From f9d97d4d18e7be4131be90bd7295bebdb37d5d9c Mon Sep 17 00:00:00 2001
From: hamistao <pedro.ribeiro@canonical.com>
Date: Tue, 19 Nov 2024 10:44:17 -0300
Subject: [PATCH 1/2] github: Use `restore-keys` to get the lastest cache

restore-keys will get the latest cache with a key that has the specified prefix

Signed-off-by: hamistao <pedro.ribeiro@canonical.com>
---
 .github/workflows/security.yml | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 70c0404d31e5..45fd2b52c4c3 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -40,7 +40,9 @@ jobs:
         uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
         with:
           path: /home/runner/vuln-cache
-          key: trivy-latest-cache
+          key: download-failed # Use a non existing key to fallback to restore-keys
+          restore-keys: |
+            trivy-cache-
 
       - name: Run Trivy vulnerability scanner
         run: |
@@ -52,12 +54,10 @@ jobs:
           --output trivy-lxd-repo-scan-results.sarif .
 
       - name: Cache Trivy vulnerability database
-        uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
+        uses: actions/cache/save@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
         with:
           path: /home/runner/vuln-cache
-          key: trivy-latest-cache-${{ github.run_id }}
-          restore-keys: |
-            trivy-latest-cache
+          key: trivy-cache-${{ github.run_id }}
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
@@ -89,7 +89,9 @@ jobs:
         uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
         with:
           path: /home/runner/vuln-cache
-          key: trivy-latest-cache
+          key: download-failed # Use a non existing key to fallback to restore-keys
+          restore-keys: |
+            trivy-cache-
 
       - name: Download snap for scan
         run: |

From a2645d1413e4b9627bc529e982f20e46dad0280d Mon Sep 17 00:00:00 2001
From: hamistao <pedro.ribeiro@canonical.com>
Date: Tue, 19 Nov 2024 10:44:29 -0300
Subject: [PATCH 2/2] github: Correct step name

Signed-off-by: hamistao <pedro.ribeiro@canonical.com>
---
 .github/workflows/security.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 45fd2b52c4c3..7b3456cda775 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -35,7 +35,7 @@ jobs:
         run: trivy fs --download-db-only --cache-dir /home/runner/vuln-cache
         continue-on-error: true
 
-      - name: Use previous downloaded database
+      - name: Use previously downloaded database
         if: ${{ steps.db_download.outcome == 'failure' }}
         uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
         with: