@@ -45,14 +45,28 @@ images.`

   %[1]s %[2]s --keep-tag-revisions=3 --keep-younger-than=60m

   # To actually perform the prune operation, the confirm flag must be appended

-  %[1]s %[2]s --keep-tag-revisions=3 --keep-younger-than=60m --confirm`

+  %[1]s %[2]s --keep-tag-revisions=3 --keep-younger-than=60m --confirm

+

+  # See, what the prune command would delete if we're interested in removing images

+  # exceeding currently set LimitRanges ('openshift.io/Image')

+  %[1]s %[2]s --prune-over-size-limit

+

+  # To actually perform the prune operation, the confirm flag must be appended

+  %[1]s %[2]s --prune-over-size-limit --confirm`

+)

+

+var (

+	defaultKeepYoungerThan         = 60 * time.Minute

+	defaultKeepTagRevisions        = 3

+	defaultPruneImageOverSizeLimit = false

 )

 // PruneImagesOptions holds all the required options for pruning images.

 type PruneImagesOptions struct {

 	Confirm             bool

-	KeepYoungerThan     time.Duration

-	KeepTagRevisions    int

+	KeepYoungerThan     *time.Duration

+	KeepTagRevisions    *int

+	PruneOverSizeLimit  *bool

 	CABundle            string

 	RegistryUrlOverride string

@@ -64,9 +78,10 @@ type PruneImagesOptions struct {

 // NewCmdPruneImages implements the OpenShift cli prune images command.

 func NewCmdPruneImages(f *clientcmd.Factory, parentName, name string, out io.Writer) *cobra.Command {

 	opts := &PruneImagesOptions{

-		Confirm:          false,

-		KeepYoungerThan:  60 * time.Minute,

-		KeepTagRevisions: 3,

+		Confirm:            false,

+		KeepYoungerThan:    &defaultKeepYoungerThan,

+		KeepTagRevisions:   &defaultKeepTagRevisions,

+		PruneOverSizeLimit: &defaultPruneImageOverSizeLimit,

 	}

 	cmd := &cobra.Command{

@@ -84,8 +99,9 @@ func NewCmdPruneImages(f *clientcmd.Factory, parentName, name string, out io.Wri

 	}

 	cmd.Flags().BoolVar(&opts.Confirm, "confirm", opts.Confirm, "Specify that image pruning should proceed. Defaults to false, displaying what would be deleted but not actually deleting anything.")

-	cmd.Flags().DurationVar(&opts.KeepYoungerThan, "keep-younger-than", opts.KeepYoungerThan, "Specify the minimum age of an image for it to be considered a candidate for pruning.")

-	cmd.Flags().IntVar(&opts.KeepTagRevisions, "keep-tag-revisions", opts.KeepTagRevisions, "Specify the number of image revisions for a tag in an image stream that will be preserved.")

+	cmd.Flags().DurationVar(opts.KeepYoungerThan, "keep-younger-than", *opts.KeepYoungerThan, "Specify the minimum age of an image for it to be considered a candidate for pruning.")

+	cmd.Flags().IntVar(opts.KeepTagRevisions, "keep-tag-revisions", *opts.KeepTagRevisions, "Specify the number of image revisions for a tag in an image stream that will be preserved.")

+	cmd.Flags().BoolVar(opts.PruneOverSizeLimit, "prune-over-size-limit", *opts.PruneOverSizeLimit, "Specify if images which are exceeding LimitRanges (see 'openshift.io/Image'), specified in the same namespace, should be considered for pruning. This flag cannot be combined with --keep-younger-than nor --keep-tag-revisions.")

 	cmd.Flags().StringVar(&opts.CABundle, "certificate-authority", opts.CABundle, "The path to a certificate authority bundle to use when communicating with the managed Docker registries. Defaults to the certificate authority data from the current user's config file.")

 	cmd.Flags().StringVar(&opts.RegistryUrlOverride, "registry-url", opts.RegistryUrlOverride, "The address to use when contacting the registry, instead of using the default value. This is useful if you can't resolve or reach the registry (e.g.; the default is a cluster-internal URL) but you do have an alternative route that works.")

