From 7003fda5de5c1eef05b68cc970817e404dd06817 Mon Sep 17 00:00:00 2001
From: Dave Sargent <dave_sargent@selinc.com>
Date: Thu, 7 Nov 2024 15:27:08 -0800
Subject: [PATCH 1/4] Attempt to clean up files in build that make each new
 container different

---
 Dockerfile                            |  6 ++++++
 Makefile                              |  8 ++++++--
 scripts/10_install_system_packages.sh | 12 ++++++++++++
 scripts/20_install_mise_packages.sh   | 18 ++++++++++++++++++
 scripts/30_install_other_apps.sh      | 18 ++++++++++++++++++
 5 files changed, 60 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 63d301d..40a0c24 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,6 +15,12 @@ LABEL org.opencontainers.image.source=https://github.com/sarg3nt/go-dev-containe
 
 ENV TZ='America/Los_Angeles'
 
+# Define the build argument
+ARG GITHUB_API_TOKEN
+
+# Set the build argument as an environment variable
+ENV GITHUB_API_TOKEN=${GITHUB_API_TOKEN}
+
 # What user will be created in the dev container and will we run under.
 # Reccomend not changing this.
 ENV USERNAME="vscode"
diff --git a/Makefile b/Makefile
index 1d4e8f4..b83947d 100644
--- a/Makefile
+++ b/Makefile
@@ -1,11 +1,15 @@
 IMAGE_NAME := ghcr.io/sarg3nt/go-dev-container
-IMAGE_TAG := 1.0.4
+IMAGE_TAG := 1.0.3
 GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD | sed 's/[\/_]/-/g')
 CURRENT_DIR := $(shell pwd)
 
 .PHONY: build
 build:
-	docker build -t "$(IMAGE_NAME):$(IMAGE_TAG)-$(GIT_BRANCH)" .
+	docker build --build-arg GITHUB_API_TOKEN=${GITHUB_TOKEN} -t "$(IMAGE_NAME):$(IMAGE_TAG)-$(GIT_BRANCH)" .
+
+.PHONY: build-no-cache
+build-no-cache:
+	docker build --build-arg GITHUB_API_TOKEN=${GITHUB_TOKEN} --no-cache -t "$(IMAGE_NAME):$(IMAGE_TAG)-$(GIT_BRANCH)" .
 
 .PHONY: run
 run:
diff --git a/scripts/10_install_system_packages.sh b/scripts/10_install_system_packages.sh
index 918136a..eae1823 100755
--- a/scripts/10_install_system_packages.sh
+++ b/scripts/10_install_system_packages.sh
@@ -96,6 +96,18 @@ main() {
 
   log "Deleting files from /tmp" "green"
   rm -rf /tmp/*
+  log "Deleting all .git directories." "green"
+  sudo find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
+  log "Deleting /etc/machine-id." "green"
+  sudo rm -rf /etc/machine-id
+  log "Deleting /var/log/dnf.librepo.log." "green"
+  sudo rm -rf /var/log/dnf.librepo.log
+  log "Deleting /var/log/dnf.log." "green"
+  sudo rm -rf /var/log/dnf.log
+  log "Deleting /var/log/dnf.rpm.log." "green"
+  sudo rm -rf /var/log/dnf.rpm.log
+  log "Deleting /var/log/hawkey.log." "green"
+  sudo rm -rf /var/log/hawkey.log
 }
 
 # Run main
diff --git a/scripts/20_install_mise_packages.sh b/scripts/20_install_mise_packages.sh
index e445b83..3ee1f38 100755
--- a/scripts/20_install_mise_packages.sh
+++ b/scripts/20_install_mise_packages.sh
@@ -31,6 +31,24 @@ main() {
 
   log "Deleting files from /tmp" "green"
   sudo rm -rf /tmp/*
+
+  log "Cleaning go caches" "green"
+  go clean -cache
+  go clean -testcache
+  go clean -fuzzcache
+  go clean -modcache
+
+  log "Deleting all .git directories." "green"
+  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
+  rm -rf /etc/machine-id
+  rm -rf /var/log/dnf.librepo.log
+  rm -rf /var/log/dnf.log
+  rm -rf /var/log/dnf.rpm.log
+  rm -rf /var/log/hawkey.log 
+  rm -rf /home/vscode/.cache/go-build/trim.txt
+  rm -rf /home/vscode/.cache/go-build/testexpire.txt 
+  rm -rf /home/vscode/.config/go/telemetry/*
+  rm -rf /home/vscode/go/pkg/sumdb/sum.golang.org/latest
 }
 
