gradle/actions
1
0
Fork 0
mirror of https://github.com/gradle/actions.git synced 2025-04-20 09:49:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Complete migration of 'dependency-submission' to Typescript (#124)

Browse Source 
Finishes the migration of `dependency-submission` to a Typescript action
(fixes #116)

- Use consistent input params to ensure behaviour is consistent with
'setup-gradle'
- Submit generated graph immediately instead of waiting until end of job
(fixes #123)
- Can now add a `dependency-submission` step after a `setup-gradle` step
in the same job (fixes #36)
This commit is contained in:
Daz DeBoer 2024-04-07 17:00:08 -06:00 committed by GitHub
commit dbdb67aa6c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
26 changed files with 1897 additions and 48057 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/ci-dependency-review.yml vendored
View File

@ -8,7 +8,7 @@ name: CI-dependency-review
on: [pull_request]
permissions:
contents: read
contents: write
jobs:
dependency-review:
@ -16,5 +16,13 @@ jobs:
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v4
- name: Dependencies for groovy-dsl
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
- name: Dependencies for kotlin-dsl
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/kotlin-dsl
- name: 'Dependency Review'
uses: actions/dependency-review-action@v4

10
.github/workflows/ci-full-check.yml vendored
View File

@ -38,11 +38,6 @@ jobs:
with:
cache-key-prefix: ${{github.run_number}}-
dependency-graph-failures:
uses: ./.github/workflows/integ-test-dependency-graph-failures.yml
with:
cache-key-prefix: ${{github.run_number}}-
dependency-submission:
uses: ./.github/workflows/integ-test-dependency-submission.yml
permissions:
@ -50,6 +45,11 @@ jobs:
with:
cache-key-prefix: ${{github.run_number}}-
dependency-submission-failures:
uses: ./.github/workflows/integ-test-dependency-submission-failures.yml
with:
cache-key-prefix: ${{github.run_number}}-
execution-with-caching:
uses: ./.github/workflows/integ-test-execution-with-caching.yml
with:

10
.github/workflows/ci-quick-check.yml vendored
View File

@ -62,16 +62,18 @@ jobs:
runner-os: '["ubuntu-latest"]'
download-dist: true
dependency-graph-failures:
dependency-submission:
needs: build-distribution
uses: ./.github/workflows/integ-test-dependency-graph-failures.yml
uses: ./.github/workflows/integ-test-dependency-submission.yml
permissions:
contents: write
with:
runner-os: '["ubuntu-latest"]'
download-dist: true
dependency-submission:
dependency-submission-failures:
needs: build-distribution
uses: ./.github/workflows/integ-test-dependency-submission.yml
uses: ./.github/workflows/integ-test-dependency-submission-failures.yml
permissions:
contents: write
with:

5
.github/workflows/demo-job-summary.yml vendored
View File

@ -40,6 +40,11 @@ jobs:
working-directory: .github/workflow-samples/groovy-dsl
continue-on-error: true
run: ./gradlew not-a-real-task
- name: Dependency submission
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
dependency-graph: generate-and-upload
successful-builds-with-no-summary:
runs-on: ubuntu-latest

133
.github/workflows/integ-test-dependency-graph-failures.yml vendored
View File

@ -1,133 +0,0 @@
name: Test dependency graph
on:
workflow_call:
inputs:
cache-key-prefix:
type: string
runner-os:
type: string
default: '["ubuntu-latest"]'
download-dist:
type: boolean
default: false
env:
DOWNLOAD_DIST: ${{ inputs.download-dist }}
GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: dependency-graph-${{ inputs.cache-key-prefix }}
jobs:
failing-build:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Setup Gradle for dependency-graph generate
uses: ./setup-gradle
with:
dependency-graph: generate
dependency-graph-continue-on-failure: true
- name: Run build that will fail
id: gradle-build
continue-on-error: true
run: ./gradlew build fail
working-directory: .github/workflow-samples/groovy-dsl
- name: Check no dependency graph is generated
shell: bash
run: |
if [ ! -z "$(ls -A dependency-graph-reports)" ]; then
echo "Expected no dependency graph files to be generated"
ls -l dependency-graph-reports
exit 1
fi
unsupported-gradle-version-warning:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Setup Gradle for dependency-graph generate
uses: ./setup-gradle
with:
gradle-version: 7.0.1
dependency-graph: generate
dependency-graph-continue-on-failure: true
- name: Run with unsupported Gradle version
working-directory: .github/workflow-samples/groovy-dsl
run: |
if gradle help | grep -q 'warning::Dependency Graph is not supported for Gradle 7.0.1. No dependency snapshot will be generated.';
then
echo "Got the expected warning"
else
echo "Did not get the expected warning"
exit 1
fi
unsupported-gradle-version-failure:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Setup Gradle for dependency-graph generate
uses: ./setup-gradle
with:
gradle-version: 7.0.1
dependency-graph: generate
dependency-graph-continue-on-failure: false
- name: Run with unsupported Gradle version
working-directory: .github/workflow-samples/groovy-dsl
run: |
if gradle help; then
echo "Expected build to fail with Gradle 7.0.1"
exit 1
fi
insufficient-permissions-warning:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Setup Gradle for dependency-graph generate
uses: ./setup-gradle
with:
dependency-graph: generate-and-submit
dependency-graph-continue-on-failure: true
- name: Run with insufficient permissions
working-directory: .github/workflow-samples/groovy-dsl
run: ./gradlew help
# This test is primarily for demonstration: it's unclear how to check for warnings emitted in the post-action
SHOULD_FAIL-insufficient-permissions-failure:
runs-on: ubuntu-latest
permissions:
contents: read
continue-on-error: true
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Setup Gradle for dependency-graph generate
uses: ./setup-gradle
with:
dependency-graph: generate-and-submit
dependency-graph-continue-on-failure: false
- name: Run with insufficient permissions
working-directory: .github/workflow-samples/groovy-dsl
run: ./gradlew help
# This test is primarily for demonstration: it's unclear how to check for a failure in the post-action

98
.github/workflows/integ-test-dependency-submission-failures.yml vendored Normal file
View File

@ -0,0 +1,98 @@
name: Test dependency graph
on:
workflow_call:
inputs:
cache-key-prefix:
type: string
runner-os:
type: string
default: '["ubuntu-latest"]'
download-dist:
type: boolean
default: false
env:
DOWNLOAD_DIST: ${{ inputs.download-dist }}
GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: dependency-graph-${{ inputs.cache-key-prefix }}
jobs:
failing-build:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Submit with failing build
id: gradle-build
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
additional-arguments: fail
continue-on-error: true
- name: Check step failed
if: steps.gradle-build.outcome != 'failure'
run: |
echo "Expected dependency submission step to fail"
exit 1
- name: Check no dependency graph is generated
shell: bash
run: |
if [ ! -z "$(ls -A dependency-graph-reports)" ]; then
echo "Expected no dependency graph files to be generated"
ls -l dependency-graph-reports
exit 1
fi
unsupported-gradle-version:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Submit with unsupported Gradle version
id: gradle-build
uses: ./dependency-submission
with:
gradle-version: 7.0.1
build-root-directory: .github/workflow-samples/groovy-dsl
continue-on-error: true
- name: Check step failed
if: steps.gradle-build.outcome != 'failure'
run: |
echo "Expected dependency submission step to fail"
exit 1
- name: Check no dependency graph is generated
shell: bash
run: |
if [ ! -z "$(ls -A dependency-graph-reports)" ]; then
echo "Expected no dependency graph files to be generated"
ls -l dependency-graph-reports
exit 1
fi
insufficient-permissions:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Submit with insufficient permissions
id: gradle-build
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
continue-on-error: true
- name: Check step failed
if: steps.gradle-build.outcome != 'failure'
run: |
echo "Expected dependency submission step to fail"
exit 1