@@ -99,6 +115,16 @@ func (o *PruneImagesOptions) Complete(f *clientcmd.Factory, cmd *cobra.Command,

 		return kcmdutil.UsageError(cmd, "no arguments are allowed to this command")

 	}

+	if !cmd.Flags().Lookup("keep-younger-than").Changed {

+		o.KeepYoungerThan = nil

+	}

+	if !cmd.Flags().Lookup("keep-tag-revisions").Changed {

+		o.KeepTagRevisions = nil

+	}

+	if !cmd.Flags().Lookup("prune-over-size-limit").Changed {

+		o.PruneOverSizeLimit = nil

+	}

+

 	o.Out = out

 	osClient, kClient, registryClient, err := getClients(f, o.CABundle)

@@ -146,19 +172,36 @@ func (o *PruneImagesOptions) Complete(f *clientcmd.Factory, cmd *cobra.Command,

 		return err

 	}

+	limitRangesList, err := kClient.LimitRanges(kapi.NamespaceAll).List(kapi.ListOptions{})

+	if err != nil {

+		return err

+	}

+	limitRangesMap := make(map[string][]*kapi.LimitRange)

+	for i := range limitRangesList.Items {

+		limit := limitRangesList.Items[i]

+		limits, ok := limitRangesMap[limit.Namespace]

+		if !ok {

+			limits = []*kapi.LimitRange{}

+		}

+		limits = append(limits, &limit)

+		limitRangesMap[limit.Namespace] = limits

+	}

+

 	options := prune.PrunerOptions{

-		KeepYoungerThan:  o.KeepYoungerThan,

-		KeepTagRevisions: o.KeepTagRevisions,

-		Images:           allImages,

-		Streams:          allStreams,

-		Pods:             allPods,

-		RCs:              allRCs,

-		BCs:              allBCs,

-		Builds:           allBuilds,

-		DCs:              allDCs,

-		DryRun:           o.Confirm == false,

-		RegistryClient:   registryClient,

-		RegistryURL:      o.RegistryUrlOverride,

+		KeepYoungerThan:    o.KeepYoungerThan,

+		KeepTagRevisions:   o.KeepTagRevisions,

+		PruneOverSizeLimit: o.PruneOverSizeLimit,

+		Images:             allImages,

+		Streams:            allStreams,

+		Pods:               allPods,

+		RCs:                allRCs,

+		BCs:                allBCs,

+		Builds:             allBuilds,

+		DCs:                allDCs,

+		LimitRanges:        limitRangesMap,

+		DryRun:             o.Confirm == false,

+		RegistryClient:     registryClient,

+		RegistryURL:        o.RegistryUrlOverride,

 	}

 	o.Pruner = prune.NewPruner(options)

@@ -168,10 +211,13 @@ func (o *PruneImagesOptions) Complete(f *clientcmd.Factory, cmd *cobra.Command,

 // Validate ensures that a PruneImagesOptions is valid and can be used to execute pruning.

 func (o PruneImagesOptions) Validate() error {

-	if o.KeepYoungerThan < 0 {

+	if o.PruneOverSizeLimit != nil && (o.KeepYoungerThan != nil || o.KeepTagRevisions != nil) {

+		return fmt.Errorf("--prune-over-size-limit cannot be specified with --keep-tag-revisions nor --keep-younger-than")

+	}

+	if o.KeepYoungerThan != nil && *o.KeepYoungerThan < 0 {

 		return fmt.Errorf("--keep-younger-than must be greater than or equal to 0")

 	}

-	if o.KeepTagRevisions < 0 {

+	if o.KeepTagRevisions != nil && *o.KeepTagRevisions < 0 {

 		return fmt.Errorf("--keep-tag-revisions must be greater than or equal to 0")