 # Run main
diff --git a/scripts/30_install_other_apps.sh b/scripts/30_install_other_apps.sh
index b2ab7cc..f519ae5 100755
--- a/scripts/30_install_other_apps.sh
+++ b/scripts/30_install_other_apps.sh
@@ -70,6 +70,24 @@ clean_up() {
   echo ""
   log "Deleting files from /tmp" "green"
   sudo rm -rf /tmp/*
+
+  log "Cleaning go caches" "green"
+  go clean -cache
+  go clean -testcache
+  go clean -fuzzcache
+  go clean -modcache
+
+  log "Deleting all .git directories." "green"
+  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
+  rm -rf /etc/machine-id
+  rm -rf /var/log/dnf.librepo.log
+  rm -rf /var/log/dnf.log
+  rm -rf /var/log/dnf.rpm.log
+  rm -rf /var/log/hawkey.log
+  rm -rf /home/vscode/.cache/go-build/trim.txt
+  rm -rf /home/vscode/.cache/go-build/testexpire.txt
+  rm -rf /home/vscode/.config/go/telemetry/*
+  rm -rf /home/vscode/go/pkg/sumdb/sum.golang.org/latest
 }
 
 # Run main

From 47f09e9bef20c1b3d242a1ff074503d06508b60f Mon Sep 17 00:00:00 2001
From: Dave Sargent <dave_sargent@selinc.com>
Date: Fri, 8 Nov 2024 14:11:48 -0800
Subject: [PATCH 2/4] Clean up many files to make image smaller

---
 Dockerfile                            |  1 -
 Makefile                              |  4 +-
 scripts/10_install_system_packages.sh | 67 +++++++++++++++++++--------
 scripts/20_install_mise_packages.sh   | 40 +++++++++-------
 scripts/30_install_other_apps.sh      | 31 ++++++++-----
 5 files changed, 92 insertions(+), 51 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 40a0c24..f5193bd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -44,7 +44,6 @@ COPY --chown=vscode:vscode home/vscode/.config/mise /home/vscode/.config/mise
 ARG MISE_VERBOSE=0
 ARG RUST_BACKTRACE=0
 RUN --mount=type=bind,source=scripts/20_install_mise_packages.sh,target=/20.sh,ro bash -c "/20.sh"
-
 RUN --mount=type=bind,source=scripts/30_install_other_apps.sh,target=/30.sh,ro bash -c "/30.sh"
 
 COPY --chown=vscode:vscode home /home/
diff --git a/Makefile b/Makefile
index b83947d..bbb1c78 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,5 @@
 IMAGE_NAME := ghcr.io/sarg3nt/go-dev-container
-IMAGE_TAG := 1.0.3
+IMAGE_TAG := 1.0.4
 GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD | sed 's/[\/_]/-/g')
 CURRENT_DIR := $(shell pwd)
 
@@ -9,7 +9,7 @@ build:
 
 .PHONY: build-no-cache
 build-no-cache:
-	docker build --build-arg GITHUB_API_TOKEN=${GITHUB_TOKEN} --no-cache -t "$(IMAGE_NAME):$(IMAGE_TAG)-$(GIT_BRANCH)" .
+	docker build --build-arg GITHUB_API_TOKEN=${GITHUB_TOKEN} --progress=plain --no-cache -t "$(IMAGE_NAME):$(IMAGE_TAG)-$(GIT_BRANCH)" .
 
 .PHONY: run
 run:
diff --git a/scripts/10_install_system_packages.sh b/scripts/10_install_system_packages.sh
index eae1823..634c71d 100755
--- a/scripts/10_install_system_packages.sh
+++ b/scripts/10_install_system_packages.sh
@@ -8,10 +8,17 @@ IFS=$'\n\t'
 # Install system packages
 main() {
   source "/usr/bin/lib/sh/log.sh"
+  install_system_packages
+  install_devcontainer_features
+  cleanup
+}
+
+install_system_packages() {
   log "10_install_system_packages.sh" "blue"
 
   log "Adding install_weak_deps=False to /etc/dnf/dnf.conf" "green"
   echo "install_weak_deps=False" >>/etc/dnf/dnf.conf
+  echo "keepcache=0" >>/etc/dnf/dnf.conf
 
   log "Installing epel release" "green"
   dnf install -y epel-release && dnf clean all
@@ -19,9 +26,6 @@ main() {
   log "Installing dnf plugins core" "green"
   dnf install -y dnf-plugins-core
 
-  log "Running /usr/bin/crb enable" "green"
-  /usr/bin/crb enable
-
   log "Adding docker ce repo" "green"
   dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
 
@@ -66,7 +70,9 @@ main() {
 
   log "Installing xz zip unzip" "green"
   dnf install -y xz zip unzip
+}
 
+install_devcontainer_features() {
   log "Installing dev container features" "blue"
   log "Exporting dev container features install.sh config variables." "green"
   export CONFIGUREZSHASDEFAULTSHELL=true
@@ -84,30 +90,53 @@ main() {
   cd /tmp/source/features/src/common-utils/
   ./install.sh
   cd -
+}
 
-  dnf -y remove epel-release
-  dnf -y remove dnf-plugins-core
+cleanup() {
+  #dnf -y remove epel-release
+  #dnf -y remove dnf-plugins-core
+
+  echo ""
+  log "Deleting files from /tmp" "green"
+  sudo rm -rf /tmp/*
+
+  log "Deleting all .git directories." "green"
+  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
 
   log "Running dnf autoremove" "green"
-  dnf autoremove -y
+  sudo dnf autoremove -y
 
   log "Running dnf clean all" "green"
-  dnf clean all
+  sudo dnf clean all
 
-  log "Deleting files from /tmp" "green"
-  rm -rf /tmp/*
-  log "Deleting all .git directories." "green"
-  sudo find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
   log "Deleting /etc/machine-id." "green"
   sudo rm -rf /etc/machine-id
-  log "Deleting /var/log/dnf.librepo.log." "green"
-  sudo rm -rf /var/log/dnf.librepo.log
-  log "Deleting /var/log/dnf.log." "green"
-  sudo rm -rf /var/log/dnf.log
-  log "Deleting /var/log/dnf.rpm.log." "green"
-  sudo rm -rf /var/log/dnf.rpm.log
-  log "Deleting /var/log/hawkey.log." "green"
-  sudo rm -rf /var/log/hawkey.log
+
+  log "Deleting /etc/pki/ca-trust/extracted/java/cacerts." "green"
+  sudo rm -rf /etc/pki/ca-trust/extracted/java/cacerts
+
+  log "Deleting /var/cache/ldconfig/aux-cache" "green"
+  sudo rm -rf /var/cache/ldconfig/aux-cache
+
+  log "Deleting dnf data" "green"
+  sudo rm -rf /var/lib/dnf/repos/*
+  sudo rm -rf /var/lib/dnf/history.sqlite-shm
+  sudo rm -rf /var/lib/dnf/history.sqlite
+  sudo rm -rf /var/lib/dnf/history.sqlite-wal
+
+  log "Cleaning RPM database files" "green"
+  sudo rm -f /var/lib/rpm/*
+  #sudo rm -f /var/lib/rpm/__db.*
+  #sudo rm -f /var/lib/rpm/Packages
+  #sudo rm -f /var/lib/rpm/rpmdb.sqlite 2>/dev/null || true
+  sudo rpm --initdb
+
+  log "Deleting all data in /var/log" "green"
+  sudo rm -rf /var/log/*
+
+  log "Delete Python cache files" "green"
+  sudo find / -name "__pycache__" -type d -exec rm -r {} + 2>/dev/null || true
+  sudo find / -name "*.pyc" -exec rm -f {} + 2>/dev/null || true
 }
 
 # Run main
diff --git a/scripts/20_install_mise_packages.sh b/scripts/20_install_mise_packages.sh
index 3ee1f38..d7d9007 100755
--- a/scripts/20_install_mise_packages.sh
+++ b/scripts/20_install_mise_packages.sh
@@ -5,30 +5,29 @@ IFS=$'\n\t'
 
 main() {
   source "/usr/bin/lib/sh/log.sh"
+  install_mise_packages
+  cleanup
+}
 