135
.github/workflows/integ-test-dependency-submission.yml vendored
View File

@ -36,10 +36,32 @@ jobs:
with:
dependency-graph: generate-and-upload
build-root-directory: .github/workflow-samples/groovy-dsl
cache-read-only: false
groovy-restore-cache:
needs: [groovy-generate-and-upload]
strategy:
matrix:
os: ${{fromJSON(inputs.runner-os)}}
runs-on: ${{ matrix.os }}
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Restore dependency graph
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
additional-arguments: --offline
groovy-download-and-submit:
needs: [groovy-generate-and-upload]
runs-on: "ubuntu-latest"
strategy:
matrix:
os: ${{fromJSON(inputs.runner-os)}}
runs-on: ${{ matrix.os }}
steps:
- name: Checkout sources
uses: actions/checkout@v4
@ -67,51 +89,72 @@ jobs:
with:
build-root-directory: .github/workflow-samples/kotlin-dsl
# TODO - Test this scenario (and make it work)
# multiple-builds:
# strategy:
# matrix:
# os: ${{fromJSON(inputs.runner-os)}}
# runs-on: ${{ matrix.os }}
# steps:
# - name: Checkout sources
# uses: actions/checkout@v4
# - name: Initialize integ-test
# uses: ./.github/actions/init-integ-test
multiple-builds:
strategy:
matrix:
os: ${{fromJSON(inputs.runner-os)}}
runs-on: ${{ matrix.os }}
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- id: kotlin-dsl
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/kotlin-dsl
- id: groovy-dsl
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
- id: groovy-dsl-again
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
additional-arguments: --no-build-cache
- name: Check generated dependency graphs
shell: bash
run: |
echo "kotlin-dsl report file: ${{ steps.kotlin-dsl.outputs.dependency-graph-file }}"
echo "groovy-dsl report file: ${{ steps.groovy-dsl.outputs.dependency-graph-file }}"
echo "groovy-dsl-again report file: ${{ steps.groovy-dsl-again.outputs.dependency-graph-file }}"
ls -l dependency-graph-reports
if [ ! -e "${{ steps.kotlin-dsl.outputs.dependency-graph-file }}" ]; then
echo "Did not find kotlin-dsl dependency graph file"
exit 1
fi
if [ ! -e "${{ steps.groovy-dsl.outputs.dependency-graph-file }}" ]; then
echo "Did not find groovy-dsl dependency graph file"
exit 1
fi
if [ ! -e "${{ steps.groovy-dsl-again.outputs.dependency-graph-file }}" ]; then
echo "Did not find groovy-dsl-again dependency graph file"
exit 1
fi
multiple-builds-upload:
strategy:
matrix:
os: ${{fromJSON(inputs.runner-os)}}
runs-on: ${{ matrix.os }}
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- id: kotlin-dsl
uses: ./dependency-submission
with:
dependency-graph: generate-and-upload
build-root-directory: .github/workflow-samples/kotlin-dsl
- id: groovy-dsl
uses: ./dependency-submission
with:
dependency-graph: generate-and-upload
build-root-directory: .github/workflow-samples/groovy-dsl
# - name: Setup Gradle for dependency-graph generate
# uses: ./setup-gradle
# with:
# dependency-graph: generate-and-submit
# - id: gradle-assemble
# run: ./gradlew assemble
# working-directory: .github/workflow-samples/groovy-dsl
# - id: gradle-build
# run: ./gradlew build
# working-directory: .github/workflow-samples/groovy-dsl
# - id: gradle-build-again
# run: ./gradlew build
# working-directory: .github/workflow-samples/groovy-dsl
# - name: Check generated dependency graphs
# shell: bash
# run: |
# echo "gradle-assemble report file: ${{ steps.gradle-assemble.outputs.dependency-graph-file }}"
# echo "gradle-build report file: ${{ steps.gradle-build.outputs.dependency-graph-file }}"
# echo "gradle-build-again report file: ${{ steps.gradle-build-again.outputs.dependency-graph-file }}"
# ls -l dependency-graph-reports
# if [ ! -e "${{ steps.gradle-assemble.outputs.dependency-graph-file }}" ]; then
# echo "Did not find gradle-assemble dependency graph file"
# exit 1
# fi
# if [ ! -e "${{ steps.gradle-build.outputs.dependency-graph-file }}" ]; then
# echo "Did not find gradle-build dependency graph files"
# exit 1
# fi
# if [ ! -e "${{ steps.gradle-build-again.outputs.dependency-graph-file }}" ]; then
# echo "Did not find gradle-build-again dependency graph files"
# exit 1
# fi
config-cache:
runs-on: ubuntu-latest
steps:
@ -132,7 +175,7 @@ jobs:
echo "Did not find config-cache-store dependency graph files"
exit 1
fi
rm ${{ steps.config-cache-store.outputs.dependency-graph-file }}
rm ${{ steps.config-cache-store.outputs.dependency-graph-file }}*
- id: config-cache-reuse
uses: ./dependency-submission
with:

10
build Executable file
View File

@ -0,0 +1,10 @@
#!/bin/bash
cd sources
npm install
if [ "$1" == "all" ]; then
npm run all
else
npm run build
fi