 	}

 	if _, err := url.Parse(o.RegistryUrlOverride); err != nil {

@@ -422,6 +422,7 @@ func GetBootstrapClusterRoles() []authorizationapi.ClusterRole {

 			},

 			Rules: []authorizationapi.PolicyRule{

 				authorizationapi.NewRule("get", "list").Groups(kapiGroup).Resources("pods", "replicationcontrollers").RuleOrDie(),

+				authorizationapi.NewRule("list").Groups(kapiGroup).Resources("limitranges").RuleOrDie(),

 				authorizationapi.NewRule("get", "list").Groups(buildGroup).Resources("buildconfigs", "builds").RuleOrDie(),

 				authorizationapi.NewRule("get", "list").Groups(deployGroup).Resources("deploymentconfigs").RuleOrDie(),

@@ -11,6 +11,7 @@ import (

 	gonum "github.com/gonum/graph"

 	kapi "k8s.io/kubernetes/pkg/api"

+	"k8s.io/kubernetes/pkg/api/resource"

 	"k8s.io/kubernetes/pkg/api/unversioned"

 	kerrors "k8s.io/kubernetes/pkg/util/errors"

 	utilruntime "k8s.io/kubernetes/pkg/util/runtime"

@@ -47,8 +48,9 @@ const (

 // pruneAlgorithm contains the various settings to use when evaluating images

 // and layers for pruning.

 type pruneAlgorithm struct {

-	keepYoungerThan  time.Duration

-	keepTagRevisions int

+	keepYoungerThan    time.Duration

+	keepTagRevisions   int

+	pruneOverSizeLimit bool

 }

 // ImageDeleter knows how to remove images from OpenShift.

@@ -90,10 +92,13 @@ type ManifestDeleter interface {

 type PrunerOptions struct {

 	// KeepYoungerThan indicates the minimum age an Image must be to be a

 	// candidate for pruning.

-	KeepYoungerThan time.Duration

+	KeepYoungerThan *time.Duration

 	// KeepTagRevisions is the minimum number of tag revisions to preserve;

 	// revisions older than this value are candidates for pruning.

-	KeepTagRevisions int

+	KeepTagRevisions *int

+	// PruneOverSizeLimit indicates that images exceeding defined limits (openshift.io/Image)

+	// will be considered as candidates for pruning.

+	PruneOverSizeLimit *bool

 	// Images is the entire list of images in OpenShift. An image must be in this

 	// list to be a candidate for pruning.

 	Images *imageapi.ImageList

@@ -113,6 +118,8 @@ type PrunerOptions struct {

 	// DCs is the entire list of deployment configs across all namespaces in the

 	// cluster.

 	DCs *deployapi.DeploymentConfigList

+	// LimitRanges is a map of LimitRanges across namespaces, being keys in this map.

+	LimitRanges map[string][]*kapi.LimitRange

 	// DryRun indicates that no changes will be made to the cluster and nothing

 	// will be removed.

 	DryRun bool

@@ -203,6 +210,10 @@ func (*dryRunRegistryPinger) ping(registry string) error {

 // status.tags that are preserved and ineligible for pruning. Any revision older

 // than keepTagRevisions is eligible for pruning.

 //

+// pruneOverSizeLimit is a boolean flag speyfing that all images exceeding limits

+// defined in their namespace will be considered for pruning. Important to note is

+// the fact that this flag does not work in any combination with the keep* flags.

