gradle/actions
1
0
Fork 0
mirror of https://github.com/gradle/actions.git synced 2025-04-22 18:59:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Move the env plumbing code to short-lived-token.ts

Browse Source
This commit is contained in:
Alexis Tual 2024-05-15 18:26:42 +02:00 committed by daz
parent c3c6e7d786
commit 4deb17d8b1
No known key found for this signature in database
3 changed files with 36 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/integ-test-inject-develocity.yml vendored
View File

@ -23,7 +23,7 @@ jobs:
inject-develocity: inject-develocity:
env: env:
DEVELOCITY_INJECTION_ENABLED: true DEVELOCITY_INJECTION_ENABLED: true
DEVELOCITY_URL: https://ge.solutions-team.gradle.com DEVELOCITY_URL: https://ge-helm-cluster-unstable.grdev.net
DEVELOCITY_PLUGIN_VERSION: ${{ matrix.plugin-version }} DEVELOCITY_PLUGIN_VERSION: ${{ matrix.plugin-version }}
DEVELOCITY_CCUD_PLUGIN_VERSION: '2.0' DEVELOCITY_CCUD_PLUGIN_VERSION: '2.0'
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} # required to test against GE plugin 3.16.2 GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} # required to test against GE plugin 3.16.2
@ -68,7 +68,7 @@ jobs:
inject-develocity-short-lived-token-with-input: inject-develocity-short-lived-token-with-input:
env: env:
DEVELOCITY_INJECTION_ENABLED: true DEVELOCITY_INJECTION_ENABLED: true
DEVELOCITY_URL: 'https://ge.solutions-team.gradle.com' DEVELOCITY_URL: 'https://ge-helm-cluster-unstable.grdev.net'
DEVELOCITY_PLUGIN_VERSION: ${{ matrix.plugin-version }} DEVELOCITY_PLUGIN_VERSION: ${{ matrix.plugin-version }}
DEVELOCITY_CCUD_PLUGIN_VERSION: '2.0' DEVELOCITY_CCUD_PLUGIN_VERSION: '2.0'
strategy: strategy:

32
sources/src/develocity/build-scan.ts
View File

@ -1,6 +1,6 @@
import * as core from '@actions/core' import * as core from '@actions/core'
import {BuildScanConfig} from '../configuration' import {BuildScanConfig} from '../configuration'
import {getToken} from './short-lived-token' import {setupToken} from './short-lived-token'
export async function setup(config: BuildScanConfig): Promise<void> { export async function setup(config: BuildScanConfig): Promise<void> {
maybeExportVariable('DEVELOCITY_INJECTION_INIT_SCRIPT_NAME', 'gradle-actions.inject-develocity.init.gradle') maybeExportVariable('DEVELOCITY_INJECTION_INIT_SCRIPT_NAME', 'gradle-actions.inject-develocity.init.gradle')
@ -12,30 +12,12 @@ export async function setup(config: BuildScanConfig): Promise<void> {
maybeExportVariable('DEVELOCITY_TERMS_OF_USE_URL', config.getBuildScanTermsOfUseUrl()) maybeExportVariable('DEVELOCITY_TERMS_OF_USE_URL', config.getBuildScanTermsOfUseUrl())
maybeExportVariable('DEVELOCITY_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree()) maybeExportVariable('DEVELOCITY_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree())
} }
const develocityAccesskeyEnvVar = `DEVELOCITY_ACCESS_KEY` setupToken(
if (config.getDevelocityAccessKey()) { config.getDevelocityAccessKey(),
try { config.getDevelocityTokenExpiry(),
core.debug('Fetching short-lived token...') getEnv('DEVELOCITY_ENFORCE_URL'),
const tokens = await getToken( getEnv('DEVELOCITY_URL')
getEnv('DEVELOCITY_ENFORCE_URL'), )
getEnv('DEVELOCITY_URL'),
config.getDevelocityAccessKey(),
config.getDevelocityTokenExpiry()
)
if (tokens != null && !tokens.isEmpty()) {
core.debug(`Got token(s), setting the ${develocityAccesskeyEnvVar} env var`)
const token = tokens.raw()
core.setSecret(token)
core.exportVariable(develocityAccesskeyEnvVar, token)
} else {
// In case of not being able to generate a token we set the env variable to empty to avoid leaks
core.exportVariable(develocityAccesskeyEnvVar, '')
}
} catch (e) {
core.exportVariable(develocityAccesskeyEnvVar, '')
core.warning(`Failed to fetch short-lived token, reason: ${e}`)
}
}
} }
function getEnv(variableName: string): string | undefined { function getEnv(variableName: string): string | undefined {

27
sources/src/develocity/short-lived-token.ts
View File

@ -1,6 +1,33 @@
import * as httpm from 'typed-rest-client/HttpClient' import * as httpm from 'typed-rest-client/HttpClient'
import * as core from '@actions/core' import * as core from '@actions/core'
export async function setupToken(
develocityAccessKey: string,
develocityTokenExpiry: string,
enforceUrl: string | undefined,
develocityUrl: string | undefined
): Promise<void> {
const develocityAccesskeyEnvVar = 'DEVELOCITY_ACCESS_KEY'
if (develocityAccessKey) {
try {
core.debug('Fetching short-lived token...')
const tokens = await getToken(enforceUrl, develocityUrl, develocityAccessKey, develocityTokenExpiry)
if (tokens != null && !tokens.isEmpty()) {
core.debug(`Got token(s), setting the ${develocityAccesskeyEnvVar} env var`)
const token = tokens.raw()
core.setSecret(token)
core.exportVariable(develocityAccesskeyEnvVar, token)
} else {
// In case of not being able to generate a token we set the env variable to empty to avoid leaks
core.exportVariable(develocityAccesskeyEnvVar, '')
}
} catch (e) {
core.exportVariable(develocityAccesskeyEnvVar, '')
core.warning(`Failed to fetch short-lived token, reason: ${e}`)
}
}
}
export async function getToken( export async function getToken(
enforceUrl: string | undefined, enforceUrl: string | undefined,
serverUrl: string | undefined, serverUrl: string | undefined,