From 8cbcb9948b5892387aed077daf6f90e1f0ba5b27 Mon Sep 17 00:00:00 2001 From: daz Date: Mon, 11 Dec 2023 21:15:34 -0700 Subject: [PATCH] Plugin repository URL is configurable The repository URL used to resolve the `github-dependency-graph-gradle-plugin` is now configurable, allowing a user to specify an internal proxy if the public portal is not available. Specify a custom plugin repository using the `GRADLE_PLUGIN_REPOSITORY_URL` env var, or the `gradle.plugin-repository.url` System property. Fixes #933 --- README.md | 23 +++++++++++++++++++ ...ependency-graph-gradle-plugin-apply.groovy | 8 ++++++- 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 07ec692..49542b6 100644 --- a/README.md +++ b/README.md @@ -578,6 +578,27 @@ The `contents: write` permission is not required to generate the dependency grap > for a PR submitted from a forked repository. > For a configuration that supports this setup, see [Dependency Graphs for pull request workflows](#dependency-graphs-for-pull-request-workflows). +### Using a custom plugin repository + +By default, the action downloads the `github-dependency-graph-gradle-plugin` from the Gradle Plugin Portal (https://plugins.gradle.org). If your GitHub Actions environment does not have access to this URL, you can specify a custom plugin repository to use. +Do so by setting the `GRADLE_PLUGIN_REPOSITORY_URL` environment variable with your Gradle invocation. + +```yaml +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Setup Gradle to generate and submit dependency graphs + uses: gradle/gradle-build-action@v2 + with: + dependency-graph: generate-and-submit + - name: Run a build, resolving the 'dependency-graph' plugin from the plugin portal proxy + run: ./gradlew build + env: + GRADLE_PLUGIN_REPOSITORY_URL: "https://gradle-plugins-proxy.mycorp.com" +``` + ### Integrating the `dependency-review-action` The GitHub [dependency-review-action](https://github.com/actions/dependency-review-action) helps you @@ -826,6 +847,8 @@ To reduce storage costs for these artifacts, you can set the `artifact-retention artifact-retention-days: 1 ``` + + # Gradle Enterprise plugin injection The `gradle-build-action` provides support for injecting and configuring the Gradle Enterprise Gradle plugin into any Gradle build, without any modification to the project sources. diff --git a/src/resources/init-scripts/gradle-build-action.github-dependency-graph-gradle-plugin-apply.groovy b/src/resources/init-scripts/gradle-build-action.github-dependency-graph-gradle-plugin-apply.groovy index 37cc8ca..5375ced 100644 --- a/src/resources/init-scripts/gradle-build-action.github-dependency-graph-gradle-plugin-apply.groovy +++ b/src/resources/init-scripts/gradle-build-action.github-dependency-graph-gradle-plugin-apply.groovy @@ -1,6 +1,12 @@ buildscript { + def getInputParam = { String name -> + def envVarName = name.toUpperCase().replace('.', '_').replace('-', '_') + return System.getProperty(name) ?: System.getenv(envVarName) + } + def pluginRepositoryUrl = getInputParam('gradle.plugin-repository.url') ?: 'https://plugins.gradle.org/m2' + repositories { - maven { url "https://plugins.gradle.org/m2/" } + maven { url pluginRepositoryUrl } } dependencies { classpath "org.gradle:github-dependency-graph-gradle-plugin:1.0.0"