From 6be7f9f3add5b810bc7d55498fe66045c5c3d32d Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 14:06:25 +0000 Subject: [PATCH 1/9] snyk monitor images --- .github/workflows/images.yml | 93 ++++++++++++++++++- components/alibi-detect-server/Makefile | 5 + components/alibi-explain-server/Makefile | 5 + .../rclone-storage-initializer/Makefile | 4 + executor/Makefile | 4 + operator/Makefile | 5 + servers/mlflowserver/Makefile | 4 + servers/sklearnserver/Makefile | 4 + servers/tfserving_proxy/Makefile | 4 + servers/xgboostserver/Makefile | 4 + wrappers/s2i/python/Makefile | 9 ++ 11 files changed, 140 insertions(+), 1 deletion(-) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index 3210ef8ae5..75b83e22e2 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -38,13 +38,27 @@ jobs: USER_INPUT="${{ github.event.inputs.docker-tag }}" echo "value=${USER_INPUT:-latest}" >> $GITHUB_OUTPUT - - name: Build and push working-directory: ./operator/ env: VERSION: ${{ steps.docker-tag.outputs.value }} run: | make docker-build docker-push + TAG="$(make show_image)" + echo "SELDON_OPERATOR_IMG=$TAG" >> $GITHUB_ENV + echo "Operator tag: SELDON_OPERATOR_IMG" + + - name: Monitor docker image for CVEs + # only want to monitor images which we have set a release tag for + if: ${{ github.event.inputs.docker-tag != '' }} + uses: snyk/actions/docker@master + continue-on-error: false + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + image: ${{ env.SELDON_OPERATOR_IMG }} + command: monitor + args: --app-vulns --severity-threshold=high --file=operator/Dockerfile executor: runs-on: ubuntu-latest @@ -71,6 +85,21 @@ jobs: VERSION: ${{ steps.docker-tag.outputs.value }} run: | make docker-build docker-push + TAG="$(make show_image)" + echo "SELDON_EXECUTOR_IMG=$TAG" >> $GITHUB_ENV + echo "Executor tag: $SELDON_EXECUTOR_IMG" + + - name: Monitor docker image for CVEs + # only want to monitor images which we have set a release tag for + if: ${{ github.event.inputs.docker-tag != '' }} + uses: snyk/actions/docker@master + continue-on-error: false + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + image: ${{ env.SELDON_EXECUTOR_IMG }} + command: monitor + args: --app-vulns --severity-threshold=high --file=executor/Dockerfile rclone-storage-initializer: runs-on: ubuntu-latest @@ -96,6 +125,21 @@ jobs: VERSION: ${{ steps.docker-tag.outputs.value }} run: | make docker-build docker-push + TAG="$(make show_image)" + echo "SELDON_RCLONE_IMG=$TAG" >> $GITHUB_ENV + echo "Rclone tag: $SELDON_RCLONE_IMG" + + - name: Monitor docker image for CVEs + # only want to monitor images which we have set a release tag for + if: ${{ github.event.inputs.docker-tag != '' }} + uses: snyk/actions/docker@master + continue-on-error: false + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + image: ${{ env.SELDON_RCLONE_IMG }} + command: monitor + args: --app-vulns --severity-threshold=high --file=./components/rclone-storage-initializer/Dockerfile s2i-wrapper: runs-on: ubuntu-latest @@ -124,6 +168,22 @@ jobs: VERSION: ${{ steps.docker-tag.outputs.value }} run: | make docker-build-conda-base docker-push-conda-base + TAG="$(make show_conda_image)" + echo "SELDON_CONDA_IMG=$TAG" >> $GITHUB_ENV + echo "Conda tag: $SELDON_CONDA_IMG" + + - name: Monitor (Conda base) docker image for CVEs + # only want to monitor images which we have set a release tag for + if: ${{ github.event.inputs.docker-tag != '' }} + uses: snyk/actions/docker@master + continue-on-error: false + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + image: ${{ env.SELDON_CONDA_IMG }} + command: monitor + args: --app-vulns --severity-threshold=high --file=./wrappers/s2i/python/Dockerfile.conda + - name: Build and push (Base Wrapper) working-directory: ./wrappers/s2i/python @@ -133,6 +193,22 @@ jobs: make docker-build docker-push PYTHON_VERSION=3.12.12 make docker-tag-base-python docker-push-base-python PYTHON_VERSION=3.12.12 docker save -o /tmp/base-wrapper.tar seldonio/seldon-core-s2i-python312:${VERSION} + TAG="$(make show_python_wrapper_image)" + echo "PYTHON_BASE_WRAPPER_IMG=$TAG" >> $GITHUB_ENV + echo "Python base wrapper tag: $PYTHON_BASE_WRAPPER_IMG" + + - name: Monitor (base wrapper) docker image for CVEs + # only want to monitor images which we have set a release tag for + if: ${{ github.event.inputs.docker-tag != '' }} + uses: snyk/actions/docker@master + continue-on-error: false + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + image: ${{ env.PYTHON_BASE_WRAPPER_IMG }} + command: monitor + args: --app-vulns --severity-threshold=high --file=./wrappers/s2i/python/Dockerfile + - name: Upload artifact uses: actions/upload-artifact@v4 @@ -204,3 +280,18 @@ jobs: VERSION: ${{ steps.docker-tag.outputs.value }} run: | make docker-build docker-push + TAG="$(make show_image)" + echo "IMG_TAG=$TAG" >> $GITHUB_ENV + echo "${{ matrix.server }} image tag: $IMG_TAG" + + - name: Monitor docker image for CVEs + # only want to monitor images which we have set a release tag for + if: ${{ github.event.inputs.docker-tag != '' }} + uses: snyk/actions/docker@master + continue-on-error: false + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + image: ${{ env.IMG_TAG }} + command: monitor + args: --app-vulns --severity-threshold=high \ No newline at end of file diff --git a/components/alibi-detect-server/Makefile b/components/alibi-detect-server/Makefile index dac861e22e..389fdda7a2 100644 --- a/components/alibi-detect-server/Makefile +++ b/components/alibi-detect-server/Makefile @@ -14,6 +14,11 @@ get_local_repo: clean cp $(SELDON_CORE_DIR)/version.txt version.txt cp -R "$(SELDON_CORE_DIR)/python/." _seldon_core/ +.PHONY:show_image +show_image: + @echo ${IMAGE_NAME}:${VERSION} + + clean: rm version.txt || true rm -rf _seldon_core || true diff --git a/components/alibi-explain-server/Makefile b/components/alibi-explain-server/Makefile index 8db255e1fb..e966fdb08b 100644 --- a/components/alibi-explain-server/Makefile +++ b/components/alibi-explain-server/Makefile @@ -68,6 +68,11 @@ redhat-image-scan: clean: rm -rf test_models +.PHONY:show_image +show_image: + @echo ${IMAGE_NAME}:${VERSION} + + # # Test Tabular Explanations # diff --git a/components/rclone-storage-initializer/Makefile b/components/rclone-storage-initializer/Makefile index 33a50e3802..796b8d6c2d 100644 --- a/components/rclone-storage-initializer/Makefile +++ b/components/rclone-storage-initializer/Makefile @@ -26,3 +26,7 @@ redhat-image-scan: docker push quay.io/redhat-isv-containers/${project}:${VERSION} source ~/.config/seldon/seldon-core/redhat-image-passwords.sh && \ preflight check container quay.io/redhat-isv-containers/${project}:${VERSION} --docker-config=${HOME}/.docker/config.json --certification-project-id=${project} --pyxis-api-token=$${pyxis_api_token} --submit + +.PHONY:show_image +show_image: + @echo ${IMAGE_NAME}:${VERSION} diff --git a/executor/Makefile b/executor/Makefile index cfb18225a1..65079faf0d 100644 --- a/executor/Makefile +++ b/executor/Makefile @@ -24,6 +24,10 @@ fmt: vet: go vet ./... +.PHONY:show_image +show_image: + @echo ${SELDON_EXECUTOR_IMG} + # Build manager binary executor: copy_operator fmt vet diff --git a/operator/Makefile b/operator/Makefile index fda2c26d4d..332181b009 100644 --- a/operator/Makefile +++ b/operator/Makefile @@ -277,6 +277,11 @@ opm_index: opm index add -c docker --bundles quay.io/seldon/seldon-operator:v${VERSION} --mode replaces --tag quay.io/seldon/test-catalog:latest +.PHONY:show_image +show_image: + echo ${SELDON_OPERATOR_IMG} + @echo ${SELDON_OPERATOR_IMG} + opm_push: docker push quay.io/seldon/test-catalog:latest diff --git a/servers/mlflowserver/Makefile b/servers/mlflowserver/Makefile index 06a12d29fa..75bc545f9d 100644 --- a/servers/mlflowserver/Makefile +++ b/servers/mlflowserver/Makefile @@ -32,3 +32,7 @@ redhat-image-scan: docker push quay.io/redhat-isv-containers/${project}:${VERSION} source ~/.config/seldon/seldon-core/redhat-image-passwords.sh && \ preflight check container quay.io/redhat-isv-containers/${project}:${VERSION} --docker-config=${HOME}/.docker/config.json --certification-project-id=${project} --pyxis-api-token=$${pyxis_api_token} --submit + +.PHONY:show_image +show_image: + @echo ${IMAGE_NAME}:${VERSION} \ No newline at end of file diff --git a/servers/sklearnserver/Makefile b/servers/sklearnserver/Makefile index 789fef482a..25d8ea1bbb 100644 --- a/servers/sklearnserver/Makefile +++ b/servers/sklearnserver/Makefile @@ -32,3 +32,7 @@ redhat-image-scan: docker push quay.io/redhat-isv-containers/${project}:${VERSION} source ~/.config/seldon/seldon-core/redhat-image-passwords.sh && \ preflight check container quay.io/redhat-isv-containers/${project}:${VERSION} --docker-config=${HOME}/.docker/config.json --certification-project-id=${project} --pyxis-api-token=$${pyxis_api_token} --submit + +.PHONY:show_image +show_image: + @echo ${IMAGE_NAME}:${VERSION} \ No newline at end of file diff --git a/servers/tfserving_proxy/Makefile b/servers/tfserving_proxy/Makefile index ab88dc9785..b9b5c19473 100644 --- a/servers/tfserving_proxy/Makefile +++ b/servers/tfserving_proxy/Makefile @@ -32,3 +32,7 @@ redhat-image-scan: docker push quay.io/redhat-isv-containers/${project}:${VERSION} source ~/.config/seldon/seldon-core/redhat-image-passwords.sh && \ preflight check container quay.io/redhat-isv-containers/${project}:${VERSION} --docker-config=${HOME}/.docker/config.json --certification-project-id=${project} --pyxis-api-token=$${pyxis_api_token} --submit + +.PHONY:show_image +show_image: + @echo ${IMAGE_NAME}:${VERSION} \ No newline at end of file diff --git a/servers/xgboostserver/Makefile b/servers/xgboostserver/Makefile index dfe112ecd6..294e8ad730 100644 --- a/servers/xgboostserver/Makefile +++ b/servers/xgboostserver/Makefile @@ -32,3 +32,7 @@ redhat-image-scan: docker push quay.io/redhat-isv-containers/${project}:${VERSION} source ~/.config/seldon/seldon-core/redhat-image-passwords.sh && \ preflight check container quay.io/redhat-isv-containers/${project}:${VERSION} --docker-config=${HOME}/.docker/config.json --certification-project-id=${project} --pyxis-api-token=$${pyxis_api_token} --submit + +.PHONY:show_image +show_image: + @echo ${IMAGE_NAME}:${VERSION} \ No newline at end of file diff --git a/wrappers/s2i/python/Makefile b/wrappers/s2i/python/Makefile index d96ca82a73..361373b5cb 100644 --- a/wrappers/s2i/python/Makefile +++ b/wrappers/s2i/python/Makefile @@ -26,6 +26,15 @@ get_local_repo: cp ../../../version.txt version.txt cp -r $(SELDON_CORE_DIR)/python _python +.PHONY:show_conda_image +show_conda_image: + @echo ${CONDA_BASE_IMAGE}:${VERSION} + + +.PHONY:show_python_wrapper_image +show_python_wrapper_image: + @echo ${IMAGE_NAME}:${VERSION} + # Building Conda Base docker-build-conda-base: From 0a187c94ecac4405ecc827a3249b7a16f2ae8af7 Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 14:30:22 +0000 Subject: [PATCH 2/9] free up space and fix tags --- .github/workflows/images.yml | 14 +++++++++++++- components/rclone-storage-initializer/Makefile | 2 +- operator/Makefile | 5 ----- 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index 75b83e22e2..022fbccc35 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -60,6 +60,9 @@ jobs: command: monitor args: --app-vulns --severity-threshold=high --file=operator/Dockerfile + - name: Free up space by removing the Docker Builder caches + run: docker builder prune -af + executor: runs-on: ubuntu-latest steps: @@ -101,6 +104,9 @@ jobs: command: monitor args: --app-vulns --severity-threshold=high --file=executor/Dockerfile + - name: Free up space by removing the Docker Builder caches + run: docker builder prune -af + rclone-storage-initializer: runs-on: ubuntu-latest steps: @@ -141,6 +147,9 @@ jobs: command: monitor args: --app-vulns --severity-threshold=high --file=./components/rclone-storage-initializer/Dockerfile + - name: Free up space by removing the Docker Builder caches + run: docker builder prune -af + s2i-wrapper: runs-on: ubuntu-latest steps: @@ -294,4 +303,7 @@ jobs: with: image: ${{ env.IMG_TAG }} command: monitor - args: --app-vulns --severity-threshold=high \ No newline at end of file + args: --app-vulns --severity-threshold=high + + - name: Free up space by removing the Docker Builder caches + run: docker builder prune -af \ No newline at end of file diff --git a/components/rclone-storage-initializer/Makefile b/components/rclone-storage-initializer/Makefile index 796b8d6c2d..600c1a4211 100644 --- a/components/rclone-storage-initializer/Makefile +++ b/components/rclone-storage-initializer/Makefile @@ -29,4 +29,4 @@ redhat-image-scan: .PHONY:show_image show_image: - @echo ${IMAGE_NAME}:${VERSION} + @echo ${IMAGE_TAG} diff --git a/operator/Makefile b/operator/Makefile index 332181b009..c5afe46977 100644 --- a/operator/Makefile +++ b/operator/Makefile @@ -24,10 +24,6 @@ endif #SHELL = /usr/bin/env bash -o pipefail .SHELLFLAGS = -ec -.PHONY:show_image -show_image: - echo ${SELDON_OPERATOR_IMG} - all: manager .PHONY: lint @@ -279,7 +275,6 @@ opm_index: .PHONY:show_image show_image: - echo ${SELDON_OPERATOR_IMG} @echo ${SELDON_OPERATOR_IMG} opm_push: From 425744e11c8a027ed23193e3f911eedc96acbdb1 Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 14:49:25 +0000 Subject: [PATCH 3/9] free up runner space --- .github/workflows/images.yml | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index 022fbccc35..596be66ed8 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -50,7 +50,7 @@ jobs: - name: Monitor docker image for CVEs # only want to monitor images which we have set a release tag for - if: ${{ github.event.inputs.docker-tag != '' }} + if: ${{ github.event.inputs.docker-tag != '' && github.event.inputs.docker-tag != 'latest' }} uses: snyk/actions/docker@master continue-on-error: false env: @@ -94,7 +94,7 @@ jobs: - name: Monitor docker image for CVEs # only want to monitor images which we have set a release tag for - if: ${{ github.event.inputs.docker-tag != '' }} + if: ${{ github.event.inputs.docker-tag != '' && github.event.inputs.docker-tag != 'latest'}} uses: snyk/actions/docker@master continue-on-error: false env: @@ -137,7 +137,7 @@ jobs: - name: Monitor docker image for CVEs # only want to monitor images which we have set a release tag for - if: ${{ github.event.inputs.docker-tag != '' }} + if: ${{ github.event.inputs.docker-tag != '' && github.event.inputs.docker-tag != 'latest'}} uses: snyk/actions/docker@master continue-on-error: false env: @@ -183,7 +183,7 @@ jobs: - name: Monitor (Conda base) docker image for CVEs # only want to monitor images which we have set a release tag for - if: ${{ github.event.inputs.docker-tag != '' }} + if: ${{ github.event.inputs.docker-tag != '' && github.event.inputs.docker-tag != 'latest'}} uses: snyk/actions/docker@master continue-on-error: false env: @@ -208,7 +208,7 @@ jobs: - name: Monitor (base wrapper) docker image for CVEs # only want to monitor images which we have set a release tag for - if: ${{ github.event.inputs.docker-tag != '' }} + if: ${{ github.event.inputs.docker-tag != '' && github.event.inputs.docker-tag != 'latest'}} uses: snyk/actions/docker@master continue-on-error: false env: @@ -241,6 +241,13 @@ jobs: - examples/models/mean_classifier - testing/docker/echo-model steps: + - name: Free up disk space (android, haskell, dotnet) + run: | + sudo