-  ############ Install mise
+install_mise_packages() {
   log "20_install_mise_packages.sh" "blue"
 
   # Mise is installed in the docker file from it's master docker branch.
   log "Configuring mise" "green"
   export PATH="$HOME/.local/share/mise/shims:$HOME/.local/bin/:$PATH"
 
-  if [[ -n "${GITHUB_API_TOKEN:-}" ]]; then
-    log "GITHUB_API_TOKEN found" "green"
-  else
-    log "GITHUB_API_TOKEN not found" "yellow"
-  fi
-
   log "Mise version" "green"
   mise version
 
   log "Trusting configuration files" "green"
   mise trust "$HOME/.config/mise/config.toml"
-  mise trust --all
 
   log "Installing tools with mise" "green"
   mise install --yes
+}
 
+cleanup() {
+  echo ""
   log "Deleting files from /tmp" "green"
   sudo rm -rf /tmp/*
 
@@ -40,15 +39,22 @@ main() {
 
   log "Deleting all .git directories." "green"
   find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
-  rm -rf /etc/machine-id
-  rm -rf /var/log/dnf.librepo.log
-  rm -rf /var/log/dnf.log
-  rm -rf /var/log/dnf.rpm.log
-  rm -rf /var/log/hawkey.log 
-  rm -rf /home/vscode/.cache/go-build/trim.txt
-  rm -rf /home/vscode/.cache/go-build/testexpire.txt 
-  rm -rf /home/vscode/.config/go/telemetry/*
-  rm -rf /home/vscode/go/pkg/sumdb/sum.golang.org/latest
+
+  log "Clearing mise cache." "green"
+  mise cache clear
+
+  log "Deleting go cache files" "green"
+  sudo rm -rf /home/vscode/.cache/go-build/trim.txt
+  sudo rm -rf /home/vscode/.cache/go-build/testexpire.txt
+  sudo rm -rf /home/vscode/.config/go/telemetry/*
+  sudo rm -rf /home/vscode/go/pkg/sumdb/sum.golang.org/latest
+
+  log "Deleting all data in /var/log" "green"
+  sudo rm -rf /var/log/*
+
+  log "Delete Python cache files" "green"
+  sudo find / -name "__pycache__" -type d -exec rm -r {} + 2>/dev/null || true
+  sudo find / -name "*.pyc" -exec rm -f {} + 2>/dev/null || true
 }
 
 # Run main
diff --git a/scripts/30_install_other_apps.sh b/scripts/30_install_other_apps.sh
index f519ae5..763f8d3 100755
--- a/scripts/30_install_other_apps.sh
+++ b/scripts/30_install_other_apps.sh
@@ -17,8 +17,8 @@ main() {
   add_fzf_completions_files
   install_kubectx_kubens_completions
   install_omz_plugins
-  clean_up
-  date +"%B %d %Y" >/home/vscode/build_date.txt
+  cleanup
+  #date +"%B %d %Y" >/home/vscode/build_date.txt
 }
 
 add_go_tools() {
@@ -66,7 +66,7 @@ install_omz_plugins() {
   git clone --depth 1 -- https://github.com/zsh-users/zsh-completions.git "${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/plugins/zsh-completions"
 }
 
-clean_up() {
+cleanup() {
   echo ""
   log "Deleting files from /tmp" "green"
   sudo rm -rf /tmp/*
@@ -79,15 +79,22 @@ clean_up() {
 
   log "Deleting all .git directories." "green"
   find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
-  rm -rf /etc/machine-id
-  rm -rf /var/log/dnf.librepo.log
-  rm -rf /var/log/dnf.log
-  rm -rf /var/log/dnf.rpm.log
-  rm -rf /var/log/hawkey.log
-  rm -rf /home/vscode/.cache/go-build/trim.txt
-  rm -rf /home/vscode/.cache/go-build/testexpire.txt
-  rm -rf /home/vscode/.config/go/telemetry/*
-  rm -rf /home/vscode/go/pkg/sumdb/sum.golang.org/latest
+
+  log "Clearing mise cache." "green"
+  mise cache clear
+
+  log "Deleting go cache files" "green"
+  sudo rm -rf /home/vscode/.cache/go-build/trim.txt
+  sudo rm -rf /home/vscode/.cache/go-build/testexpire.txt
+  sudo rm -rf /home/vscode/.config/go/telemetry/*
+  sudo rm -rf /home/vscode/go/pkg/sumdb/sum.golang.org/latest
+
+  log "Deleting all data in /var/log" "green"
+  sudo rm -rf /var/log/*
+
+  log "Delete Python cache files" "green"
+  sudo find / -name "__pycache__" -type d -exec rm -r {} + 2>/dev/null || true
+  sudo find / -name "*.pyc" -exec rm -f {} + 2>/dev/null || true
 }
 
