In our company we are using Octopus already for some years right now, but last night we had a strange issue just before a production deploy. We would like to pinpoint the issue to make sure that this will never happen again.
Let me explain the situation. We had an Octopus release with version 2017.7.4.1 that was tested on our Accept and Staging environment and we wanted to push this release to Production as we did already many times. However this time Octopus said that one of the packages inside the release was no longer available. So for some reason there is one package in the repository with version 2017.7.4.1 that disappeared .We would like to pinpoint the reason for this. According to the retention policies, the package should not be removed as it is active in a release. I’ve attached some screenshots of the error message and indeed the package is no longer visible in the package repository.
I’ve had a look at the audit log of Octopus but I don’t see package deletions in there. Is there any log or audit where we can track the reason for this deletion? Was it deleted by Octopus or was there a user that manually deleted that package?
Are there other know cases of this kind of behaviour? We are currently running Octopus version 3.13.6 and this is the first time we’ve encountered this issue.
Any help to find the root cause of this issue is welcome!
Thanks for getting in touch! There are a few circumstances where packages can be deleted and this is not recorded by the audit log. Manual deletion from the directory, and retention policy deletion are two instances.
If a package is used in a deployment then you are correct it will not be deleted via the retention policies.
We did have a bug where if the package version did not exactly match what was recorded against the release the package would be removed. It was fixed in 3.12.3 https://github.com/OctopusDeploy/Issues/issues/3387
It was specifically related to a change in NuGet where leading zeros were removed - which from what I can see of your version number would not be the case, you are also past that version.
We have a task that has been moved to the top of the list to be completed which will record all retention policy deletions to the audit log, so we can accurately trace when something is deleted via the retention policy.
I would suggest that when it is released upgrading to that version would be beneficial so we could at least rule out the retention policy or trace it.
Is there any chance at all that the files could have been manually deleted or that you run any kind of clean up of old files?
I am sorry I don’t have a great response that will help pin point why it has gone missing. Octopus only retains 4 of the previous retention policy logs so any logging information we had on the time this could have been deleted will be gone.
I am very much looking forward to the change that will help us in this situation.
Thanks for your information! I’m afraid there is a chance that the package was deleted manually and I think this is the most reasonable explanation right now. I’m looking forward to the future release where we can trace the deletions via the retention policy.
Here is the issue you can track for the logging changes: https://github.com/OctopusDeploy/Issues/issues/3522
When it is closed it will have a milestone which will relate to the release it was in.