From 8958bdff467470902ab33867d3e2628df0a9c56b Mon Sep 17 00:00:00 2001 From: David van der Spek <28541758+DavidSpek@users.noreply.github.com> Date: Tue, 12 Sep 2023 18:57:40 +0200 Subject: [PATCH] ci: ensure docker buildx removes the running nodes (#448) Signed-off-by: David van der Spek --- .github/workflows/ci.yaml | 39 ++++++++++++++++++++++------- .github/workflows/goreleaser-cd.yml | 15 ++++++++--- 2 files changed, 41 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index d7453fc8..845290ce 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -20,7 +20,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 with: aws-region: us-east-2 role-to-assume: arn:aws:iam::312272277431:role/github-actions/buildx-deployments @@ -43,8 +43,9 @@ jobs: type=ref,event=branch - name: Set up Docker Buildx id: builder - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 with: + cleanup: true driver: kubernetes platforms: linux/amd64 driver-opts: | @@ -107,12 +108,18 @@ jobs: with: sarif_file: 'trivy-results.sarif' - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 if: always() with: aws-region: us-east-2 role-to-assume: arn:aws:iam::312272277431:role/github-actions/buildx-deployments role-session-name: PluralCLI + - name: Manually cleanup buildx + if: always() + run: | + docker buildx stop ${{ steps.builder.outputs.name }} + sleep 10 + docker buildx rm ${{ steps.builder.outputs.name }} cloud: name: Build cloud image runs-on: ubuntu-latest @@ -126,7 +133,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 with: aws-region: us-east-2 role-to-assume: arn:aws:iam::312272277431:role/github-actions/buildx-deployments @@ -149,8 +156,9 @@ jobs: type=ref,event=branch - name: Set up Docker Buildx id: builder - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 with: + cleanup: true driver: kubernetes platforms: linux/amd64 driver-opts: | @@ -214,12 +222,18 @@ jobs: with: sarif_file: 'trivy-results.sarif' - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 if: always() with: aws-region: us-east-2 role-to-assume: arn:aws:iam::312272277431:role/github-actions/buildx-deployments role-session-name: PluralCLI + - name: Manually cleanup buildx + if: always() + run: | + docker buildx stop ${{ steps.builder.outputs.name }} + sleep 10 + docker buildx rm ${{ steps.builder.outputs.name }} dind: name: Build dind image runs-on: ubuntu-latest @@ -233,7 +247,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 with: aws-region: us-east-2 role-to-assume: arn:aws:iam::312272277431:role/github-actions/buildx-deployments @@ -256,8 +270,9 @@ jobs: type=ref,event=branch - name: Set up Docker Buildx id: builder - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 with: + cleanup: true driver: kubernetes platforms: linux/amd64 driver-opts: | @@ -321,12 +336,18 @@ jobs: with: sarif_file: 'trivy-results.sarif' - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 if: always() with: aws-region: us-east-2 role-to-assume: arn:aws:iam::312272277431:role/github-actions/buildx-deployments role-session-name: PluralCLI + - name: Manually cleanup buildx + if: always() + run: | + docker buildx stop ${{ steps.builder.outputs.name }} + sleep 10 + docker buildx rm ${{ steps.builder.outputs.name }} trivy-scan: name: Trivy fs scan runs-on: ubuntu-latest diff --git a/.github/workflows/goreleaser-cd.yml b/.github/workflows/goreleaser-cd.yml index 4b0b7730..3edb26bb 100644 --- a/.github/workflows/goreleaser-cd.yml +++ b/.github/workflows/goreleaser-cd.yml @@ -134,7 +134,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 with: aws-region: us-east-2 role-to-assume: arn:aws:iam::312272277431:role/github-actions/buildx-deployments @@ -156,8 +156,9 @@ jobs: type=semver,pattern={{version}} - name: Set up Docker Buildx id: builder - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 with: + cleanup: true driver: kubernetes platforms: linux/amd64 driver-opts: | @@ -234,12 +235,18 @@ jobs: with: sarif_file: 'trivy-results.sarif' - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 if: always() with: aws-region: us-east-2 role-to-assume: arn:aws:iam::312272277431:role/github-actions/buildx-deployments role-session-name: PluralCLI + - name: Manually cleanup buildx + if: always() + run: | + docker buildx stop ${{ steps.builder.outputs.name }} + sleep 10 + docker buildx rm ${{ steps.builder.outputs.name }} packer: name: Build EKS AMI runs-on: ubuntu-latest @@ -251,7 +258,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@v4 with: aws-region: us-east-2 role-to-assume: arn:aws:iam::654897662046:role/github-actions/plural-cli-amis-packer