Open dueckminor opened 3 years ago
cf-gitbot
commented
3 years ago We have created an issue in Pivotal Tracker to manage this:
https://www.pivotaltracker.com/story/show/178068836
The labels on this github issue will be updated when the story is started.
swalchemist
commented
2 years ago 
bruce-ricard
commented
8 months ago I guess deleting the credential and recreating it could be a workaround. If you want to cleanup all old versions of a credential, you can run credhub delete --name ... and then credhub generate or set again. All older versions will be gone.
But I agree that this is a pretty valid feature request.
bruce-ricard
commented
8 months ago Sorry about the wrong link just above. The PR fixes another issue.
What version of the credhub server you are using? 2.9.0
What version of the credhub cli you are using? 2.9.0
If you were attempting to accomplish a task, what was it you were attempting to do? I rotate/update (non-certificate) credentials regularly using the credhub cli by either using:
credhub setcredhub generatecredhub regenerateWhat did you expect to happen? I would expect that this doesn't decrease the overall CredHub performance and that the CredHub CLI/API would allow me to delete old versions of the credential. For certificate credentials, there is such an API, but not for all other types of credentials.
What was the actual behaviour? All currently available method to update a credential will lead to an addition version of the same credential. There is currently no API available which allows to remove old and obsolete versions of one credential. If the number of versions grows (more than 5000), the performance of CredHub dramatically decreases and CredHub finally gets unhealthy (I observed a high CPU load on the Database)
Please confirm where necessary:
If you are a PCF customer with an Operation Manager (PCF Ops Manager) please direct your questions to support (https://support.pivotal.io/)