Post run cleanup needed

[pcolmer]

I've created a GitHub Actions workflow that follows your instructions. On the first run, it works fine.

However, on the second run, actions/checkout@master fails because it tries to clean the repository but the ".scannerwork" directory is owned by root (as that is how the Docker container runs) and the clean up fails.

I've tried adding .scannerwork to the .gitignore file but that hasn't made any difference.

It would seem that an appropriate solution would be a post run step in the action that removes the ".scannerwork" directory.

If there is an alternative solution, please share/document it.

Thanks.

[pcolmer]

Another area for cleanup is in the Docker images. It looks like every time I run a scan, yet another image entry is created:

9232b3                          039843a74c65430f92b538463e5a5b09   02865314d343        About an hour ago   1.57GB
9232b3                          1363bb3e4f2d49ee93c39ea308085d38   02865314d343        About an hour ago   1.57GB
9232b3                          39471acfe06840219371075eddcba888   02865314d343        About an hour ago   1.57GB
9232b3                          76f783956117471abce6648de7c695d4   02865314d343        About an hour ago   1.57GB
9232b3                          b87658ea439c459dad7b207b17f6bc93   02865314d343        About an hour ago   1.57GB
9232b3                          d24a9b90d7dd4fcd9631dc0979bce184   02865314d343        About an hour ago   1.57GB
9232b3                          d7d1983840554a26b2b572de4963f606   02865314d343        About an hour ago   1.57GB

Clearly they are all the same actual image (02865314d343) but it does mean that docker images is going to create a longer and longer list the more the tool is used.