 # Run main

From 70e7241fa78774cb81fb289d0c4b9cd93b8c6422 Mon Sep 17 00:00:00 2001
From: Dave Sargent <dave_sargent@selinc.com>
Date: Fri, 8 Nov 2024 15:15:49 -0800
Subject: [PATCH 3/4] Giving up on multi build difference fixes. Keeping the
 deletion of uneeded files to reduce size.

---
 Dockerfile                            |  8 ++----
 scripts/10_install_system_packages.sh | 41 +++++++--------------------
 scripts/20_install_mise_packages.sh   | 27 +++++++++++-------
 scripts/30_install_other_apps.sh      | 28 +++++++++++-------
 4 files changed, 48 insertions(+), 56 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f5193bd..d6fa716 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,11 +15,9 @@ LABEL org.opencontainers.image.source=https://github.com/sarg3nt/go-dev-containe
 
 ENV TZ='America/Los_Angeles'
 
-# Define the build argument
-ARG GITHUB_API_TOKEN
-
-# Set the build argument as an environment variable
-ENV GITHUB_API_TOKEN=${GITHUB_API_TOKEN}
+# Here for local builds, not used for main pipeline as the security tools gets snippy.
+# ARG GITHUB_API_TOKEN
+# ENV GITHUB_API_TOKEN=${GITHUB_API_TOKEN}
 
 # What user will be created in the dev container and will we run under.
 # Reccomend not changing this.
diff --git a/scripts/10_install_system_packages.sh b/scripts/10_install_system_packages.sh
index 634c71d..46d3b05 100755
--- a/scripts/10_install_system_packages.sh
+++ b/scripts/10_install_system_packages.sh
@@ -93,50 +93,31 @@ install_devcontainer_features() {
 }
 
 cleanup() {
-  #dnf -y remove epel-release
-  #dnf -y remove dnf-plugins-core
+  log "Running cleanup" "blue"
 
-  echo ""
   log "Deleting files from /tmp" "green"
-  sudo rm -rf /tmp/*
+  sudo rm -rfv /tmp/*
+  echo ""
 
   log "Deleting all .git directories." "green"
-  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
+  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rfv {} + 2>/dev/null || true
+  echo ""
 
   log "Running dnf autoremove" "green"
   sudo dnf autoremove -y
+  echo ""
 
   log "Running dnf clean all" "green"
   sudo dnf clean all
-
-  log "Deleting /etc/machine-id." "green"
-  sudo rm -rf /etc/machine-id
-
-  log "Deleting /etc/pki/ca-trust/extracted/java/cacerts." "green"
-  sudo rm -rf /etc/pki/ca-trust/extracted/java/cacerts
-
-  log "Deleting /var/cache/ldconfig/aux-cache" "green"
-  sudo rm -rf /var/cache/ldconfig/aux-cache
-
-  log "Deleting dnf data" "green"
-  sudo rm -rf /var/lib/dnf/repos/*
-  sudo rm -rf /var/lib/dnf/history.sqlite-shm
-  sudo rm -rf /var/lib/dnf/history.sqlite
-  sudo rm -rf /var/lib/dnf/history.sqlite-wal
-
-  log "Cleaning RPM database files" "green"
-  sudo rm -f /var/lib/rpm/*
-  #sudo rm -f /var/lib/rpm/__db.*
-  #sudo rm -f /var/lib/rpm/Packages
-  #sudo rm -f /var/lib/rpm/rpmdb.sqlite 2>/dev/null || true
-  sudo rpm --initdb
+  echo ""
 
   log "Deleting all data in /var/log" "green"
-  sudo rm -rf /var/log/*
+  sudo rm -rfv /var/log/*
+  echo ""
 
   log "Delete Python cache files" "green"
-  sudo find / -name "__pycache__" -type d -exec rm -r {} + 2>/dev/null || true
-  sudo find / -name "*.pyc" -exec rm -f {} + 2>/dev/null || true
+  sudo find / -name "__pycache__" -type d -exec rm -rfv {} + 2>/dev/null || true
+  sudo find / -name "*.pyc" -exec rm -fv {} + 2>/dev/null || true
 }
 
 # Run main
diff --git a/scripts/20_install_mise_packages.sh b/scripts/20_install_mise_packages.sh
index d7d9007..5312fed 100755
--- a/scripts/20_install_mise_packages.sh
+++ b/scripts/20_install_mise_packages.sh
@@ -27,34 +27,41 @@ install_mise_packages() {
 }
 
 cleanup() {
-  echo ""
+  log "Running cleanup" "blue"
+
   log "Deleting files from /tmp" "green"
-  sudo rm -rf /tmp/*
+  sudo rm -rfv /tmp/*
+  echo ""
 
   log "Cleaning go caches" "green"
   go clean -cache
   go clean -testcache
   go clean -fuzzcache
   go clean -modcache
+  echo ""
 
   log "Deleting all .git directories." "green"
-  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
+  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rmv -rf {} + 2>/dev/null || true
+  echo ""
 
   log "Clearing mise cache." "green"
   mise cache clear
+  echo ""
 
   log "Deleting go cache files" "green"
-  sudo rm -rf /home/vscode/.cache/go-build/trim.txt
-  sudo rm -rf /home/vscode/.cache/go-build/testexpire.txt
-  sudo rm -rf /home/vscode/.config/go/telemetry/*
-  sudo rm -rf /home/vscode/go/pkg/sumdb/sum.golang.org/latest
+  sudo rm -rfv /home/vscode/.cache/go-build/trim.txt
+  sudo rm -rfv /home/vscode/.cache/go-build/testexpire.txt
+  sudo rm -rfv /home/vscode/.config/go/telemetry/*
+  sudo rm -rfv /home/vscode/go/pkg/sumdb/sum.golang.org/latest
+  echo ""
 
   log "Deleting all data in /var/log" "green"
-  sudo rm -rf /var/log/*
+  sudo rm -rfv /var/log/*
+  echo ""
 
   log "Delete Python cache files" "green"
-  sudo find / -name "__pycache__" -type d -exec rm -r {} + 2>/dev/null || true
-  sudo find / -name "*.pyc" -exec rm -f {} + 2>/dev/null || true
+  sudo find / -name "__pycache__" -type d -exec rm -rfv {} + 2>/dev/null || true
+  sudo find / -name "*.pyc" -exec rm -fv {} + 2>/dev/null || true
 }
 
 # Run main
diff --git a/scripts/30_install_other_apps.sh b/scripts/30_install_other_apps.sh
index 763f8d3..9562582 100755
--- a/scripts/30_install_other_apps.sh
+++ b/scripts/30_install_other_apps.sh
@@ -18,7 +18,7 @@ main() {
   install_kubectx_kubens_completions
   install_omz_plugins
   cleanup
-  #date +"%B %d %Y" >/home/vscode/build_date.txt
+  date +"%B %d %Y" >/home/vscode/build_date.txt
 }
 
 add_go_tools() {
@@ -67,34 +67,40 @@ install_omz_plugins() {
 }
 
 cleanup() {
-  echo ""
+  log "Running cleanup" "blue"
   log "Deleting files from /tmp" "green"
-  sudo rm -rf /tmp/*
+  sudo rm -rfv /tmp/*
+  echo ""
 
   log "Cleaning go caches" "green"
   go clean -cache
   go clean -testcache
   go clean -fuzzcache
   go clean -modcache
+  echo ""
 
   log "Deleting all .git directories." "green"
-  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rf {} + 2>/dev/null || true
+  find / -path /proc -prune -o -type d -name ".git" -not -path '/.git' -exec rm -rfv {} + 2>/dev/null || true
+  echo ""
 
   log "Clearing mise cache." "green"
   mise cache clear
+  echo ""
 
