Merge pull request #697 from piyush-jena/iputils-advisory-fix #503
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | # This workflow caches external dependencies, build tools, and the most recent artifacts. | |
| # The cache is only usable by workflows started from pull requests against the develop branch. | |
| name: CacheLatest | |
| on: | |
| push: | |
| branches: [develop] | |
| jobs: | |
| cache: | |
| if: github.repository == 'bottlerocket-os/bottlerocket-core-kit' | |
| runs-on: | |
| group: bottlerocket | |
| labels: bottlerocket_ubuntu-latest_32-core | |
| concurrency: | |
| group: cache-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| cache-key: build-cache | |
| permissions: | |
| actions: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Install dependencies for twoliter and cargo-make. | |
| - run: sudo apt -y install build-essential openssl libssl-dev pkg-config liblz4-tool | |
| shell: bash | |
| # Install cargo-make. | |
| - run: cargo install cargo-make | |
| shell: bash | |
| # This installs twoliter. | |
| - run: make prep | |
| # This fetches any external kit dependencies. | |
| - run: make fetch | |
| # This fetches Rust crate and Go module dependencies. | |
| - run: make twoliter fetch | |
| # This builds the current packages and kits. | |
| - run: make ARCH=x86_64 | |
| - run: make ARCH=aarch64 | |
| # Delete packages that aren't needed for other builds. | |
| - run: | | |
| find build/rpms -name '*debugsource*' -type f -print -delete | |
| find build/rpms -name '*debuginfo*' -type f -print -delete | |
| find build/rpms -name '*kmod*nvidia*' -type f -print -delete | |
| # Remove the previous cache (if it exists). | |
| - run: | | |
| gh extension install actions/gh-actions-cache | |
| gh actions-cache delete "${{ env.cache-key }}" --confirm | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| continue-on-error: true | |
| # This caches the reusable artifacts for future CI runs. | |
| - uses: actions/cache/save@v4 | |
| # Save Rust dependencies | |
| with: | |
| path: | | |
| ~/.cargo | |
| .cargo | |
| .gomodcache | |
| build/external-kits | |
| build/rpms | |
| build/state | |
| target | |
| key: ${{ env.cache-key }} |