+//

 // images, streams, pods, rcs, bcs, builds, and dcs are the resources used to run

 // the pruning algorithm. These should be the full list for each type from the

 // cluster; otherwise, the pruning algorithm might result in incorrect

@@ -230,15 +241,22 @@ func (*dryRunRegistryPinger) ping(registry string) error {

 func NewPruner(options PrunerOptions) Pruner {

 	g := graph.New()

-	glog.V(1).Infof("Creating image pruner with keepYoungerThan=%v, keepTagRevisions=%d", options.KeepYoungerThan, options.KeepTagRevisions)

+	glog.V(1).Infof("Creating image pruner with keepYoungerThan=%v, keepTagRevisions=%v, pruneOverSizeLimit=%v",

+		options.KeepYoungerThan, options.KeepTagRevisions, options.PruneOverSizeLimit)

-	algorithm := pruneAlgorithm{

-		keepYoungerThan:  options.KeepYoungerThan,

-		keepTagRevisions: options.KeepTagRevisions,

+	algorithm := pruneAlgorithm{}

+	if options.KeepYoungerThan != nil {

+		algorithm.keepYoungerThan = *options.KeepYoungerThan

+	}

+	if options.KeepTagRevisions != nil {

+		algorithm.keepTagRevisions = *options.KeepTagRevisions

+	}

+	if options.PruneOverSizeLimit != nil {

+		algorithm.pruneOverSizeLimit = *options.PruneOverSizeLimit

 	}

 	addImagesToGraph(g, options.Images, algorithm)

-	addImageStreamsToGraph(g, options.Streams, algorithm)

+	addImageStreamsToGraph(g, options.Streams, options.LimitRanges, algorithm)

 	addPodsToGraph(g, options.Pods, algorithm)

 	addReplicationControllersToGraph(g, options.RCs)

 	addBuildConfigsToGraph(g, options.BCs)

@@ -281,7 +299,7 @@ func addImagesToGraph(g graph.Graph, images *imageapi.ImageList, algorithm prune

 		}

 		age := unversioned.Now().Sub(image.CreationTimestamp.Time)

-		if age < algorithm.keepYoungerThan {

+		if !algorithm.pruneOverSizeLimit && age < algorithm.keepYoungerThan {

 			glog.V(4).Infof("Image %q is younger than minimum pruning age, skipping (age=%v)", image.Name, age)

 			continue

 		}

@@ -306,13 +324,17 @@ func addImagesToGraph(g graph.Graph, images *imageapi.ImageList, algorithm prune

 // addImageStreamsToGraph adds all the streams to the graph. The most recent n

 // image revisions for a tag will be preserved, where n is specified by the

 // algorithm's keepTagRevisions. Image revisions older than n are candidates

-// for pruning.  if the image stream's age is at least as old as the minimum

+// for pruning if the image stream's age is at least as old as the minimum

 // threshold in algorithm.  Otherwise, if the image stream is younger than the

 // threshold, all image revisions for that stream are ineligible for pruning.

+// If pruneOverSizeLimit flag is set to true, above does not matter, instead

+// all images size is checked against LimitRanges defined in that same namespace,

+// and whenever its size exceeds the smallest limit in that namespace, it will be

+// considered a candidate for pruning.

 //

 // addImageStreamsToGraph also adds references from each stream to all the

 // layers it references (via each image a stream references).

-func addImageStreamsToGraph(g graph.Graph, streams *imageapi.ImageStreamList, algorithm pruneAlgorithm) {

+func addImageStreamsToGraph(g graph.Graph, streams *imageapi.ImageStreamList, limits map[string][]*kapi.LimitRange, algorithm pruneAlgorithm) {

 	for i := range streams.Items {

 		stream := &streams.Items[i]

@@ -322,9 +344,8 @@ func addImageStreamsToGraph(g graph.Graph, streams *imageapi.ImageStreamList, al

 		oldImageRevisionReferenceKind := WeakReferencedImageEdgeKind

 		age := unversioned.Now().Sub(stream.CreationTimestamp.Time)

-		if age < algorithm.keepYoungerThan {

+		if !algorithm.pruneOverSizeLimit && age < algorithm.keepYoungerThan {

 			// stream's age is below threshold - use a strong reference for old image revisions instead

