From 5f1c5827bfa2b4b072fff5fb0981ba8d551d19bd Mon Sep 17 00:00:00 2001
From: Inaki Villar <inaki.seri@gmail.com>
Date: Fri, 14 Jun 2024 13:58:40 -0700
Subject: [PATCH] handle missing access token

---
 .github/workflows/integ-test-inject-develocity.yml |  4 ++--
 sources/src/develocity/short-lived-token.ts        | 11 ++++++-----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/integ-test-inject-develocity.yml b/.github/workflows/integ-test-inject-develocity.yml
index c2088f8..28b532b 100644
--- a/.github/workflows/integ-test-inject-develocity.yml
+++ b/.github/workflows/integ-test-inject-develocity.yml
@@ -155,8 +155,8 @@ jobs:
         id: gradle
         working-directory: .github/workflow-samples/no-ge
         run: gradle help
-      - name: Check access key is blank (DEVELOCITY_ACCESS_KEY)
-        run: "[ \"${DEVELOCITY_ACCESS_KEY}\" == \"\" ] || (echo 'DEVELOCITY_ACCESS_KEY has leaked!'; exit 1)"
+      - name: Check access key is not blank (DEVELOCITY_ACCESS_KEY)
+        run: "[ \"${DEVELOCITY_ACCESS_KEY}\" != \"\" ] || (echo 'using DEVELOCITY_ACCESS_KEY!'; exit 1)"
       - name: Check access key is not blank (GRADLE_ENTERPRISE_ACCESS_KEY)
         run: "[ \"${GRADLE_ENTERPRISE_ACCESS_KEY}\" != \"\" ] || (echo 'GRADLE_ENTERPRISE_ACCESS_KEY is still supported in v3!'; exit 1)"
 
diff --git a/sources/src/develocity/short-lived-token.ts b/sources/src/develocity/short-lived-token.ts
index bf92480..5ce52cf 100644
--- a/sources/src/develocity/short-lived-token.ts
+++ b/sources/src/develocity/short-lived-token.ts
@@ -19,11 +19,10 @@ export async function setupToken(
                 core.setSecret(token)
                 exportAccessKeyEnvVars(token)
             } else {
-                // In case of not being able to generate a token we set the env variable to empty to avoid leaks
-                clearAccessKeyEnvVarsWithDeprecationWarning()
+                handleMissingAccessTokenWithDeprecationWarning()
             }
         } catch (e) {
-            clearAccessKeyEnvVarsWithDeprecationWarning()
+            handleMissingAccessTokenWithDeprecationWarning()
             core.warning(`Failed to fetch short-lived token, reason: ${e}`)
         }
     }
@@ -35,12 +34,14 @@ function exportAccessKeyEnvVars(value: string): void {
     )
 }
 
-function clearAccessKeyEnvVarsWithDeprecationWarning(): void {
+function handleMissingAccessTokenWithDeprecationWarning(): void {
     if (process.env[BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
         // We do not clear the GRADLE_ENTERPRISE_ACCESS_KEY env var in v3, to let the users upgrade to DV 2024.1
         recordDeprecation(`The ${BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`)
     }
-    core.exportVariable(BuildScanConfig.DevelocityAccessKeyEnvVar, '')
+    if (process.env[BuildScanConfig.DevelocityAccessKeyEnvVar]) {
+        core.warning(`Failed to fetch short-lived token, using Develocity Access key`)
+    }
 }
 
 export async function getToken(