rm -rf /usr/local/lib/android || true + sudo rm -rf /opt/ghc || true + sudo rm -rf /usr/share/dotnet || true + df -h + - name: Checkout Git Commit uses: actions/checkout@v4 @@ -295,7 +302,7 @@ jobs: - name: Monitor docker image for CVEs # only want to monitor images which we have set a release tag for - if: ${{ github.event.inputs.docker-tag != '' }} + if: ${{ github.event.inputs.docker-tag != '' && github.event.inputs.docker-tag != 'latest'}} uses: snyk/actions/docker@master continue-on-error: false env: From 56e875cc52b1d8c3f34ed856ca239920bd2ecec9 Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 15:10:22 +0000 Subject: [PATCH 4/9] fix image tags --- .github/workflows/images.yml | 2 +- components/alibi-detect-server/Makefile | 2 +- components/alibi-explain-server/Makefile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index 596be66ed8..de1bec9281 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -102,7 +102,7 @@ jobs: with: image: ${{ env.SELDON_EXECUTOR_IMG }} command: monitor - args: --app-vulns --severity-threshold=high --file=executor/Dockerfile + args: --debug --log-level=trace --app-vulns --severity-threshold=high --file=executor/Dockerfile - name: Free up space by removing the Docker Builder caches run: docker builder prune -af diff --git a/components/alibi-detect-server/Makefile b/components/alibi-detect-server/Makefile index 389fdda7a2..f29760b7e7 100644 --- a/components/alibi-detect-server/Makefile +++ b/components/alibi-detect-server/Makefile @@ -16,7 +16,7 @@ get_local_repo: clean .PHONY:show_image show_image: - @echo ${IMAGE_NAME}:${VERSION} + @echo ${IMAGE}:${VERSION} clean: diff --git a/components/alibi-explain-server/Makefile b/components/alibi-explain-server/Makefile index e966fdb08b..0fd5c899f6 100644 --- a/components/alibi-explain-server/Makefile +++ b/components/alibi-explain-server/Makefile @@ -70,7 +70,7 @@ clean: .PHONY:show_image show_image: - @echo ${IMAGE_NAME}:${VERSION} + @echo ${IMAGE}:${VERSION} # From ed4b39e90cf261ede0c94e26f42132ed02fdf548 Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 15:19:31 +0000 Subject: [PATCH 5/9] fix docker path --- .github/workflows/images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index de1bec9281..c0f958aee8 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -102,7 +102,7 @@ jobs: with: image: ${{ env.SELDON_EXECUTOR_IMG }} command: monitor - args: --debug --log-level=trace --app-vulns --severity-threshold=high --file=executor/Dockerfile + args: --app-vulns --severity-threshold=high --file=executor/Dockerfile.executor - name: Free up space by removing the Docker Builder caches run: docker builder prune -af From aea464938ee019feb929941ddf35f9c931479274 Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 15:30:31 +0000 Subject: [PATCH 6/9] free space --- .github/workflows/images.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index c0f958aee8..7855a22d0c 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -300,6 +300,9 @@ jobs: echo "IMG_TAG=$TAG" >> $GITHUB_ENV echo "${{ matrix.server }} image tag: $IMG_TAG" + - name: Remove docker image to make disk space + run: docker rmi ${{ env.IMG_TAG }} + - name: Monitor docker image for CVEs # only want to monitor images which we have set a release tag for if: ${{ github.event.inputs.docker-tag != '' && github.event.inputs.docker-tag != 'latest'}} From 2c157ecb6d98aa9dfe51712d13a142a656b5018e Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 15:53:55 +0000 Subject: [PATCH 7/9] debug alibi --- .github/workflows/images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index 7855a22d0c..24a5ce58af 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -313,7 +313,7 @@ jobs: with: image: ${{ env.IMG_TAG }} command: monitor - args: --app-vulns --severity-threshold=high + args: --debug --log-level=trace --app-vulns --severity-threshold=high - name: Free up space by removing the Docker Builder caches run: docker builder prune -af \ No newline at end of file From c60fc0bce106433ccbec48f6ad4e90f915b1c8b5 Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 16:22:47 +0000 Subject: [PATCH 8/9] fix disk space --- .github/workflows/images.