118
dependency-submission/action.yml
View File

@ -7,15 +7,77 @@ inputs:
Gradle version to use. If specified, this Gradle version will be downloaded, added to the PATH and used for invoking Gradle.
If not provided, it is assumed that the project uses the Gradle Wrapper.
required: false
build-root-directory:
description: Path to the root directory of the build. Default is the root of the GitHub workspace.
required: false
additional-arguments:
description: |
Additional arguments to pass to Gradle when generating the dependency graph.
For example, `--no-configuration-cache --stacktrace`.
required: false
# Cache configuration
cache-disabled:
description: When 'true', all caching is disabled. No entries will be written to or read from the cache.
required: false
default: false
cache-read-only:
description: |
When 'true', existing entries will be read from the cache but no entries will be written.
By default this value is 'false' for workflows on the GitHub default branch and 'true' for workflows on other branches.
required: false
default: ${{ github.event.repository != null && github.ref_name != github.event.repository.default_branch }}
cache-write-only:
description: |
When 'true', entries will not be restored from the cache but will be saved at the end of the Job.
Setting this to 'true' implies cache-read-only will be 'false'.
required: false
default: false
cache-overwrite-existing:
description: When 'true', a pre-existing Gradle User Home will not prevent the cache from being restored.
required: false
default: false
cache-encryption-key:
description: |
A base64 encoded AES key used to encrypt the configuration-cache data. The key is exported as 'GRADLE_ENCRYPTION_KEY' for later steps.
A suitable key can be generated with `openssl rand -base64 16`.
Configuration-cache data will not be saved/restored without an encryption key being provided.
required: false
gradle-home-cache-includes:
description: Paths within Gradle User Home to cache.
required: false
default: |
caches
notifications
gradle-home-cache-excludes:
description: Paths within Gradle User Home to exclude from cache.
required: false
gradle-home-cache-cleanup:
description: When 'true', the action will attempt to remove any stale/unused entries from the Gradle User Home prior to saving to the GitHub Actions cache.
required: false
default: false
# Job summary configuration
add-job-summary:
description: Specifies when a Job Summary should be inluded in the action results. Valid values are 'never', 'always' (default), and 'on-failure'.
required: false
default: 'always'
add-job-summary-as-pr-comment:
description: Specifies when each Job Summary should be added as a PR comment. Valid values are 'never' (default), 'always', and 'on-failure'. No action will be taken if the workflow was not triggered from a pull request.
required: false
default: 'never'
# Dependency Graph configuration
dependency-graph:
description: |
Specifies how the dependency-graph should be handled by this action. By default a dependency-graph will be generated and submitted.
@ -23,35 +85,35 @@ inputs:
'generate-and-submit' (default): Generates a dependency graph for the project and submits it in the same Job.
'generate-and-upload': Generates a dependency graph for the project and saves it as a workflow artifact.
'download-and-submit': Retrieves a previously saved dependency-graph and submits it to the repository.
The `generate-and-upload` and `download-and-submit` options are designed to be used in an untrusted workflow scenario,
where the workflow generating the dependency-graph cannot (or should not) be given the `contents: write` permissions
required to submit via the Dependency Submission API.
required: false
default: 'generate-and-submit'
additional-arguments:
description: |
Additional arguments to pass to Gradle. For example, `--no-configuration-cache --stacktrace`.
required: false
add-job-summary:
description: Specifies when a Job Summary should be inluded in the action results. Valid values are 'never', 'always' (default), and 'on-failure'.
dependency-graph-continue-on-failure:
description: When 'false' a failure to generate or submit a dependency graph will fail the Step or Job. When 'true' a warning will be emitted but no failure will result.
required: false
default: 'always'
add-job-summary-as-pr-comment:
description: Specifies when each Job Summary should be added as a PR comment. Valid values are 'never' (default), 'always', and 'on-failure'. No action will be taken if the workflow was not triggered from a pull request.
required: false
default: 'never'
default: false
artifact-retention-days:
description: Specifies the number of days to retain any artifacts generated by the action. If not set, the default retention settings for the repository will apply.
required: false
default: 1
# Build Scan configuration
build-scan-publish:
description: |
Set to 'true' to automatically publish build results as a Build Scan on scans.gradle.com.
For publication to succeed without user input, you must also provide values for `build-scan-terms-of-use-url` and 'build-scan-terms-of-use-agree'.
required: false
default: false
build-scan-terms-of-use-url:
description: The URL to the Build Scan® terms of use. This input must be set to 'https://gradle.com/help/legal-terms-of-use'.
description: The URL to the Build Scan® terms of use. This input must be set to 'https://gradle.com/terms-of-service' or 'https://gradle.com/help/legal-terms-of-use'.
required: false
build-scan-terms-of-use-agree:
description: Indicate that you agree to the Build Scan® terms of use. This input value must be "yes".
required: false
@ -67,16 +129,46 @@ inputs:
required: false
deprecation-message: The input has been renamed to align with the Develocity API. Use 'build-scan-terms-of-use-agree' instead.
generate-job-summary:
description: When 'false', no Job Summary will be generated for the Job.
required: false
default: true
deprecation-message: Superceded by the new 'add-job-summary' and 'add-job-summary-as-pr-comment' parameters.
# EXPERIMENTAL ACTION INPUTS
# The following action properties allow fine-grained tweaking of the action caching behaviour.
# These properties are experimental and not (yet) designed for production use, and may change without notice in a subsequent release of `setup-gradle`.
# Use at your own risk!
gradle-home-cache-strict-match:
description: When 'true', the action will not attempt to restore the Gradle User Home entries from other Jobs.
required: false
default: false
# INTERNAL ACTION INPUTS
# These inputs should not be configured directly, and are only used to pass environmental information to the action
workflow-job-context:
description: Used to uniquely identify the current job invocation. Defaults to the matrix values for this job; this should not be overridden by users (INTERNAL).
required: false
default: ${{ toJSON(matrix) }}
github-token:
description: The GitHub token used to authenticate when submitting via the Dependency Submission API.
default: ${{ github.token }}
required: false
outputs:
build-scan-url:
description: Link to the Build Scan® generated by a Gradle build. Note that this output applies to a Step executing Gradle, not to the `setup-gradle` Step itself.
dependency-graph-file:
description: Path to the GitHub Dependency Graph snapshot file generated by a Gradle build. Note that this output applies to a Step executing Gradle, not to the `setup-gradle` Step itself.
gradle-version:
description: Version of Gradle that was setup by the action
runs:
using: 'node20'
main: '../dist/dependency-submission/main/index.js'
post: '../dist/dependency-submission/post/index.js'
branding:
icon: 'box'
color: 'gray-dark'

