diff --git a/.github/workflows/ci-dependency-review.yml b/.github/workflows/ci-dependency-review.yml index 5876390..b31c1ee 100644 --- a/.github/workflows/ci-dependency-review.yml +++ b/.github/workflows/ci-dependency-review.yml @@ -8,7 +8,7 @@ name: CI-dependency-review on: [pull_request] permissions: - contents: read + contents: write jobs: dependency-review: @@ -16,9 +16,13 @@ jobs: steps: - name: 'Checkout Repository' uses: actions/checkout@v4 - - name: 'Dependency Submission' + - name: Dependencies for groovy-dsl uses: ./dependency-submission with: build-root-directory: .github/workflow-samples/groovy-dsl + - name: Dependencies for kotlin-dsl + uses: ./dependency-submission + with: + build-root-directory: .github/workflow-samples/kotlin-dsl - name: 'Dependency Review' uses: actions/dependency-review-action@v4 diff --git a/.github/workflows/ci-full-check.yml b/.github/workflows/ci-full-check.yml index 7fedc09..d2e3219 100644 --- a/.github/workflows/ci-full-check.yml +++ b/.github/workflows/ci-full-check.yml @@ -38,11 +38,6 @@ jobs: with: cache-key-prefix: ${{github.run_number}}- - dependency-graph-failures: - uses: ./.github/workflows/integ-test-dependency-graph-failures.yml - with: - cache-key-prefix: ${{github.run_number}}- - dependency-submission: uses: ./.github/workflows/integ-test-dependency-submission.yml permissions: @@ -50,6 +45,11 @@ jobs: with: cache-key-prefix: ${{github.run_number}}- + dependency-submission-failures: + uses: ./.github/workflows/integ-test-dependency-submission-failures.yml + with: + cache-key-prefix: ${{github.run_number}}- + execution-with-caching: uses: ./.github/workflows/integ-test-execution-with-caching.yml with: diff --git a/.github/workflows/ci-quick-check.yml b/.github/workflows/ci-quick-check.yml index de7607e..32e481f 100644 --- a/.github/workflows/ci-quick-check.yml +++ b/.github/workflows/ci-quick-check.yml @@ -62,16 +62,18 @@ jobs: runner-os: '["ubuntu-latest"]' download-dist: true - dependency-graph-failures: + dependency-submission: needs: build-distribution - uses: ./.github/workflows/integ-test-dependency-graph-failures.yml + uses: ./.github/workflows/integ-test-dependency-submission.yml + permissions: + contents: write with: runner-os: '["ubuntu-latest"]' download-dist: true - dependency-submission: + dependency-submission-failures: needs: build-distribution - uses: ./.github/workflows/integ-test-dependency-submission.yml + uses: ./.github/workflows/integ-test-dependency-submission-failures.yml permissions: contents: write with: diff --git a/.github/workflows/demo-job-summary.yml b/.github/workflows/demo-job-summary.yml index 7850e93..0ff7ec7 100644 --- a/.github/workflows/demo-job-summary.yml +++ b/.github/workflows/demo-job-summary.yml @@ -40,6 +40,11 @@ jobs: working-directory: .github/workflow-samples/groovy-dsl continue-on-error: true run: ./gradlew not-a-real-task + - name: Dependency submission + uses: ./dependency-submission + with: + build-root-directory: .github/workflow-samples/groovy-dsl + dependency-graph: generate-and-upload successful-builds-with-no-summary: runs-on: ubuntu-latest diff --git a/.github/workflows/integ-test-dependency-graph-failures.yml b/.github/workflows/integ-test-dependency-graph-failures.yml deleted file mode 100644 index 988e690..0000000 --- a/.github/workflows/integ-test-dependency-graph-failures.yml +++ /dev/null @@ -1,133 +0,0 @@ -name: Test dependency graph - -on: - workflow_call: - inputs: - cache-key-prefix: - type: string - runner-os: - type: string - default: '["ubuntu-latest"]' - download-dist: - type: boolean - default: false - -env: - DOWNLOAD_DIST: ${{ inputs.download-dist }} - GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: dependency-graph-${{ inputs.cache-key-prefix }} - -jobs: - failing-build: - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - name: Initialize integ-test - uses: ./.github/actions/init-integ-test - - - name: Setup Gradle for dependency-graph generate - uses: ./setup-gradle - with: - dependency-graph: generate - dependency-graph-continue-on-failure: true - - name: Run build that will fail - id: gradle-build - continue-on-error: true - run: ./gradlew build fail - working-directory: .github/workflow-samples/groovy-dsl - - name: Check no dependency graph is generated - shell: bash - run: | - if [ ! -z "$(ls -A dependency-graph-reports)" ]; then - echo "Expected no dependency graph files to be generated" - ls -l dependency-graph-reports - exit 1 - fi - - unsupported-gradle-version-warning: - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - name: Initialize integ-test - uses: ./.github/actions/init-integ-test - - - name: Setup Gradle for dependency-graph generate - uses: ./setup-gradle - with: - gradle-version: 7.0.1 - dependency-graph: generate - dependency-graph-continue-on-failure: true - - name: Run with unsupported Gradle version - working-directory: .github/workflow-samples/groovy-dsl - run: | - if gradle help | grep -q 'warning::Dependency Graph is not supported for Gradle 7.0.1. No dependency snapshot will be generated.'; - then - echo "Got the expected warning" - else - echo "Did not get the expected warning" - exit 1 - fi - - unsupported-gradle-version-failure: - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - name: Initialize integ-test - uses: ./.github/actions/init-integ-test - - - name: Setup Gradle for dependency-graph generate - uses: ./setup-gradle - with: - gradle-version: 7.0.1 - dependency-graph: generate - dependency-graph-continue-on-failure: false - - name: Run with unsupported Gradle version - working-directory: .github/workflow-samples/groovy-dsl - run: | - if gradle help; then - echo "Expected build to fail with Gradle 7.0.1" - exit 1 - fi - - insufficient-permissions-warning: - runs-on: ubuntu-latest - permissions: - contents: read - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - name: Initialize integ-test - uses: ./.github/actions/init-integ-test - - - name: Setup Gradle for dependency-graph generate - uses: ./setup-gradle - with: - dependency-graph: generate-and-submit - dependency-graph-continue-on-failure: true - - name: Run with insufficient permissions - working-directory: .github/workflow-samples/groovy-dsl - run: ./gradlew help - # This test is primarily for demonstration: it's unclear how to check for warnings emitted in the post-action - - SHOULD_FAIL-insufficient-permissions-failure: - runs-on: ubuntu-latest - permissions: - contents: read - continue-on-error: true - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - name: Initialize integ-test - uses: ./.github/actions/init-integ-test - - - name: Setup Gradle for dependency-graph generate - uses: ./setup-gradle - with: - dependency-graph: generate-and-submit - dependency-graph-continue-on-failure: false - - name: Run with insufficient permissions - working-directory: .github/workflow-samples/groovy-dsl - run: ./gradlew help - # This test is primarily for demonstration: it's unclear how to check for a failure in the post-action diff --git a/.github/workflows/integ-test-dependency-submission-failures.yml b/.github/workflows/integ-test-dependency-submission-failures.yml new file mode 100644 index 0000000..ac5e7dd --- /dev/null +++ b/.github/workflows/integ-test-dependency-submission-failures.yml @@ -0,0 +1,98 @@ +name: Test dependency graph + +on: + workflow_call: + inputs: + cache-key-prefix: + type: string + runner-os: + type: string + default: '["ubuntu-latest"]' + download-dist: + type: boolean + default: false + +env: + DOWNLOAD_DIST: ${{ inputs.download-dist }} + GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: dependency-graph-${{ inputs.cache-key-prefix }} + +jobs: + failing-build: + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v4 + - name: Initialize integ-test + uses: ./.github/actions/init-integ-test + + - name: Submit with failing build + id: gradle-build + uses: ./dependency-submission + with: + build-root-directory: .github/workflow-samples/groovy-dsl + additional-arguments: fail + continue-on-error: true + - name: Check step failed + if: steps.gradle-build.outcome != 'failure' + run: | + echo "Expected dependency submission step to fail" + exit 1 + - name: Check no dependency graph is generated + shell: bash + run: | + if [ ! -z "$(ls -A dependency-graph-reports)" ]; then + echo "Expected no dependency graph files to be generated" + ls -l dependency-graph-reports + exit 1 + fi + + unsupported-gradle-version: + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v4 + - name: Initialize integ-test + uses: ./.github/actions/init-integ-test + + - name: Submit with unsupported Gradle version + id: gradle-build + uses: ./dependency-submission + with: + gradle-version: 7.0.1 + build-root-directory: .github/workflow-samples/groovy-dsl + continue-on-error: true + - name: Check step failed + if: steps.gradle-build.outcome != 'failure' + run: | + echo "Expected dependency submission step to fail" + exit 1 + - name: Check no dependency graph is generated + shell: bash + run: | + if [ ! -z "$(ls -A dependency-graph-reports)" ]; then + echo "Expected no dependency graph files to be generated" + ls -l dependency-graph-reports + exit 1 + fi + + insufficient-permissions: + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: Checkout sources + uses: actions/checkout@v4 + - name: Initialize integ-test + uses: ./.github/actions/init-integ-test + + - name: Submit with insufficient permissions + id: gradle-build + uses: ./dependency-submission + with: + build-root-directory: .github/workflow-samples/groovy-dsl + continue-on-error: true + - name: Check step failed + if: steps.gradle-build.outcome != 'failure' + run: | + echo "Expected dependency submission step to fail" + exit 1