[PAN-2036] Clean docker cache for PR branch (pantos-io#45)

* feature: clean docker cache for PR branch
juanmanuel-tirado · Jul 1, 2024 · 14a29e0 · 14a29e0
1 parent ca24867
commit 14a29e0
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 6 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -16,6 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions: 
       contents: read
+
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
@@ -52,7 +53,7 @@ jobs:
         uses: actions/cache@v3
         with:
           path: /tmp/.buildx-cache
-          key: ${{ runner.os }}-buildx-v1.0-service-node-${{ github.sha }}
+          key: ${{ runner.os }}-buildx-v1.0-service-node-${{ github.ref_name }}
           restore-keys: |
             ${{ runner.os }}-buildx-v1.0-service-node-
 
@@ -84,10 +85,6 @@ jobs:
           cat password.key | ./.github/workflows/scripts/generate-signer-key.py
           mv signer-key*.pem signer_key.pem
 
-      # - name: Test image
-      #   run: |
-      #     docker compose up -d
-
       - name: Move cache
         run: |
           rm -rf /tmp/.buildx-cache
@@ -144,3 +141,7 @@ jobs:
         with:
           name: install-logs-${{ matrix.os }}
           path: /var/log/pantos
+
+
+
+
diff --git a/.github/workflows/clean.yaml b/.github/workflows/clean.yaml
@@ -0,0 +1,37 @@
+name: Clean
+
+# Collection of functions to clean any generated and no-longer-needed item
+
+on:
+    pull_request_target: 
+      types:
+        - closed
+
+
+permissions: 
+    contents: read
+    actions: write
+
+jobs:
+
+    clean:
+        name: "Clean"
+        runs-on: ubuntu-latest
+        steps:
+        - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+          with:
+            disable-sudo: true
+            egress-policy: audit
+
+        - name: Clean Docker cache
+          env: 
+            TARGET: ${{ runner.os }}-buildx-v1.0-service-node-${{ github.ref_name }} 
+          run: |
+            curl -L \
+            -X DELETE \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/repos/pantos-io/servicenode/actions/caches?key=${{ env.TARGET }}"
+
+      
diff --git a/.github/workflows/docker-vulnerabilities.yaml b/.github/workflows/docker-vulnerabilities.yaml
@@ -31,7 +31,7 @@ jobs:
                   production.cloudflare.docker.com:443
                   pypi.org:443
                   registry-1.docker.io:443
-                  repo.anaconda.com:443
+                  repo.anaconda.com:443         
             
             - uses: actions/checkout@v4