   log "Deleting go cache files" "green"
-  sudo rm -rf /home/vscode/.cache/go-build/trim.txt
-  sudo rm -rf /home/vscode/.cache/go-build/testexpire.txt
-  sudo rm -rf /home/vscode/.config/go/telemetry/*
-  sudo rm -rf /home/vscode/go/pkg/sumdb/sum.golang.org/latest
+  sudo rm -rfv /home/vscode/.cache/go-build/trim.txt
+  sudo rm -rfv /home/vscode/.cache/go-build/testexpire.txt
+  sudo rm -rfv /home/vscode/.config/go/telemetry/*
+  sudo rm -rfv /home/vscode/go/pkg/sumdb/sum.golang.org/latest
+  echo ""
 
   log "Deleting all data in /var/log" "green"
-  sudo rm -rf /var/log/*
+  sudo rm -rfv /var/log/*
+  echo ""
 
   log "Delete Python cache files" "green"
-  sudo find / -name "__pycache__" -type d -exec rm -r {} + 2>/dev/null || true
-  sudo find / -name "*.pyc" -exec rm -f {} + 2>/dev/null || true
+  sudo find / -name "__pycache__" -type d -exec rm -rfv {} + 2>/dev/null || true
+  sudo find / -name "*.pyc" -exec rm -fv {} + 2>/dev/null || true
 }
 
 # Run main

From c6860e1c42977b1760b7146edb8670782d49f2ac Mon Sep 17 00:00:00 2001
From: Dave Sargent <dave_sargent@selinc.com>
Date: Fri, 8 Nov 2024 15:25:26 -0800
Subject: [PATCH 4/4] Remove compare containers

---
 .github/workflows/release-weekly.yml   | 22 ++---------
 .github/workflows/release.yml          |  6 +--
 .github/workflows/scorecard.yml        |  8 ++--
 .github/workflows/trivy.yml            | 10 ++---
 workflow_scripts/compare_containers.sh | 53 --------------------------
 5 files changed, 15 insertions(+), 84 deletions(-)
 delete mode 100755 workflow_scripts/compare_containers.sh

diff --git a/.github/workflows/release-weekly.yml b/.github/workflows/release-weekly.yml
index 344e7c1..dfd63c2 100644
--- a/.github/workflows/release-weekly.yml
+++ b/.github/workflows/release-weekly.yml
@@ -39,7 +39,7 @@ jobs:
           fetch-depth: 0
           fetch-tags: true
 
-      - name: Get the latest version
+      - name: Get the Latest Version
         id: get_version
         run: bash ${GITHUB_WORKSPACE}/workflow_scripts/get_latest_version.sh
         env:
@@ -47,31 +47,16 @@ jobs:
           REGISTRY: ${{ env.REGISTRY }}
           REPOSITORY: ${{ env.REPOSITORY }}
 
-      - name: Log into registry
+      - name: Log Into Registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build Docker image
+      - name: Build and Push Docker image
         id: build
         uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75
-        with:
-          push: false
-          tags: ${{ env.TAG_MAJOR }},${{ env.TAG_MINOR }},${{ env.TAG_PATCH }},${{ env.TAG_LATEST }}
-
-      - name: Compare the Old and New Docker Images
-        id: compare_versions
-        run: bash ${GITHUB_WORKSPACE}/workflow_scripts/compare_containers.sh
-        env:
-          GH_TOKEN: ${{ github.token }}
-          TAG_OLD: ${{ env.TAG_OLD }}
-          TAG_PATCH: ${{ env.TAG_PATCH }}
-
-      - name: Push Docker image
-        if: steps.compare_versions.outputs.continue == 'true'
-        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75
         with:
           push: true
           tags: ${{ env.TAG_MAJOR }},${{ env.TAG_MINOR }},${{ env.TAG_PATCH }},${{ env.TAG_LATEST }}
@@ -79,7 +64,6 @@ jobs:
       # Docs: https://github.com/marketplace/actions/create-release
       - name: Create Release
         id: create_release
-        if: steps.compare_versions.outputs.continue == 'true'
         uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5
         with:
           body: "A Weekly release containing upgrades to system packages in the base Rocky Linux container."
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index bf6d68c..bc22c55 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -32,7 +32,7 @@ jobs:
           fetch-depth: 0
           fetch-tags: true
 