-			glog.V(4).Infof("Stream %s/%s is below age threshold - none of its images are eligible for pruning", stream.Namespace, stream.Name)

 			oldImageRevisionReferenceKind = ReferencedImageEdgeKind

 		}

@@ -341,12 +362,17 @@ func addImageStreamsToGraph(g graph.Graph, streams *imageapi.ImageStreamList, al

 				}

 				imageNode := n.(*imagegraph.ImageNode)

-				var kind string

-				switch {

-				case i < algorithm.keepTagRevisions:

-					kind = ReferencedImageEdgeKind

-				default:

-					kind = oldImageRevisionReferenceKind

+				kind := oldImageRevisionReferenceKind

+				if algorithm.pruneOverSizeLimit {

+					if exceedsLimits(stream, imageNode.Image, limits) {

+						kind = WeakReferencedImageEdgeKind

+					} else {

+						kind = ReferencedImageEdgeKind

+					}

+				} else {

+					if i < algorithm.keepTagRevisions {

+						kind = ReferencedImageEdgeKind

+					}

 				}

 				glog.V(4).Infof("Checking for existing strong reference from stream %s/%s to image %s", stream.Namespace, stream.Name, imageNode.Image.Name)

@@ -372,6 +398,41 @@ func addImageStreamsToGraph(g graph.Graph, streams *imageapi.ImageStreamList, al

 	}

 }

+// exceedsLimits checks if given image exceeds LimitRanges defined in ImageStream's namespace.

+func exceedsLimits(is *imageapi.ImageStream, image *imageapi.Image, limits map[string][]*kapi.LimitRange) bool {

+	limitRanges, ok := limits[is.Namespace]

+	if !ok {

+		return false

+	}

+	if len(limitRanges) == 0 {

+		return false

+	}

+

+	imageSize := resource.NewQuantity(image.DockerImageMetadata.Size, resource.BinarySI)

+	for _, limitRange := range limitRanges {

+		if limitRange == nil {

+			continue

+		}

+		for _, limit := range limitRange.Spec.Limits {

+			if limit.Type != imageapi.LimitTypeImage {

+				continue

+			}

+

+			limitQuantity, ok := limit.Max[kapi.ResourceStorage]

+			if !ok {

+				continue

+			}

+			if limitQuantity.Cmp(*imageSize) < 0 {

+				// image size is larger than the permitted limit range max size

+				glog.V(4).Infof("Image %s in stream %s/%s exceeds limit %s: %v vs %v",

+					image.Name, is.Namespace, is.Name, limitRange.Name, *imageSize, limitQuantity)

+				return true

+			}

+		}

+	}

+	return false

+}

+

 // addPodsToGraph adds pods to the graph.

 //

 // A pod is only *excluded* from being added to the graph if its phase is not

@@ -13,6 +13,7 @@ import (

 	"time"

 	kapi "k8s.io/kubernetes/pkg/api"

+	"k8s.io/kubernetes/pkg/api/resource"

 	"k8s.io/kubernetes/pkg/api/unversioned"

 	"k8s.io/kubernetes/pkg/client/unversioned/fake"

 	ktc "k8s.io/kubernetes/pkg/client/unversioned/testclient"

@@ -57,6 +58,21 @@ func agedImage(id, ref string, ageInMinutes int64) imageapi.Image {

 	return image

 }

+func sizedImage(id, ref string, size int64) imageapi.Image {

+	image := imageWithLayers(id, ref,

+		"tarsum.dev+sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",

+		"tarsum.dev+sha256:b194de3772ebbcdc8f244f663669799ac1cb141834b7cb8b69100285d357a2b0",

+		"tarsum.dev+sha256:c937c4bb1c1a21cc6d94340812262c6472092028972ae69b551b1a70d4276171",

+		"tarsum.dev+sha256:2aaacc362ac6be2b9e9ae8c6029f6f616bb50aec63746521858e47841b90fabd",

+		"tarsum.dev+sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",

+	)

+

+	image.CreationTimestamp = unversioned.NewTime(unversioned.Now().Add(time.Duration(-1) * time.Minute))

+	image.DockerImageMetadata.Size = size

+

+	return image

+}

+

 func image(id, ref string) imageapi.Image {

 	return agedImage(id, ref, -1)

 }

@@ -288,6 +304,26 @@ func build(namespace, name, strategyType, fromKind, fromNamespace, fromName stri

 	}

 }

+func limitList(limits ...int64) []*kapi.LimitRange {

+	list := make([]*kapi.LimitRange, len(limits))

+	for _, limit := range limits {

+		quantity := resource.NewQuantity(limit, resource.BinarySI)

+		list = append(list, &kapi.LimitRange{

+			Spec: kapi.LimitRangeSpec{

+				Limits: []kapi.LimitRangeItem{

+					{

+						Type: imageapi.LimitTypeImage,

+						Max: kapi.ResourceList{

+							kapi.ResourceStorage: *quantity,

+						},

+					},

+				},

+			},

+		})

+	}

+	return list

+}

+

 func commonSpec(strategyType, fromKind, fromNamespace, fromName string) buildapi.CommonSpec {

 	spec := buildapi.CommonSpec{

 		Strategy: buildapi.BuildStrategy{},

@@ -390,6 +426,7 @@ func TestImagePruning(t *testing.T) {

 	registryURL := "registry"