71
dist/dependency-submission/main/index.js vendored
View File

@ -141173,24 +141173,25 @@ const input_params_1 = __nccwpck_require__(23885);
const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_';
function setup(config) {
return __awaiter(this, void 0, void 0, function* () {
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.Disabled) {
const option = config.getDependencyGraphOption();
if (option === input_params_1.DependencyGraphOption.Disabled) {
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'false');
return;
}
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.DownloadAndSubmit) {
if (option === input_params_1.DependencyGraphOption.DownloadAndSubmit) {
yield downloadAndSubmitDependencyGraphs(config);
return;
}
core.info('Enabling dependency graph generation');
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true');
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.continueOnFailure);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.getDependencyGraphContinueOnFailure());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', config.getJobCorrelator());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_SHA', getShaFromContext());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_WORKSPACE', layout.workspaceDirectory());
maybeExportVariable('DEPENDENCY_GRAPH_REPORT_DIR', path.resolve(layout.workspaceDirectory(), 'dependency-graph-reports'));
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.Clear) {
if (option === input_params_1.DependencyGraphOption.Clear) {
core.exportVariable('DEPENDENCY_GRAPH_INCLUDE_PROJECTS', '');
core.exportVariable('DEPENDENCY_GRAPH_INCLUDE_CONFIGURATIONS', '');
}
@ -141204,12 +141205,9 @@ function maybeExportVariable(variableName, value) {
}
function complete(config) {
return __awaiter(this, void 0, void 0, function* () {
if (isRunningInActEnvironment()) {
core.info('Dependency graph upload and submit not supported in the ACT environment.');
return;
}
const option = config.getDependencyGraphOption();
try {
switch (config.dependencyGraphOption) {
switch (option) {
case input_params_1.DependencyGraphOption.Disabled:
case input_params_1.DependencyGraphOption.Generate:
case input_params_1.DependencyGraphOption.DownloadAndSubmit:
@ -141223,7 +141221,7 @@ function complete(config) {
}
}
catch (e) {
warnOrFail(config, e);
warnOrFail(config, option, e);
}
});
}
@ -141236,6 +141234,11 @@ function findGeneratedDependencyGraphFiles() {
}
function uploadDependencyGraphs(dependencyGraphFiles, config) {
return __awaiter(this, void 0, void 0, function* () {
if (isRunningInActEnvironment()) {
core.info('Dependency graph upload not supported in the ACT environment.');
core.info(`Would upload: ${dependencyGraphFiles.join(', ')}`);
return;
}
const workspaceDirectory = layout.workspaceDirectory();
const artifactClient = new artifact_1.DefaultArtifactClient();
for (const dependencyGraphFile of dependencyGraphFiles) {
@ -141243,7 +141246,7 @@ function uploadDependencyGraphs(dependencyGraphFiles, config) {
core.info(`Uploading dependency graph file: ${relativePath}`);
const artifactName = `${DEPENDENCY_GRAPH_PREFIX}${path.basename(dependencyGraphFile)}`;
yield artifactClient.uploadArtifact(artifactName, [dependencyGraphFile], workspaceDirectory, {
retentionDays: config.artifactRetentionDays
retentionDays: config.getArtifactRetentionDays()
});
}
});
@ -141258,19 +141261,24 @@ function downloadAndSubmitDependencyGraphs(config) {
yield submitDependencyGraphs(yield downloadDependencyGraphs());
}
catch (e) {
warnOrFail(config, e);
warnOrFail(config, input_params_1.DependencyGraphOption.DownloadAndSubmit, e);
}
});
}
function submitDependencyGraphs(dependencyGraphFiles) {
return __awaiter(this, void 0, void 0, function* () {
for (const jsonFile of dependencyGraphFiles) {
if (isRunningInActEnvironment()) {
core.info('Dependency graph submit not supported in the ACT environment.');
core.info(`Would submit: ${dependencyGraphFiles.join(', ')}`);
return;
}
for (const dependencyGraphFile of dependencyGraphFiles) {
try {
yield submitDependencyGraphFile(jsonFile);
yield submitDependencyGraphFile(dependencyGraphFile);
}
catch (error) {
if (error instanceof request_error_1.RequestError) {
throw new Error(translateErrorMessage(jsonFile, error));
throw new Error(translateErrorMessage(dependencyGraphFile, error));
}
else {
throw error;
@ -141332,15 +141340,25 @@ function downloadDependencyGraphs() {
function findDependencyGraphFiles(dir) {
return __awaiter(this, void 0, void 0, function* () {
const globber = yield glob.create(`${dir}/dependency-graph-reports/*.json`);
const graphFiles = globber.glob();
return graphFiles;
const allFiles = yield globber.glob();
const unprocessedFiles = allFiles.filter(file => !isProcessed(file));
unprocessedFiles.forEach(markProcessed);
return unprocessedFiles;
});
}
function warnOrFail(config, error) {
if (!config.continueOnFailure) {
function isProcessed(dependencyGraphFile) {
const markerFile = `${dependencyGraphFile}.processed`;
return fs_1.default.existsSync(markerFile);
}
function markProcessed(dependencyGraphFile) {
const markerFile = `${dependencyGraphFile}.processed`;
fs_1.default.writeFileSync(markerFile, '');
}
function warnOrFail(config, option, error) {
if (!config.getDependencyGraphContinueOnFailure()) {
throw new errors_1.PostActionJobFailure(error);
}
core.warning(`Failed to ${config.dependencyGraphOption} dependency graph. Will continue.\n${String(error)}`);
core.warning(`Failed to ${option} dependency graph. Will continue.\n${String(error)}`);
}
function getOctokit() {
return github.getOctokit((0, input_params_1.getGithubToken)());
@ -141424,10 +141442,8 @@ function run() {
try {
yield setupGradle.setup(new input_params_1.CacheConfig(), new input_params_1.BuildScanConfig());
const config = new input_params_1.DependencyGraphConfig();
config.artifactRetentionDays = 1;
config.continueOnFailure = false;
yield dependencyGraph.setup(config);
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.DownloadAndSubmit) {
if (config.getDependencyGraphOption() === input_params_1.DependencyGraphOption.DownloadAndSubmit) {
return;
}
const executable = yield provisioner.provisionGradle();
@ -141442,6 +141458,7 @@ function run() {
const args = (0, string_argv_1.parseArgsStringToArgv)(executionArgs);
const buildRootDirectory = layout.buildRootDirectory();
yield execution.executeGradleBuild(executable, buildRootDirectory, args);
yield dependencyGraph.complete(config);
}
catch (error) {
core.setFailed(String(error));
@ -141652,11 +141669,6 @@ const cache = __importStar(__nccwpck_require__(27799));
const summary_1 = __nccwpck_require__(81327);
const string_argv_1 = __nccwpck_require__(19663);
class DependencyGraphConfig {
constructor() {
this.dependencyGraphOption = this.getDependencyGraphOption();
this.continueOnFailure = this.getDependencyGraphContinueOnFailure();
this.artifactRetentionDays = this.getArtifactRetentionDays();
}
getDependencyGraphOption() {
const val = core.getInput('dependency-graph');
switch (val.toLowerCase().trim()) {
@ -141802,9 +141814,6 @@ var JobSummaryOption;
})(JobSummaryOption || (exports.JobSummaryOption = JobSummaryOption = {}));
class BuildScanConfig {
getBuildScanPublishEnabled() {
if (!this.verifyTermsOfUseAgreement()) {
return false;
}
return getBooleanInput('build-scan-publish') && this.verifyTermsOfUseAgreement();
}
getBuildScanTermsOfUseUrl() {

2
dist/dependency-submission/main/index.js.map vendored
View File

File diff suppressed because one or more lines are too long

49072
dist/dependency-submission/post/index.js vendored
View File

File diff suppressed because one or more lines are too long

2
dist/dependency-submission/post/index.js.map vendored
View File

File diff suppressed because one or more lines are too long

66
dist/setup-gradle/main/index.js vendored
View File

@ -141173,24 +141173,25 @@ const input_params_1 = __nccwpck_require__(23885);
const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_';
function setup(config) {
return __awaiter(this, void 0, void 0, function* () {
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.Disabled) {
const option = config.getDependencyGraphOption();
if (option === input_params_1.DependencyGraphOption.Disabled) {
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'false');
return;
}
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.DownloadAndSubmit) {
if (option === input_params_1.DependencyGraphOption.DownloadAndSubmit) {
yield downloadAndSubmitDependencyGraphs(config);
return;
}
core.info('Enabling dependency graph generation');
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true');
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.continueOnFailure);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.getDependencyGraphContinueOnFailure());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', config.getJobCorrelator());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_SHA', getShaFromContext());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_WORKSPACE', layout.workspaceDirectory());
maybeExportVariable('DEPENDENCY_GRAPH_REPORT_DIR', path.resolve(layout.workspaceDirectory(), 'dependency-graph-reports'));
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.Clear) {
if (option === input_params_1.DependencyGraphOption.Clear) {
core.exportVariable('DEPENDENCY_GRAPH_INCLUDE_PROJECTS', '');
core.exportVariable('DEPENDENCY_GRAPH_INCLUDE_CONFIGURATIONS', '');
}
@ -141204,12 +141205,9 @@ function maybeExportVariable(variableName, value) {
}
function complete(config) {
return __awaiter(this, void 0, void 0, function* () {
if (isRunningInActEnvironment()) {
core.info('Dependency graph upload and submit not supported in the ACT environment.');
return;
}
const option = config.getDependencyGraphOption();
try {
switch (config.dependencyGraphOption) {
switch (option) {
case input_params_1.DependencyGraphOption.Disabled:
case input_params_1.DependencyGraphOption.Generate:
case input_params_1.DependencyGraphOption.DownloadAndSubmit:
@ -141223,7 +141221,7 @@ function complete(config) {
}
}
catch (e) {
warnOrFail(config, e);
warnOrFail(config, option, e);
}
});
}
@ -141236,6 +141234,11 @@ function findGeneratedDependencyGraphFiles() {
}
function uploadDependencyGraphs(dependencyGraphFiles, config) {
return __awaiter(this, void 0, void 0, function* () {
if (isRunningInActEnvironment()) {
core.info('Dependency graph upload not supported in the ACT environment.');
core.info(`Would upload: ${dependencyGraphFiles.join(', ')}`);
return;
}
const workspaceDirectory = layout.workspaceDirectory();
const artifactClient = new artifact_1.DefaultArtifactClient();
for (const dependencyGraphFile of dependencyGraphFiles) {
@ -141243,7 +141246,7 @@ function uploadDependencyGraphs(dependencyGraphFiles, config) {
core.info(`Uploading dependency graph file: ${relativePath}`);
const artifactName = `${DEPENDENCY_GRAPH_PREFIX}${path.basename(dependencyGraphFile)}`;
yield artifactClient.uploadArtifact(artifactName, [dependencyGraphFile], workspaceDirectory, {
retentionDays: config.artifactRetentionDays
retentionDays: config.getArtifactRetentionDays()
});
}
});
@ -141258,19 +141261,24 @@ function downloadAndSubmitDependencyGraphs(config) {
yield submitDependencyGraphs(yield downloadDependencyGraphs());
}
catch (e) {
warnOrFail(config, e);
warnOrFail(config, input_params_1.DependencyGraphOption.DownloadAndSubmit, e);
}
});
}
function submitDependencyGraphs(dependencyGraphFiles) {
return __awaiter(this, void 0, void 0, function* () {
for (const jsonFile of dependencyGraphFiles) {
if (isRunningInActEnvironment()) {
core.info('Dependency graph submit not supported in the ACT environment.');
core.info(`Would submit: ${dependencyGraphFiles.join(', ')}`);
return;
}
for (const dependencyGraphFile of dependencyGraphFiles) {
try {
yield submitDependencyGraphFile(jsonFile);
yield submitDependencyGraphFile(dependencyGraphFile);
}
catch (error) {
if (error instanceof request_error_1.RequestError) {
throw new Error(translateErrorMessage(jsonFile, error));
throw new Error(translateErrorMessage(dependencyGraphFile, error));
}
else {
throw error;
@ -141332,15 +141340,25 @@ function downloadDependencyGraphs() {
function findDependencyGraphFiles(dir) {
return __awaiter(this, void 0, void 0, function* () {
const globber = yield glob.create(`${dir}/dependency-graph-reports/*.json`);
const graphFiles = globber.glob();
return graphFiles;
const allFiles = yield globber.glob();
const unprocessedFiles = allFiles.filter(file => !isProcessed(file));
unprocessedFiles.forEach(markProcessed);
return unprocessedFiles;
});
}
function warnOrFail(config, error) {
if (!config.continueOnFailure) {
function isProcessed(dependencyGraphFile) {
const markerFile = `${dependencyGraphFile}.processed`;
return fs_1.default.existsSync(markerFile);
}
function markProcessed(dependencyGraphFile) {
const markerFile = `${dependencyGraphFile}.processed`;
fs_1.default.writeFileSync(markerFile, '');
}
function warnOrFail(config, option, error) {
if (!config.getDependencyGraphContinueOnFailure()) {
throw new errors_1.PostActionJobFailure(error);
}
core.warning(`Failed to ${config.dependencyGraphOption} dependency graph. Will continue.\n${String(error)}`);
core.warning(`Failed to ${option} dependency graph. Will continue.\n${String(error)}`);
}
function getOctokit() {
return github.getOctokit((0, input_params_1.getGithubToken)());
@ -141566,11 +141584,6 @@ const cache = __importStar(__nccwpck_require__(27799));
const summary_1 = __nccwpck_require__(81327);
const string_argv_1 = __nccwpck_require__(19663);
class DependencyGraphConfig {
constructor() {
this.dependencyGraphOption = this.getDependencyGraphOption();
this.continueOnFailure = this.getDependencyGraphContinueOnFailure();
this.artifactRetentionDays = this.getArtifactRetentionDays();
}
getDependencyGraphOption() {
const val = core.getInput('dependency-graph');
switch (val.toLowerCase().trim()) {
@ -141716,9 +141729,6 @@ var JobSummaryOption;
})(JobSummaryOption || (exports.JobSummaryOption = JobSummaryOption = {}));
class BuildScanConfig {
getBuildScanPublishEnabled() {
if (!this.verifyTermsOfUseAgreement()) {
return false;
}
return getBooleanInput('build-scan-publish') && this.verifyTermsOfUseAgreement();
}
getBuildScanTermsOfUseUrl() {

2
dist/setup-gradle/main/index.js.map vendored
View File

File diff suppressed because one or more lines are too long

66
dist/setup-gradle/post/index.js vendored
View File

@ -138626,24 +138626,25 @@ const input_params_1 = __nccwpck_require__(23885);
const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_';
function setup(config) {
return __awaiter(this, void 0, void 0, function* () {
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.Disabled) {
const option = config.getDependencyGraphOption();
if (option === input_params_1.DependencyGraphOption.Disabled) {
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'false');
return;
}
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.DownloadAndSubmit) {
if (option === input_params_1.DependencyGraphOption.DownloadAndSubmit) {
yield downloadAndSubmitDependencyGraphs(config);
return;
}
core.info('Enabling dependency graph generation');
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true');
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.continueOnFailure);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.getDependencyGraphContinueOnFailure());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', config.getJobCorrelator());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref);
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_SHA', getShaFromContext());
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_WORKSPACE', layout.workspaceDirectory());
maybeExportVariable('DEPENDENCY_GRAPH_REPORT_DIR', path.resolve(layout.workspaceDirectory(), 'dependency-graph-reports'));
if (config.dependencyGraphOption === input_params_1.DependencyGraphOption.Clear) {
if (option === input_params_1.DependencyGraphOption.Clear) {
core.exportVariable('DEPENDENCY_GRAPH_INCLUDE_PROJECTS', '');
core.exportVariable('DEPENDENCY_GRAPH_INCLUDE_CONFIGURATIONS', '');
}
@ -138657,12 +138658,9 @@ function maybeExportVariable(variableName, value) {
}
function complete(config) {
return __awaiter(this, void 0, void 0, function* () {
if (isRunningInActEnvironment()) {
core.info('Dependency graph upload and submit not supported in the ACT environment.');
return;
}
const option = config.getDependencyGraphOption();
try {
switch (config.dependencyGraphOption) {
switch (option) {
case input_params_1.DependencyGraphOption.Disabled:
case input_params_1.DependencyGraphOption.Generate:
case input_params_1.DependencyGraphOption.DownloadAndSubmit:
@ -138676,7 +138674,7 @@ function complete(config) {
}
}
catch (e) {
warnOrFail(config, e);
warnOrFail(config, option, e);
}
});
}
@ -138689,6 +138687,11 @@ function findGeneratedDependencyGraphFiles() {
}
function uploadDependencyGraphs(dependencyGraphFiles, config) {
return __awaiter(this, void 0, void 0, function* () {
if (isRunningInActEnvironment()) {
core.info('Dependency graph upload not supported in the ACT environment.');
core.info(`Would upload: ${dependencyGraphFiles.join(', ')}`);
return;
}
const workspaceDirectory = layout.workspaceDirectory();
const artifactClient = new artifact_1.DefaultArtifactClient();
for (const dependencyGraphFile of dependencyGraphFiles) {
@ -138696,7 +138699,7 @@ function uploadDependencyGraphs(dependencyGraphFiles, config) {
core.info(`Uploading dependency graph file: ${relativePath}`);
const artifactName = `${DEPENDENCY_GRAPH_PREFIX}${path.basename(dependencyGraphFile)}`;
yield artifactClient.uploadArtifact(artifactName, [dependencyGraphFile], workspaceDirectory, {
retentionDays: config.artifactRetentionDays
retentionDays: config.getArtifactRetentionDays()
});
}
});
@ -138711,19 +138714,24 @@ function downloadAndSubmitDependencyGraphs(config) {
yield submitDependencyGraphs(yield downloadDependencyGraphs());
}
catch (e) {
warnOrFail(config, e);
warnOrFail(config, input_params_1.DependencyGraphOption.DownloadAndSubmit, e);
}
});
}
function submitDependencyGraphs(dependencyGraphFiles) {
return __awaiter(this, void 0, void 0, function* () {
for (const jsonFile of dependencyGraphFiles) {
if (isRunningInActEnvironment()) {
core.info('Dependency graph submit not supported in the ACT environment.');
core.info(`Would submit: ${dependencyGraphFiles.join(', ')}`);
return;
}
for (const dependencyGraphFile of dependencyGraphFiles) {
try {
yield submitDependencyGraphFile(jsonFile);
yield submitDependencyGraphFile(dependencyGraphFile);
}
catch (error) {
if (error instanceof request_error_1.RequestError) {
throw new Error(translateErrorMessage(jsonFile, error));
throw new Error(translateErrorMessage(dependencyGraphFile, error));
}
else {
throw error;
@ -138785,15 +138793,25 @@ function downloadDependencyGraphs() {
function findDependencyGraphFiles(dir) {
return __awaiter(this, void 0, void 0, function* () {
const globber = yield glob.create(`${dir}/dependency-graph-reports/*.json`);
const graphFiles = globber.glob();
return graphFiles;
const allFiles = yield globber.glob();
const unprocessedFiles = allFiles.filter(file => !isProcessed(file));
unprocessedFiles.forEach(markProcessed);
return unprocessedFiles;
});
}
function warnOrFail(config, error) {
if (!config.continueOnFailure) {
function isProcessed(dependencyGraphFile) {
const markerFile = `${dependencyGraphFile}.processed`;
return fs_1.default.existsSync(markerFile);
}
function markProcessed(dependencyGraphFile) {
const markerFile = `${dependencyGraphFile}.processed`;
fs_1.default.writeFileSync(markerFile, '');
}
function warnOrFail(config, option, error) {
if (!config.getDependencyGraphContinueOnFailure()) {
throw new errors_1.PostActionJobFailure(error);
}
core.warning(`Failed to ${config.dependencyGraphOption} dependency graph. Will continue.\n${String(error)}`);
core.warning(`Failed to ${option} dependency graph. Will continue.\n${String(error)}`);
}
function getOctokit() {
return github.getOctokit((0, input_params_1.getGithubToken)());
@ -138885,11 +138903,6 @@ const cache = __importStar(__nccwpck_require__(27799));
const summary_1 = __nccwpck_require__(81327);
const string_argv_1 = __nccwpck_require__(19663);
class DependencyGraphConfig {
constructor() {
this.dependencyGraphOption = this.getDependencyGraphOption();
this.continueOnFailure = this.getDependencyGraphContinueOnFailure();
this.artifactRetentionDays = this.getArtifactRetentionDays();
}
getDependencyGraphOption() {
const val = core.getInput('dependency-graph');
switch (val.toLowerCase().trim()) {
@ -139035,9 +139048,6 @@ var JobSummaryOption;
})(JobSummaryOption || (exports.JobSummaryOption = JobSummaryOption = {}));
class BuildScanConfig {
getBuildScanPublishEnabled() {
if (!this.verifyTermsOfUseAgreement()) {
return false;
}
return getBooleanInput('build-scan-publish') && this.verifyTermsOfUseAgreement();
}
getBuildScanTermsOfUseUrl() {

2
dist/setup-gradle/post/index.js.map vendored
View File

File diff suppressed because one or more lines are too long

9
docs/dependency-submission.md
View File

@ -288,18 +288,11 @@ jobs:
- name: Generate and submit dependency graph
uses: gradle/actions/dependency-submission@v3
dependency-review:
needs: dependency-submission
runs-on: ubuntu-latest
steps:
- name: Perform dependency review
uses: actions/dependency-review-action@v3
```
Note that the `dependency-submission` action submits the dependency graph at the completion of the workflow Job.
For this reason, the `dependency-review-action` must be executed in a dependent job, and not as a subsequent step in the job that generates the dependency graph.
## Usage with pull requests from public forked repositories
This `contents: write` permission is [not available for any workflow that is triggered by a pull request submitted from a public forked repository](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token).

33
setup-gradle/action.yml
View File

@ -1,13 +1,14 @@
name: 'Setup Gradle'
description: 'Configures Gradle for GitHub actions, caching state and generating a dependency graph via Dependency Submission.'
# https://help.github.com/en/articles/metadata-syntax-for-github-actions
inputs:
gradle-version:
description: Gradle version to use. If specified, this Gradle version will be downloaded, added to the PATH and used for invoking Gradle.
description: |
Gradle version to use. If specified, this Gradle version will be downloaded, added to the PATH and used for invoking Gradle.
If not provided, it is assumed that the project uses the Gradle Wrapper.
required: false
# Cache configuration
cache-disabled:
description: When 'true', all caching is disabled. No entries will be written to or read from the cache.
required: false
@ -49,15 +50,13 @@ inputs:
gradle-home-cache-excludes:
description: Paths within Gradle User Home to exclude from cache.
required: false
# e.g. Use the following setting to prevent the local build cache from being saved/restored
# gradle-home-cache-excludes: |
# caches/build-cache-1
gradle-home-cache-cleanup:
description: When 'true', the action will attempt to remove any stale/unused entries from the Gradle User Home prior to saving to the GitHub Actions cache.
required: false
default: false
# Job summary configuration
add-job-summary:
description: Specifies when a Job Summary should be inluded in the action results. Valid values are 'never', 'always' (default), and 'on-failure'.
required: false
@ -68,8 +67,11 @@ inputs:
required: false
default: 'never'
# Dependency Graph configuration
dependency-graph:
description: Specifies if a GitHub dependency snapshot should be generated for each Gradle build, and if so, how. Valid values are 'disabled' (default), 'generate', 'generate-and-submit', 'generate-and-upload', 'download-and-submit' and 'clear'.
description: |
Specifies if a GitHub dependency snapshot should be generated for each Gradle build, and if so, how.
Valid values are 'disabled' (default), 'generate', 'generate-and-submit', 'generate-and-upload', 'download-and-submit' and 'clear'.
required: false
default: 'disabled'
@ -82,6 +84,7 @@ inputs:
description: Specifies the number of days to retain any artifacts generated by the action. If not set, the default retention settings for the repository will apply.
required: false
# Build Scan configuration
build-scan-publish:
description: |
Set to 'true' to automatically publish build results as a Build Scan on scans.gradle.com.
@ -108,6 +111,12 @@ inputs:
required: false
deprecation-message: The input has been renamed to align with the Develocity API. Use 'build-scan-terms-of-use-agree' instead.
generate-job-summary:
description: When 'false', no Job Summary will be generated for the Job.
required: false
default: true
deprecation-message: Superceded by the new 'add-job-summary' and 'add-job-summary-as-pr-comment' parameters.
arguments:
description: Gradle command line arguments (supports multi-line input)
required: false
@ -118,13 +127,7 @@ inputs:
required: false
deprecation-message: Using the action to execute Gradle directly is deprecated in favor of using the action to setup Gradle, and executing Gradle in a subsequent Step.
generate-job-summary:
description: When 'false', no Job Summary will be generated for the Job.
required: false
default: true
deprecation-message: Superceded by the new 'add-job-summary' and 'add-job-summary-as-pr-comment' parameters.
# EXPERIMENTAL & INTERNAL ACTION INPUTS
# EXPERIMENTAL ACTION INPUTS
# The following action properties allow fine-grained tweaking of the action caching behaviour.
# These properties are experimental and not (yet) designed for production use, and may change without notice in a subsequent release of `setup-gradle`.
# Use at your own risk!
@ -133,6 +136,8 @@ inputs:
required: false
default: false
# INTERNAL ACTION INPUTS
# These inputs should not be configured directly, and are only used to pass environmental information to the action
workflow-job-context:
description: Used to uniquely identify the current job invocation. Defaults to the matrix values for this job; this should not be overridden by users (INTERNAL).
required: false

1
sources/.eslintrc.json
View File

@ -14,6 +14,7 @@
"no-unused-vars": "off",
"no-shadow": "off",
"sort-imports": "off",
"github/array-foreach": "off",
"@typescript-eslint/no-unused-vars": ["error", { "argsIgnorePattern": "^_" }],
"@typescript-eslint/explicit-member-accessibility": ["error", {"accessibility": "no-public"}],
"@typescript-eslint/no-require-imports": "error",

4
sources/build
View File

@ -1,4 +0,0 @@
#!/bin/bash
cd sources
npm run build

4
sources/build-and-test
View File

@ -1,4 +0,0 @@
#!/bin/bash
cd sources
npm run all

63
sources/src/dependency-graph.ts
View File

@ -16,19 +16,20 @@ import {DependencyGraphConfig, DependencyGraphOption, getGithubToken} from './in
const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_'
export async function setup(config: DependencyGraphConfig): Promise<void> {
if (config.dependencyGraphOption === DependencyGraphOption.Disabled) {
const option = config.getDependencyGraphOption()
if (option === DependencyGraphOption.Disabled) {
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'false')
return
}
// Download and submit early, for compatability with dependency review.
if (config.dependencyGraphOption === DependencyGraphOption.DownloadAndSubmit) {
if (option === DependencyGraphOption.DownloadAndSubmit) {
await downloadAndSubmitDependencyGraphs(config)
return
}
core.info('Enabling dependency graph generation')
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true')
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.continueOnFailure)
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.getDependencyGraphContinueOnFailure())
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', config.getJobCorrelator())
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId)
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref)
@ -40,7 +41,7 @@ export async function setup(config: DependencyGraphConfig): Promise<void> {
)
// To clear the dependency graph, we generate an empty graph by excluding all projects and configurations
if (config.dependencyGraphOption === DependencyGraphOption.Clear) {
if (option === DependencyGraphOption.Clear) {
core.exportVariable('DEPENDENCY_GRAPH_INCLUDE_PROJECTS', '')
core.exportVariable('DEPENDENCY_GRAPH_INCLUDE_CONFIGURATIONS', '')
}
@ -53,13 +54,9 @@ function maybeExportVariable(variableName: string, value: unknown): void {
}
export async function complete(config: DependencyGraphConfig): Promise<void> {
if (isRunningInActEnvironment()) {
core.info('Dependency graph upload and submit not supported in the ACT environment.')
return
}
const option = config.getDependencyGraphOption()
try {
switch (config.dependencyGraphOption) {
switch (option) {
case DependencyGraphOption.Disabled:
case DependencyGraphOption.Generate: // Performed via init-script: nothing to do here
case DependencyGraphOption.DownloadAndSubmit: // Performed in setup
@ -72,7 +69,7 @@ export async function complete(config: DependencyGraphConfig): Promise<void> {
await uploadDependencyGraphs(await findGeneratedDependencyGraphFiles(), config)
}
} catch (e) {
warnOrFail(config, e)
warnOrFail(config, option, e)
}
}
@ -82,6 +79,12 @@ async function findGeneratedDependencyGraphFiles(): Promise<string[]> {
}
async function uploadDependencyGraphs(dependencyGraphFiles: string[], config: DependencyGraphConfig): Promise<void> {
if (isRunningInActEnvironment()) {
core.info('Dependency graph upload not supported in the ACT environment.')
core.info(`Would upload: ${dependencyGraphFiles.join(', ')}`)
return
}
const workspaceDirectory = layout.workspaceDirectory()
const artifactClient = new DefaultArtifactClient()
@ -90,7 +93,7 @@ async function uploadDependencyGraphs(dependencyGraphFiles: string[], config: De
core.info(`Uploading dependency graph file: ${relativePath}`)
const artifactName = `${DEPENDENCY_GRAPH_PREFIX}${path.basename(dependencyGraphFile)}`
await artifactClient.uploadArtifact(artifactName, [dependencyGraphFile], workspaceDirectory, {
retentionDays: config.artifactRetentionDays
retentionDays: config.getArtifactRetentionDays()
})
}
}
@ -104,17 +107,23 @@ async function downloadAndSubmitDependencyGraphs(config: DependencyGraphConfig):
try {
await submitDependencyGraphs(await downloadDependencyGraphs())
} catch (e) {
warnOrFail(config, e)
warnOrFail(config, DependencyGraphOption.DownloadAndSubmit, e)
}
}
async function submitDependencyGraphs(dependencyGraphFiles: string[]): Promise<void> {
for (const jsonFile of dependencyGraphFiles) {
if (isRunningInActEnvironment()) {
core.info('Dependency graph submit not supported in the ACT environment.')
core.info(`Would submit: ${dependencyGraphFiles.join(', ')}`)
return
}
for (const dependencyGraphFile of dependencyGraphFiles) {
try {
await submitDependencyGraphFile(jsonFile)
await submitDependencyGraphFile(dependencyGraphFile)
} catch (error) {
if (error instanceof RequestError) {
throw new Error(translateErrorMessage(jsonFile, error))
throw new Error(translateErrorMessage(dependencyGraphFile, error))
} else {
throw error
}
@ -182,16 +191,28 @@ async function downloadDependencyGraphs(): Promise<string[]> {
async function findDependencyGraphFiles(dir: string): Promise<string[]> {
const globber = await glob.create(`${dir}/dependency-graph-reports/*.json`)
const graphFiles = globber.glob()
return graphFiles
const allFiles = await globber.glob()
const unprocessedFiles = allFiles.filter(file => !isProcessed(file))
unprocessedFiles.forEach(markProcessed)
return unprocessedFiles
}
function warnOrFail(config: DependencyGraphConfig, error: unknown): void {
if (!config.continueOnFailure) {
function isProcessed(dependencyGraphFile: string): boolean {
const markerFile = `${dependencyGraphFile}.processed`
return fs.existsSync(markerFile)
}
function markProcessed(dependencyGraphFile: string): void {
const markerFile = `${dependencyGraphFile}.processed`
fs.writeFileSync(markerFile, '')
}
function warnOrFail(config: DependencyGraphConfig, option: String, error: unknown): void {
if (!config.getDependencyGraphContinueOnFailure()) {
throw new PostActionJobFailure(error)
}
core.warning(`Failed to ${config.dependencyGraphOption} dependency graph. Will continue.\n${String(error)}`)
core.warning(`Failed to ${option} dependency graph. Will continue.\n${String(error)}`)
}
function getOctokit(): InstanceType<typeof GitHub> {

7
sources/src/dependency-submission/main.ts
View File

@ -19,12 +19,9 @@ export async function run(): Promise<void> {
// Configure the dependency graph submission
const config = new DependencyGraphConfig()
config.artifactRetentionDays = 1
config.continueOnFailure = false
await dependencyGraph.setup(config)
if (config.dependencyGraphOption === DependencyGraphOption.DownloadAndSubmit) {
if (config.getDependencyGraphOption() === DependencyGraphOption.DownloadAndSubmit) {
// No execution to perform
return
}
@ -45,6 +42,8 @@ export async function run(): Promise<void> {
const args: string[] = parseArgsStringToArgv(executionArgs)
const buildRootDirectory = layout.buildRootDirectory()
await execution.executeGradleBuild(executable, buildRootDirectory, args)
await dependencyGraph.complete(config)
} catch (error) {
core.setFailed(String(error))
if (error instanceof Error && error.stack) {

8
sources/src/dependency-submission/post.ts
View File

@ -1,8 +1,7 @@
import * as core from '@actions/core'
import * as setupGradle from '../setup-gradle'
import * as dependencyGraph from '../dependency-graph'
import {CacheConfig, DependencyGraphConfig, SummaryConfig} from '../input-params'
import {CacheConfig, SummaryConfig} from '../input-params'
import {PostActionJobFailure} from '../errors'
// Catch and log any unhandled exceptions. These exceptions can leak out of the uploadChunk method in
@ -15,10 +14,7 @@ process.on('uncaughtException', e => handleFailure(e))
*/
export async function run(): Promise<void> {
try {
if (await setupGradle.complete(new CacheConfig(), new SummaryConfig())) {
// Only submit the dependency graphs once per job
await dependencyGraph.complete(new DependencyGraphConfig())
}
await setupGradle.complete(new CacheConfig(), new SummaryConfig())
} catch (error) {
if (error instanceof PostActionJobFailure) {
core.setFailed(String(error))

13
sources/src/input-params.ts
View File

@ -6,11 +6,7 @@ import {SUMMARY_ENV_VAR} from '@actions/core/lib/summary'
import {parseArgsStringToArgv} from 'string-argv'
export class DependencyGraphConfig {
dependencyGraphOption = this.getDependencyGraphOption()
continueOnFailure = this.getDependencyGraphContinueOnFailure()
artifactRetentionDays = this.getArtifactRetentionDays()
private getDependencyGraphOption(): DependencyGraphOption {
getDependencyGraphOption(): DependencyGraphOption {
const val = core.getInput('dependency-graph')
switch (val.toLowerCase().trim()) {
case 'disabled':
@ -31,11 +27,11 @@ export class DependencyGraphConfig {
)
}
private getDependencyGraphContinueOnFailure(): boolean {
getDependencyGraphContinueOnFailure(): boolean {
return getBooleanInput('dependency-graph-continue-on-failure', true)
}
private getArtifactRetentionDays(): number {
getArtifactRetentionDays(): number {
const val = core.getInput('artifact-retention-days')
return parseNumericInput('artifact-retention-days', val, 0)
// Zero indicates that the default repository settings should be used
@ -185,9 +181,6 @@ export enum JobSummaryOption {
export class BuildScanConfig {
getBuildScanPublishEnabled(): boolean {
if (!this.verifyTermsOfUseAgreement()) {
return false
}
return getBooleanInput('build-scan-publish') && this.verifyTermsOfUseAgreement()
}