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index 24a5ce58af..2c5c5d8061 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -300,8 +300,12 @@ jobs: echo "IMG_TAG=$TAG" >> $GITHUB_ENV echo "${{ matrix.server }} image tag: $IMG_TAG" - - name: Remove docker image to make disk space - run: docker rmi ${{ env.IMG_TAG }} + - name: Remove docker image and cache to make disk space + run: | + docker rmi ${{ env.IMG_TAG }} + rm -rf /home/runner/actions-runner/cached/* || true + df -h + - name: Monitor docker image for CVEs # only want to monitor images which we have set a release tag for From 4d24c6eeb7352022c28b3d63daa4f7a862c6d87a Mon Sep 17 00:00:00 2001 From: Dominic Riordan Date: Fri, 19 Dec 2025 16:47:54 +0000 Subject: [PATCH 9/9] free space --- .github/workflows/images.yml | 10 +++------- components/routers/epsilon-greedy/Makefile | 5 +++++ examples/models/mean_classifier/Makefile | 4 ++++ testing/docker/echo-model/Makefile | 5 +++++ 4 files changed, 17 insertions(+), 7 deletions(-) diff --git a/.github/workflows/images.yml b/.github/workflows/images.yml index 2c5c5d8061..15bc6eaf4a 100644 --- a/.github/workflows/images.yml +++ b/.github/workflows/images.yml @@ -300,12 +300,11 @@ jobs: echo "IMG_TAG=$TAG" >> $GITHUB_ENV echo "${{ matrix.server }} image tag: $IMG_TAG" - - name: Remove docker image and cache to make disk space + - name: Remove docker image to make disk space run: | docker rmi ${{ env.IMG_TAG }} - rm -rf /home/runner/actions-runner/cached/* || true - df -h - + docker builder prune -af + du -sh /home/runner/actions-runner/cached/*/ - name: Monitor docker image for CVEs # only want to monitor images which we have set a release tag for @@ -318,6 +317,3 @@ jobs: image: ${{ env.IMG_TAG }} command: monitor args: --debug --log-level=trace --app-vulns --severity-threshold=high - - - name: Free up space by removing the Docker Builder caches - run: docker builder prune -af \ No newline at end of file diff --git a/components/routers/epsilon-greedy/Makefile b/components/routers/epsilon-greedy/Makefile index 14a6eecc87..9b82acad37 100644 --- a/components/routers/epsilon-greedy/Makefile +++ b/components/routers/epsilon-greedy/Makefile @@ -10,3 +10,8 @@ docker-push: kind_load: docker-build kind load -v 3 docker-image ${IMAGE_NAME}:${VERSION} --name ${KIND_NAME} + +.PHONY:show_image +show_image: + @echo ${IMAGE_NAME}:${VERSION} + diff --git a/examples/models/mean_classifier/Makefile b/examples/models/mean_classifier/Makefile index f176e04177..ec90b6ea7d 100644 --- a/examples/models/mean_classifier/Makefile +++ b/examples/models/mean_classifier/Makefile @@ -32,3 +32,7 @@ redhat-image-scan: docker push quay.io/redhat-isv-containers/${project}:${VERSION} source ~/.config/seldon/seldon-core/redhat-image-passwords.sh && \ preflight check container quay.io/redhat-isv-containers/${project}:${VERSION} --docker-config=${HOME}/.docker/config.json --certification-project-id=${project} --pyxis-api-token=$${pyxis_api_token} --submit + +.PHONY:show_image +show_image: + @echo ${IMAGE_BASE}:${VERSION} \ No newline at end of file diff --git a/testing/docker/echo-model/Makefile b/testing/docker/echo-model/Makefile index cc9abd2f14..a025b1d760 100644 --- a/testing/docker/echo-model/Makefile +++ b/testing/docker/echo-model/Makefile @@ -15,3 +15,8 @@ docker-push: kind_load_image: docker-build kind load -v 3 docker-image ${IMAGE_BASE}:${VERSION} --name ${KIND_NAME} + + +.PHONY:show_image +show_image: + @echo ${IMAGE_BASE}:${VERSION} \ No newline at end of file