-      - name: Log into registry
+      - name: Log Into Registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
         with:
           registry: ${{ env.REGISTRY }}
@@ -40,7 +40,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # During a release workflow the new git tag is provided and is automatically used by this step to generate the new image tags.
-      - name: Extract Docker metadata
+      - name: Extract Docker Metadata
         id: meta
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
         with:
@@ -50,7 +50,7 @@ jobs:
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
 
-      - name: Build and push Docker image
+      - name: Build and Push Docker Image
         uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75
         with:
           context: .
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 24f7450..b03c7f7 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -50,12 +50,12 @@ jobs:
             tuf-repo-cdn.sigstore.dev:443
             www.bestpractices.dev:443
 
-      - name: "Checkout code"
+      - name: "Checkout Code"
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
         with:
           persist-credentials: false
 
-      - name: "Run analysis"
+      - name: "Run Analysis"
         uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46
         with:
           results_file: results.sarif
@@ -77,7 +77,7 @@ jobs:
 
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
-      - name: "Upload artifact"
+      - name: "Upload Artifact"
         uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
         with:
           name: SARIF file
@@ -86,7 +86,7 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
-      - name: "Upload to code-scanning"
+      - name: "Upload to Code-Scanning"
         uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 2e3684e..dcb6334 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -36,23 +36,23 @@ jobs:
           disable-sudo: true
           egress-policy: audit
 
-      - name: Log into registry
+      - name: Log Into Registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Checkout code
+      - name: Checkout Code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
 
-      - name: Build Docker image
+      - name: Build Docker Image
         uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75
         with:
           push: false
           tags: ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ github.sha }}
 
-      - name: Run Trivy vulnerability scanner
+      - name: Run Trivy Vulnerability Scanner
         uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2
         with:
           image-ref: '${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ github.sha }}'
@@ -64,7 +64,7 @@ jobs:
           TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
           TRIVY_SKIP_JAVA_DB_UPDATE: true
 
-      - name: Upload Trivy scan results to GitHub Security tab
+      - name: Upload Trivy Results
         uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd
         with:
           sarif_file: 'trivy-results.sarif'
diff --git a/workflow_scripts/compare_containers.sh b/workflow_scripts/compare_containers.sh
deleted file mode 100755
index 0f98589..0000000
--- a/workflow_scripts/compare_containers.sh
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/bin/bash
-
-#cspell:ignore diffoci
-
-set -euo pipefail
-IFS=$'\n\t'
-
-main() {
-  if [ -z "${TAG_OLD:-}" ]; then
-    echo "Error: TAG_OLD is not set."
-    exit 1
-  fi
-
-  if [ -z "${TAG_PATCH:-}" ]; then
-    echo "Error: TAG_PATCH is not set."
-    exit 1
-  fi
-
-  echo "Downloading the diffoci binary."
-  latest_release_url=$(gh release view -R reproducible-containers/diffoci --json assets -q '.assets[] | select(.name | test("linux-amd64")) | .url')
-  echo "Using the latest release URL: $latest_release_url"
-  curl -L -o diffoci "$latest_release_url"
-  chmod +x diffoci
-  # Github runner does not print empty echos. :(
-  echo "-"
-
-  echo "Pulling the previous Docker image to compare."
-  docker pull "${TAG_OLD}"
-  echo "-"
-
-  echo "Checking if the images are different with diffoci."
-  OLD_IMAGE="docker://${TAG_OLD}"
-  NEW_IMAGE="docker://${TAG_PATCH}"
-  set +e
-  ./diffoci diff --semantic "$OLD_IMAGE" "$NEW_IMAGE"
-  DIFFOCI_EXIT_CODE=$?
-  set -e
-  echo "-"
-
-  # Check the exit code of diffoci. If it is zero then there are no changes, otherwise there are.
-  if [ $DIFFOCI_EXIT_CODE -eq 0 ]; then
-    echo "The images appear to be the same, exiting."
-    echo "continue=false" >>"$GITHUB_OUTPUT"
-    exit 0
-  fi
-
-  echo "The images appear to be different.  Continuing."
-  echo "continue=true" >>"$GITHUB_OUTPUT"
-}
-
-if ! (return 0 2>/dev/null); then
-  (main "$@")
-fi