Skip to content

Commit

Permalink
RHOAIENG-16076: fix(gha): move the trivy db to the lvm volume as to n…
Browse files Browse the repository at this point in the history
…ot run out of disk space

When I was testing this in the all-in-one PR, I had 4096 MB reserved on /.
I did not realize that trivy relied on that disk space.

```
build (codeserver-ubi9-python-3.11) / build
System.IO.IOException: No space left on device : '/home/runner/runners/2.320.0/_diag/Worker_20241125-163906-utc.log'
Unhandled exception. System.IO.IOException: No space left on device : '/home/runner/runners/2.320.0/_diag/Worker_20241125-163906-utc.log'
   at System.IO.RandomAccess.WriteAtOffset(SafeFileHandle handle, ReadOnlySpan`1 buffer, Int64 fileOffset)
   at System.IO.Strategies.BufferedFileStreamStrategy.FlushWrite()
   at System.IO.StreamWriter.Flush(Boolean flushStream, Boolean flushEncoder)
   at System.Diagnostics.TextWriterTraceListener.Flush()
   at GitHub.Runner.Common.HostTraceListener.WriteHeader(String source, TraceEventType eventType, Int32 id)
   at GitHub.Runner.Common.HostTraceListener.TraceEvent(TraceEventCache eventCache, String source, TraceEventType eventType, Int32 id, String message)
   at System.Diagnostics.TraceSource.TraceEvent(TraceEventType eventType, Int32 id, String message)
   at GitHub.Runner.Worker.Worker.RunAsync(String pipeIn, String pipeOut)
   at GitHub.Runner.Worker.Program.MainAsync(IHostContext context, String[] args)
System.IO.IOException: No space left on device : '/home/runner/runners/2.320.0/_diag/Worker_20241125-163906-utc.log'
   at System.IO.RandomAccess.WriteAtOffset(SafeFileHandle handle, ReadOnlySpan`1 buffer, Int64 fileOffset)
   at System.IO.Strategies.BufferedFileStreamStrategy.FlushWrite()
   at System.IO.StreamWriter.Flush(Boolean flushStream, Boolean flushEncoder)
   at System.Diagnostics.TextWriterTraceListener.Flush()
   at GitHub.Runner.Common.HostTraceListener.WriteHeader(String source, TraceEventType eventType, Int32 id)
   at GitHub.Runner.Common.HostTraceListener.TraceEvent(TraceEventCache eventCache, String source, TraceEventType eventType, Int32 id, String message)
   at System.Diagnostics.TraceSource.TraceEvent(TraceEventType eventType, Int32 id, String message)
   at GitHub.Runner.Common.Tracing.Error(Exception exception)
   at GitHub.Runner.Worker.Program.MainAsync(IHostContext context, String[] args)
   at System.IO.RandomAccess.WriteAtOffset(SafeFileHandle handle, ReadOnlySpan`1 buffer, Int64 fileOffset)
   at System.IO.Strategies.BufferedFileStreamStrategy.FlushWrite()
   at System.IO.StreamWriter.Flush(Boolean flushStream, Boolean flushEncoder)
   at System.Diagnostics.TextWriterTraceListener.Flush()
   at System.Diagnostics.TraceSource.Flush()
   at GitHub.Runner.Common.TraceManager.Dispose(Boolean disposing)
   at GitHub.Runner.Common.TraceManager.Dispose()
   at GitHub.Runner.Common.HostContext.Dispose(Boolean disposing)
   at GitHub.Runner.Common.HostContext.Dispose()
   at GitHub.Runner.Worker.Program.Main(String[] args)
```
  • Loading branch information
jiridanek authored and openshift-merge-bot[bot] committed Nov 25, 2024
1 parent 7265949 commit 56a49e2
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions .github/workflows/build-notebooks-TEMPLATE.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ jobs:
# GitHub image registry used for storing $(CONTAINER_ENGINE)'s cache
CACHE: "ghcr.io/${{ github.repository }}/workbench-images/build-cache"
TRIVY_VERSION: 0.57.1
TRIVY_VULNDB: "/home/runner/.local/share/containers/trivy_db"
# Targets (and their folder) that should be scanned using FS instead of IMAGE scan due to resource constraints
TRIVY_SCAN_FS_JSON: '{}'

Expand Down Expand Up @@ -164,17 +165,17 @@ jobs:
- name: Pre-pull Trivy vulnerabilities DB
if: ${{ steps.resolve-target.outputs.target }}
run: |
mkdir trivy_db
mkdir ${TRIVY_VULNDB}
podman run --rm \
--env PODMAN_SOCK \
-v ${PWD}/trivy_db:/cache \
-v ${TRIVY_VULNDB}:/cache \
docker.io/aquasec/trivy:$TRIVY_VERSION \
--cache-dir /cache \
image \
--download-db-only
podman run --rm \
--env PODMAN_SOCK \
-v ${PWD}/trivy_db:/cache \
-v ${TRIVY_VULNDB}:/cache \
docker.io/aquasec/trivy:$TRIVY_VERSION \
--cache-dir /cache \
image \
Expand Down Expand Up @@ -233,7 +234,7 @@ jobs:
podman run --rm \
$PODMAN_ARGS \
-v ${REPORT_FOLDER}:/report \
-v ${PWD}/trivy_db:/cache \
-v ${TRIVY_VULNDB}:/cache \
docker.io/aquasec/trivy:$TRIVY_VERSION \
--cache-dir /cache \
$SCAN_TYPE \
Expand Down

0 comments on commit 56a49e2

Please sign in to comment.