Skip to content

golang and docker workflows: Update trivy configuration to last github action version #106

golang and docker workflows: Update trivy configuration to last github action version

golang and docker workflows: Update trivy configuration to last github action version #106

# Copyright 2024 Zaphiro Technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: clean up storage by a branch
on:
pull_request:
types:
- closed
workflow_call:
jobs:
cleanup-action-cache:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Cleanup
run: |
gh extension install actions/gh-actions-cache
REPO=${{ github.repository }}
BRANCH="refs/pull/${{ github.event.pull_request.number }}/merge"
echo "Fetching list of cache key"
cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH | cut -f 1 )
## Setting this to not fail the workflow while deleting cache keys.
set +e
echo "Deleting caches..."
for cacheKey in $cacheKeysForPR
do
gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm
done
echo "Done"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
cleanup-action-artefact:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Cleanup
run: |
REPO=${{ github.repository }}
echo "cleaning up repo: $REPO branch: $GITHUB_HEAD_REF"
sudo apt install -y jq
while true; do
# Retrieve a page of artifacts
ART_EXIST=$(gh api repos/$REPO/actions/artifacts?per_page=100\&page=$PAGE | jq -r '.artifacts[]')
ARTIFACTS=$(gh api repos/$REPO/actions/artifacts?per_page=100\&page=$PAGE | jq -r '.artifacts[] | select(.workflow_run.head_branch =="'"$GITHUB_HEAD_REF"'" ) | .id')
echo "page: $PAGE"
# If there are no more artifacts, exit the loop
if [[ -z "$ART_EXIST" ]]; then
break
fi
# Loop through the artifacts on this page and delete the old ones
for ARTIFACT_ID in $ARTIFACTS; do
ARTIFACT_NAME=$(gh api repos/$REPO/actions/artifacts/$ARTIFACT_ID | jq -r '.name')
echo "Deleting artifact $ARTIFACT_NAME (ID: $ARTIFACT_ID)..."
gh api repos/$REPO/actions/artifacts/$ARTIFACT_ID -X DELETE
done
# Increment the page counter
PAGE=$((PAGE+1))
done
echo "Done"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}