diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 7c1a72e..bbf146d 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -59,7 +59,7 @@ jobs: env: DOCKER_TAGNAME: ${{ matrix.ros-distro }}-${{ matrix.arch }} run: | - cd ${DOCKER_TAGNAME%-amd64} && docker buildx build --platform=linux/${{ matrix.arch }} --progress=plain ${{ steps.docker-build-option.outputs.labels }} -t $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME . + cd ${DOCKER_TAGNAME%-amd64} && docker buildx build --no-cache --platform=linux/${{ matrix.arch }} --progress=plain ${{ steps.docker-build-option.outputs.labels }} -t $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME . - name: Login to ghcr.io uses: docker/login-action@v2 @@ -96,6 +96,16 @@ jobs: echo ::set-output name=timestamp::$TIMESTAMP echo ::set-output name=digest::$(docker inspect --format='{{index .RepoDigests 0}}' $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME-$TIMESTAMP) + - name: Cleanup docker image cache + env: + DOCKER_TAGNAME: ${{ matrix.ros-distro }}-${{ matrix.arch }} + TIMESTAMP: ${{ steps.docker.outputs.timestamp }} + run: | + docker rmi ghcr.io/$DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME-$TIMESTAMP + docker rmi ghcr.io/$DOCKER_USERNAME/$DOCKER_IMAGENAME:${DOCKER_TAGNAME%-amd64}-$TIMESTAMP + docker rmi $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME-$TIMESTAMP + docker rmi $DOCKER_USERNAME/$DOCKER_IMAGENAME:${DOCKER_TAGNAME%-amd64}-$TIMESTAMP + - name: Get Current Job Log URL id: jobs uses: Tiryoh/gha-jobid-action@v0 @@ -194,3 +204,12 @@ jobs: docker manifest create --amend ghcr.io/${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:latest ghcr.io/${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:${ROS_DISTRO}-amd64 ghcr.io/${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:${ROS_DISTRO}-arm64 docker manifest annotate ghcr.io/${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:latest ghcr.io/${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:${ROS_DISTRO}-arm64 --arch arm64 docker manifest push ghcr.io/${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:latest + + - name: Cleanup docker image cache + env: + ROS_DISTRO: ${{ matrix.ros-distro }} + run: | + docker rmi ghcr.io/${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:${ROS_DISTRO}-amd64 + docker rmi ghcr.io/${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:${ROS_DISTRO}-arm64 + docker rmi ${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:${ROS_DISTRO}-amd64 + docker rmi ${DOCKER_USERNAME}/${DOCKER_IMAGENAME}:${ROS_DISTRO}-arm64 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index aa09487..e93066c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -58,9 +58,9 @@ jobs: DOCKER_TAGNAME: ${{ matrix.ros-distro }}-${{ matrix.arch }} run: | if [[ -d ${DOCKER_TAGNAME%-amd64} ]]; then - cd ${DOCKER_TAGNAME%-amd64} && docker buildx build --platform=linux/${{ matrix.arch }} --progress=plain ${{ steps.docker-build-option.outputs.labels }} -t $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME . + cd ${DOCKER_TAGNAME%-amd64} && docker buildx build --no-cache --platform=linux/${{ matrix.arch }} --progress=plain ${{ steps.docker-build-option.outputs.labels }} -t $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME . elif [[ -d ${DOCKER_TAGNAME%-arm64} ]]; then - cd ${DOCKER_TAGNAME%-arm64} && docker buildx build --platform=linux/${{ matrix.arch }} --progress=plain ${{ steps.docker-build-option.outputs.labels }} -t $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME . + cd ${DOCKER_TAGNAME%-arm64} && docker buildx build --no-cache --platform=linux/${{ matrix.arch }} --progress=plain ${{ steps.docker-build-option.outputs.labels }} -t $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME . else exit 1 fi @@ -81,6 +81,12 @@ jobs: template: '@/contrib/sarif.tpl' output: 'trivy-results.sarif' + - name: Cleanup docker image cache + env: + DOCKER_TAGNAME: ${{ matrix.ros-distro }}-${{ matrix.arch }} + run: | + docker rmi $DOCKER_USERNAME/$DOCKER_IMAGENAME:$DOCKER_TAGNAME + - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 with: