From 4e93c194888f72108a6df894e2ec609d73676eb2 Mon Sep 17 00:00:00 2001 From: Michael Pregman Date: Fri, 17 May 2024 22:25:08 +0000 Subject: [PATCH 1/3] Add clean up step to image build process. This step removes "presubmit" images 30+ days old. --- cloudbuild.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/cloudbuild.yaml b/cloudbuild.yaml index 24c8eade4..67183c3e2 100644 --- a/cloudbuild.yaml +++ b/cloudbuild.yaml @@ -245,3 +245,15 @@ steps: options: pool: name: 'projects/confidential-space-images-dev/locations/us-west1/workerPools/cs-image-build-vpc' +- name: 'gcr.io/cloud-builders/gcloud' + id: PresubmitImageCleanup + waitFor: ['ExperimentsTests', 'HttpServerTests', 'DebugImageTests', 'HardenedImageTests', 'LaunchPolicyTests', 'HardenedNetworkIngressTests', 'DebugNetworkIngressTests', 'LogRedirectionTests', 'HardenedDiscoverContainerSignatureTests', 'DebugDiscoverContainerSignatureTests', 'MemoryMonitoringTests', 'ODAWithSignedContainerTest'] + script: | + #!/usr/bin/env bash + old_presubmit_images=$(gcloud compute images list --format="value[separator=' '](NAME)" --filter="creationTimestamp < -P30D AND name ~ presubmit" --project=confidential-space-images-dev --no-standard-images --verbosity=error) + if [ -n "${old_presubmit_images}" ] + then + echo "deleting old presubmit images: ${old_presubmit_images}" + gcloud compute images delete ${old_presubmit_images} --project=confidential-space-images-dev --quiet + fi + exit From 885ece2bb1f5ae2e78d9a6a74f8c9861823c0f78 Mon Sep 17 00:00:00 2001 From: Michael Pregman Date: Fri, 17 May 2024 22:25:08 +0000 Subject: [PATCH 2/3] Add clean up step to image build process. This step removes "presubmit" images 30+ days old. --- cloudbuild.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cloudbuild.yaml b/cloudbuild.yaml index 67183c3e2..d92628176 100644 --- a/cloudbuild.yaml +++ b/cloudbuild.yaml @@ -242,9 +242,6 @@ steps: gcloud builds submit --config=test_oda_with_signed_container.yaml --region us-west1 \ --substitutions _IMAGE_NAME=${OUTPUT_IMAGE_PREFIX}-hardened-${OUTPUT_IMAGE_SUFFIX},_IMAGE_PROJECT=${PROJECT_ID} exit -options: - pool: - name: 'projects/confidential-space-images-dev/locations/us-west1/workerPools/cs-image-build-vpc' - name: 'gcr.io/cloud-builders/gcloud' id: PresubmitImageCleanup waitFor: ['ExperimentsTests', 'HttpServerTests', 'DebugImageTests', 'HardenedImageTests', 'LaunchPolicyTests', 'HardenedNetworkIngressTests', 'DebugNetworkIngressTests', 'LogRedirectionTests', 'HardenedDiscoverContainerSignatureTests', 'DebugDiscoverContainerSignatureTests', 'MemoryMonitoringTests', 'ODAWithSignedContainerTest'] @@ -257,3 +254,6 @@ options: gcloud compute images delete ${old_presubmit_images} --project=confidential-space-images-dev --quiet fi exit +options: + pool: + name: 'projects/confidential-space-images-dev/locations/us-west1/workerPools/cs-image-build-vpc' \ No newline at end of file From 8c3d4fcfac84f2a057a52f9b67a7f94ca27d9a53 Mon Sep 17 00:00:00 2001 From: Michael Pregman Date: Fri, 17 May 2024 22:25:08 +0000 Subject: [PATCH 3/3] Add clean up step to image build process. This step removes "presubmit" images 30+ days old. New line --- cloudbuild.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cloudbuild.yaml b/cloudbuild.yaml index d92628176..74b5e1d5c 100644 --- a/cloudbuild.yaml +++ b/cloudbuild.yaml @@ -256,4 +256,5 @@ steps: exit options: pool: - name: 'projects/confidential-space-images-dev/locations/us-west1/workerPools/cs-image-build-vpc' \ No newline at end of file + name: 'projects/confidential-space-images-dev/locations/us-west1/workerPools/cs-image-build-vpc' + \ No newline at end of file