Skip to content

Commit

Permalink
[PAN-2071] remove all cache entries from branch (pantos-io#46)
Browse files Browse the repository at this point in the history
* feature: remove all cache entries from branch
  • Loading branch information
juanmanuel-tirado committed Dec 18, 2024
1 parent f759af3 commit cc1cd7b
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 32 deletions.
55 changes: 24 additions & 31 deletions .github/workflows/clean.yaml
Original file line number Diff line number Diff line change
@@ -1,37 +1,30 @@
name: Clean

# Collection of functions to clean any generated and no-longer-needed item
name: Clean caches by a branch

on:
pull_request_target:
types:
- closed


permissions:
contents: read
actions: write
pull_request:
types:
- closed

jobs:

clean:
name: "Clean"
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: audit
cleanup:
runs-on: ubuntu-latest
steps:
- name: Cleanup
run: |
gh extension install actions/gh-actions-cache
- name: Clean Docker cache
env:
TARGET: ${{ runner.os }}-buildx-v1.0-service-node-${{ github.ref_name }}
run: |
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"https://api.github.com/repos/pantos-io/servicenode/actions/caches?key=${{ env.TARGET }}"
echo "Fetching list of cache key"
cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH -L 100 | cut -f 1 )
## Setting this to not fail the workflow while deleting cache keys.
set +e
echo "Deleting caches..."
for cacheKey in $cacheKeysForPR
do
gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm
done
echo "Done"
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
REPO: ${{ github.repository }}
BRANCH: refs/pull/${{ github.event.pull_request.number }}/merge
4 changes: 3 additions & 1 deletion .github/workflows/docker-vulnerabilities.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ jobs:
runs-on: ubuntu-latest
permissions:
contents: read
# for sarif
security-events: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
Expand Down Expand Up @@ -46,7 +48,7 @@ jobs:
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-v1.0-service-node-${{ github.sha }}
key: ${{ runner.os }}-buildx-v1.0-service-node-${{ github.ref_name }}
restore-keys: |
${{ runner.os }}-buildx-v1.0-service-node-
Expand Down

0 comments on commit cc1cd7b

Please sign in to comment.