usingreal-time engine metrics.Recommended for high-volumeorautomated environments.

Labels include:

-`account_name`

-`pipeline_id`

-`workflow`

-`image_name`

This metricis a counter increased by 1each timeDocker daemon pullsa deprecated image.

In yourHybrid RuntimeHelm values:

Set the following values for theHybrid RuntimeChart:

runtime:

engine:

env:

METRICS_PROMETHEUS_ENABLED:true

podMonitor:

main:

enabled:true

To ensuremetric collection on shutdown, configure ascrapetimeout:

runtime:

engine:

env:

METRICS_PROMETHEUS_SCRAPE_TIMEOUT:'120000'# Timeout in ms

You can install the [kube-prometheus-stack Helm chart](https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack):

apiVersion:storage.k8s.io/v1

kind:StorageClass

metadata:

type:gp3

prometheus:

prometheusSpec:

podMonitorSelectorNilUsesHelmValues:false

resources:

requests:

storage:20Gi

grafana:

persistence:

storageClassName:kube-prom

enabled:true

datasources:

datasources.yaml:

apiVersion:1

datasources:

-name:Mimir API

type:marcusolsson-json-datasource

uid:Mimir-API

access:proxy

url:http://kube-prom-kube-prometheus-prometheus:9090/api/v1

plugins:

-marcusolsson-json-datasource

kubectl --namespace kube-prom get pods -l"release=kube-prom"

kubectl --namespace kube-prom get secrets kube-prom-grafana -o jsonpath="{.data.admin-password}"| base64 -d;echo

export POD_NAME=$(kubectl --namespace kube-prom get pod -l"app.kubernetes.io/name=grafana,app.kubernetes.io/instance=kube-prom" -oname)

kubectl --namespace kube-prom port-forward$POD_NAME 3000

After a build completes:

Open[http://localhost:3000](http://localhost:3000) and log in using the admin password retrieved above.

To ensure that engine metrics are collected correctly, run a build on the monitored Runtime. In Grafana:

- Go to**Explore → Metrics**

- Search for`codefresh_`

- Make sure the time range includes a running build

The metric`codefresh_engine_deprecated_images_pulled_total` is a counter increased by 1 each time Docker daemon pulls a deprecated image. Labels`{account_name, pipeline_id, workflow, image_name}` allow grouping results.

1. Download Dashboard JSON in APPENDIX II

2. Log in to Grafana

3. Go to**Dashboards → New → Import**

4. Upload the JSON

5. Select`Mimir API` as data source → Click**Import**

You’ll be able to:

- Filter by account name

-View time-based pull counts

-Identify pipelines and image names involved

- Adjust time range

- View builds and deprecated image names

- Clickable links to Admin Panel

---

You can query the metric directly:

Example deprecated images:

-[Upgrade Docker images pipeline example](https://gist.github.com/francisco-cocozza/6046028184cc12b5ee4513bdcb4217c5)

-[kube-prometheus-stack on ArtifactHub](https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack)

Pulled in Pipeline:`#67867cfe8307bd8f9b7b034e`