 	tests := map[string]struct {

+		pruneOverSizeLimit     *bool

 		registryURLs           []string

 		images                 imageapi.ImageList

 		pods                   kapi.PodList

@@ -398,6 +435,7 @@ func TestImagePruning(t *testing.T) {

 		bcs                    buildapi.BuildConfigList

 		builds                 buildapi.BuildList

 		dcs                    deployapi.DeploymentConfigList

+		limits                 map[string][]*kapi.LimitRange

 		expectedDeletions      []string

 		expectedUpdatedStreams []string

 	}{

@@ -663,6 +701,79 @@ func TestImagePruning(t *testing.T) {

 			expectedDeletions:      []string{"id"},

 			expectedUpdatedStreams: []string{},

 		},

+		"image exceeding limits": {

+			pruneOverSizeLimit: newBool(true),

+			images: imageList(

+				unmanagedImage("id", "otherregistry/foo/bar@id", false, "", ""),

+				sizedImage("id2", registryURL+"/foo/bar@id2", 100),

+				sizedImage("id3", registryURL+"/foo/bar@id3", 200),

+			),

+			streams: streamList(

+				stream(registryURL, "foo", "bar", tags(

+					tag("latest",

+						tagEvent("id", "otherregistry/foo/bar@id"),

+						tagEvent("id2", registryURL+"/foo/bar@id2"),

+						tagEvent("id3", registryURL+"/foo/bar@id3"),

+					),

+				)),

+			),

+			limits: map[string][]*kapi.LimitRange{

+				"foo": limitList(100, 200),

+			},

+			expectedDeletions:      []string{"id3"},

+			expectedUpdatedStreams: []string{"foo/bar|id3"},

+		},

+		"multiple images in different namespaces exceeding different limits": {

+			pruneOverSizeLimit: newBool(true),

+			images: imageList(

+				sizedImage("id1", registryURL+"/foo/bar@id1", 100),

+				sizedImage("id2", registryURL+"/foo/bar@id2", 200),

+				sizedImage("id3", registryURL+"/bar/foo@id3", 500),

+				sizedImage("id4", registryURL+"/bar/foo@id4", 600),

+			),

+			streams: streamList(

+				stream(registryURL, "foo", "bar", tags(

+					tag("latest",

+						tagEvent("id1", registryURL+"/foo/bar@id1"),

+						tagEvent("id2", registryURL+"/foo/bar@id2"),

+					),

+				)),

+				stream(registryURL, "bar", "foo", tags(

+					tag("latest",

+						tagEvent("id3", registryURL+"/bar/foo@id3"),

+						tagEvent("id4", registryURL+"/bar/foo@id4"),

+					),

+				)),

+			),

+			limits: map[string][]*kapi.LimitRange{

+				"foo": limitList(150),

+				"bar": limitList(550),

+			},

+			expectedDeletions:      []string{"id2", "id4"},

+			expectedUpdatedStreams: []string{"foo/bar|id2", "bar/foo|id4"},

+		},

+		"image within allowed limits": {

+			pruneOverSizeLimit: newBool(true),

+			images: imageList(

+				unmanagedImage("id", "otherregistry/foo/bar@id", false, "", ""),

+				sizedImage("id2", registryURL+"/foo/bar@id2", 100),

+				sizedImage("id3", registryURL+"/foo/bar@id3", 200),

+			),

+			streams: streamList(

+				stream(registryURL, "foo", "bar", tags(

+					tag("latest",

+						tagEvent("id", "otherregistry/foo/bar@id"),

+						tagEvent("id2", registryURL+"/foo/bar@id2"),

+						tagEvent("id3", registryURL+"/foo/bar@id3"),

+					),

+				)),

+			),

+			limits: map[string][]*kapi.LimitRange{

+				"foo": limitList(300),

+			},

+			expectedDeletions:      []string{},

+			expectedUpdatedStreams: []string{},

+		},

 	}

 	for name, test := range tests {

@@ -672,15 +783,22 @@ func TestImagePruning(t *testing.T) {

 		}

 		options := PrunerOptions{

-			KeepYoungerThan:  60 * time.Minute,

-			KeepTagRevisions: 3,

-			Images:           &test.images,

-			Streams:          &test.streams,

-			Pods:             &test.pods,

-			RCs:              &test.rcs,

-			BCs:              &test.bcs,

-			Builds:           &test.builds,

-			DCs:              &test.dcs,

+			Images:      &test.images,

+			Streams:     &test.streams,

+			Pods:        &test.pods,

+			RCs:         &test.rcs,

+			BCs:         &test.bcs,

+			Builds:      &test.builds,

+			DCs:         &test.dcs,

+			LimitRanges: test.limits,

+		}

+		if test.pruneOverSizeLimit != nil {

+			options.PruneOverSizeLimit = test.pruneOverSizeLimit

+		} else {

+			keepYoungerThan := 60 * time.Minute

+			keepTagRevisions := 3

+			options.KeepYoungerThan = &keepYoungerThan

+			options.KeepTagRevisions = &keepTagRevisions

 		}

 		p := NewPruner(options)

 		p.(*pruner).registryPinger = &fakeRegistryPinger{}

@@ -880,9 +998,11 @@ func TestRegistryPruning(t *testing.T) {

 		t.Logf("Running test case %s", name)

+		keepYoungerThan := 60 * time.Minute

+		keepTagRevisions := 1

 		options := PrunerOptions{

-			KeepYoungerThan:  60 * time.Minute,

-			KeepTagRevisions: 1,

+			KeepYoungerThan:  &keepYoungerThan,

+			KeepTagRevisions: &keepTagRevisions,

 			Images:           &test.images,

 			Streams:          &test.streams,

 			Pods:             &kapi.PodList{},

@@ -913,3 +1033,9 @@ func TestRegistryPruning(t *testing.T) {

 		}

 	}

 }

+

+func newBool(a bool) *bool {

+	r := new(bool)

+	*r = a

+	return r

+}

@@ -1394,6 +1394,13 @@ items:

     - ""

     attributeRestrictions: null

     resources:

+    - limitranges

+    verbs:

+    - list

+  - apiGroups:

+    - ""

+    attributeRestrictions: null

+    resources:

     - buildconfigs

     - builds

     verbs: