-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathaction.yml
More file actions
205 lines (185 loc) · 9.78 KB
/
action.yml
File metadata and controls
205 lines (185 loc) · 9.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
---
name: Configure Gradle
description: GitHub Action to configure Gradle build environment with build number, authentication, and default settings
inputs:
working-directory:
description: Relative path under github.workspace to execute the build in
default: .
artifactory-reader-role:
description: Suffix for the Artifactory reader role in Vault. Defaults to `private-reader` for private repositories,
and `public-reader` for public repositories.
default: ''
repox-url:
description: URL for Repox
default: https://repox.jfrog.io
repox-artifactory-url:
description: URL for Repox Artifactory API (overrides repox-url/artifactory if provided)
default: ''
use-develocity:
description: Whether to use Develocity for build tracking.
default: 'false'
develocity-url:
description: URL for Develocity
default: https://develocity.sonar.build/
cache-paths:
description: Cache paths to use (multiline).
default: |-
~/.gradle/caches
~/.gradle/wrapper
disable-caching:
description: Whether to disable Gradle caching entirely
default: 'false'
host-actions-root:
description: Path to the actions folder on the host (used when called from another local action)
default: ''
outputs:
BUILD_NUMBER:
description: The current build number. Also set as environment variable BUILD_NUMBER
value: ${{ steps.get-build-number.outputs.BUILD_NUMBER }}
current-version:
description: The project version set in the gradle.properties (before replacement). Also set as environment variable CURRENT_VERSION
value: ${{ steps.set-version.outputs.current-version }}
project-version:
description: The project version with build number (after replacement). Also set as environment variable PROJECT_VERSION
value: ${{ steps.set-version.outputs.project-version }}
runs:
using: composite
steps:
- name: Set local action paths
id: set-path
shell: bash
run: |
echo "::group::Fix for using local actions"
echo "GITHUB_ACTION_PATH=$GITHUB_ACTION_PATH"
echo "github.action_path=${{ github.action_path }}"
ACTION_PATH_CONFIG_GRADLE="${{ github.action_path }}"
host_actions_root="${{ inputs.host-actions-root }}"
if [ -z "$host_actions_root" ]; then
host_actions_root="$(dirname "$ACTION_PATH_CONFIG_GRADLE")"
else
ACTION_PATH_CONFIG_GRADLE="$host_actions_root/config-gradle"
fi
echo "ACTION_PATH_CONFIG_GRADLE=$ACTION_PATH_CONFIG_GRADLE"
echo "ACTION_PATH_CONFIG_GRADLE=$ACTION_PATH_CONFIG_GRADLE" >> "$GITHUB_ENV"
echo "host_actions_root=$host_actions_root" >> "$GITHUB_OUTPUT"
mkdir -p ".actions"
ln -sf "$host_actions_root/get-build-number" .actions/get-build-number
ln -sf "$host_actions_root/shared" .actions/shared
ls -la .actions/*
echo "::endgroup::"
- uses: ./.actions/get-build-number
id: get-build-number
with:
host-actions-root: ${{ steps.set-path.outputs.host_actions_root }}
- id: config-gradle-completed
if: env.CONFIG_GRADLE_COMPLETED != ''
shell: bash
run: |
echo "Action already called by $CONFIG_GRADLE_COMPLETED, execution skipped."
echo "skip=true" >> $GITHUB_OUTPUT
- name: Set parameter for Vault
if: steps.config-gradle-completed.outputs.skip != 'true'
shell: bash
env:
ARTIFACTORY_READER_ROLE: ${{ inputs.artifactory-reader-role != '' && inputs.artifactory-reader-role ||
(github.event.repository.visibility == 'public' && 'public-reader' || 'private-reader') }}
run: |
echo "ARTIFACTORY_READER_ROLE=${ARTIFACTORY_READER_ROLE}" >> "$GITHUB_ENV"
- uses: SonarSource/vault-action-wrapper@545e7cfbb5528e7009a1edcc83e073898d292627 # 3.2.0
if: steps.config-gradle-completed.outputs.skip != 'true'
id: secrets
with:
secrets: |
development/artifactory/token/{REPO_OWNER_NAME_DASH}-${{ env.ARTIFACTORY_READER_ROLE }} username | ARTIFACTORY_USERNAME;
development/artifactory/token/{REPO_OWNER_NAME_DASH}-${{ env.ARTIFACTORY_READER_ROLE }} access_token | ARTIFACTORY_ACCESS_TOKEN;
${{ inputs.use-develocity == 'true' && 'development/kv/data/develocity token | DEVELOCITY_TOKEN;' || '' }}
- name: Extract Develocity hostname
id: develocity-hostname
if: steps.config-gradle-completed.outputs.skip != 'true' && inputs.use-develocity == 'true'
shell: bash
run: echo "hostname=$(echo '${{ inputs.develocity-url }}' | sed -e 's|https://||' -e 's|/$||')" >> $GITHUB_OUTPUT
- name: Set environment variables for Artifactory authentication
if: steps.config-gradle-completed.outputs.skip != 'true'
shell: bash
env:
ARTIFACTORY_URL: ${{ inputs.repox-artifactory-url != '' && inputs.repox-artifactory-url ||
format('{0}/artifactory', inputs.repox-url) }}
ARTIFACTORY_USERNAME: ${{ steps.secrets.outputs.vault && fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_USERNAME || '' }}
ARTIFACTORY_ACCESS_TOKEN: ${{ steps.secrets.outputs.vault && fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN || '' }}
DEVELOCITY_TOKEN: ${{ inputs.use-develocity == 'true' && steps.secrets.outputs.vault &&
fromJSON(steps.secrets.outputs.vault).DEVELOCITY_TOKEN || '' }}
run: |
if [[ "${DEVELOCITY_ACCESS_KEY:-}" == "${{ steps.develocity-hostname.outputs.hostname }}=" ]]; then
echo "::warning title=Found invalid DEVELOCITY_ACCESS_KEY::DEVELOCITY_ACCESS_KEY should not be set manually" \
"in the environment." >&2
echo "[WARNING] DEVELOCITY_ACCESS_KEY is set in the environment with an empty token. This is a deprecated configuration." \
"The Develocity token is configured by config-gradle. Please remove external configuration of DEVELOCITY_ACCESS_KEY."
fi
echo "ARTIFACTORY_URL=$ARTIFACTORY_URL" >> "$GITHUB_ENV"
echo "ARTIFACTORY_USERNAME=$ARTIFACTORY_USERNAME" >> "$GITHUB_ENV"
echo "ARTIFACTORY_ACCESS_USERNAME=$ARTIFACTORY_USERNAME" >> "$GITHUB_ENV" # deprecated, backward compliance
echo "ARTIFACTORY_ACCESS_TOKEN=$ARTIFACTORY_ACCESS_TOKEN" >> "$GITHUB_ENV"
echo "ARTIFACTORY_PASSWORD=$ARTIFACTORY_ACCESS_TOKEN" >> "$GITHUB_ENV" # deprecated, backward compliance
if [[ -n "${DEVELOCITY_TOKEN:-}" ]]; then
echo "DEVELOCITY_ACCESS_KEY=${{ steps.develocity-hostname.outputs.hostname }}=$DEVELOCITY_TOKEN" >> "$GITHUB_ENV"
fi
- name: Configure Gradle
if: steps.config-gradle-completed.outputs.skip != 'true'
uses: gradle/actions/setup-gradle@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2
with:
develocity-injection-enabled: ${{ inputs.use-develocity == 'true' }}
cache-disabled: true
develocity-plugin-version: '4.0'
develocity-access-key: ${{ inputs.use-develocity == 'true' &&
fromJSON(steps.secrets.outputs.vault).DEVELOCITY_TOKEN || '' }}
- name: Generate Gradle Cache Key
if: steps.config-gradle-completed.outputs.skip != 'true' && inputs.disable-caching != 'true'
shell: bash
run: |
# Generate cache key from all Gradle files
/usr/bin/find . \( -name '*.gradle' -o -name '*.gradle.kts' \) -type f -exec md5sum {} \; | sort > gradle-md5-sums.txt
md5sum gradle/libs.versions.toml gradle/wrapper/gradle-wrapper.properties 2>/dev/null >> gradle-md5-sums.txt || true
GRADLE_CACHE_KEY=$(md5sum gradle-md5-sums.txt | awk '{ print $1 }')
echo "🔑 Generated cache key: ${GRADLE_CACHE_KEY}"
echo "GRADLE_CACHE_KEY=${GRADLE_CACHE_KEY}" >> "$GITHUB_ENV"
rm -f gradle-md5-sums.txt
- name: Sanitize workflow name for cache key
id: sanitize_workflow
if: steps.config-gradle-completed.outputs.skip != 'true' && inputs.disable-caching == 'false'
shell: bash
env:
WORKFLOW_NAME: ${{ github.workflow }}
run: echo "workflow_name=${WORKFLOW_NAME// /-}" >> "$GITHUB_OUTPUT"
- name: Gradle Cache
uses: SonarSource/gh-action_cache@v1
if: steps.config-gradle-completed.outputs.skip != 'true' && inputs.disable-caching == 'false'
with:
path: ${{ inputs.cache-paths }}
key: gradle-${{ runner.os }}-${{ steps.sanitize_workflow.outputs.workflow_name }}-${{ env.GRADLE_CACHE_KEY }}
restore-keys: gradle-${{ runner.os }}-${{ steps.sanitize_workflow.outputs.workflow_name }}-
# $GRADLE_USER_HOME is typically set to ~/.gradle/ by gradle/actions/setup-gradle
- name: Configure Gradle Authentication
if: steps.config-gradle-completed.outputs.skip != 'true'
shell: bash
run: |
GRADLE_INIT_DIR="$GRADLE_USER_HOME/init.d"
mkdir -p "$GRADLE_INIT_DIR"
cp "$ACTION_PATH_CONFIG_GRADLE/resources/repoxAuth.init.gradle.kts" "$GRADLE_INIT_DIR/"
- name: Update project version and set current-version and project-version variables
id: set-version
shell: bash
working-directory: ${{ inputs.working-directory }}
env:
SKIP: ${{ steps.config-gradle-completed.outputs.skip }}
run: $ACTION_PATH_CONFIG_GRADLE/set_gradle_project_version.sh
- name: Deactivate UseContainerSupport on github-ubuntu-* runners
if: steps.config-gradle-completed.outputs.skip != 'true' && runner.os == 'Linux' && runner.environment == 'github-hosted'
shell: bash
run: |
echo "::warning title=Deactivating UseContainerSupport::The GitHub-hosted Ubuntu runners have an issue with Java's" \
"UseContainerSupport feature." >&2
echo "JAVA_TOOL_OPTIONS=${JAVA_TOOL_OPTIONS:=-XX:-UseContainerSupport}" >> "$GITHUB_ENV"
- name: Set Config Gradle completed
if: steps.config-gradle-completed.outputs.skip != 'true'
shell: bash
run: echo "CONFIG_GRADLE_COMPLETED=$GITHUB_ACTION" >> "$GITHUB_ENV"