Plugin repository URL is configurable

The repository URL used to resolve the `github-dependency-graph-gradle-plugin` is now
configurable, allowing a user to specify an internal proxy if the public portal is not available.

Specify a custom plugin repository using the `GRADLE_PLUGIN_REPOSITORY_URL` env var,
or the `gradle.plugin-repository.url` System property.

Fixes #933
This commit is contained in:
daz 2023-12-11 21:15:34 -07:00
parent a71aff6a12
commit 8cbcb9948b
No known key found for this signature in database
2 changed files with 30 additions and 1 deletions

View file

@ -578,6 +578,27 @@ The `contents: write` permission is not required to generate the dependency grap
> for a PR submitted from a forked repository. > for a PR submitted from a forked repository.
> For a configuration that supports this setup, see [Dependency Graphs for pull request workflows](#dependency-graphs-for-pull-request-workflows). > For a configuration that supports this setup, see [Dependency Graphs for pull request workflows](#dependency-graphs-for-pull-request-workflows).
### Using a custom plugin repository
By default, the action downloads the `github-dependency-graph-gradle-plugin` from the Gradle Plugin Portal (https://plugins.gradle.org). If your GitHub Actions environment does not have access to this URL, you can specify a custom plugin repository to use.
Do so by setting the `GRADLE_PLUGIN_REPOSITORY_URL` environment variable with your Gradle invocation.
```yaml
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Gradle to generate and submit dependency graphs
uses: gradle/gradle-build-action@v2
with:
dependency-graph: generate-and-submit
- name: Run a build, resolving the 'dependency-graph' plugin from the plugin portal proxy
run: ./gradlew build
env:
GRADLE_PLUGIN_REPOSITORY_URL: "https://gradle-plugins-proxy.mycorp.com"
```
### Integrating the `dependency-review-action` ### Integrating the `dependency-review-action`
The GitHub [dependency-review-action](https://github.com/actions/dependency-review-action) helps you The GitHub [dependency-review-action](https://github.com/actions/dependency-review-action) helps you
@ -826,6 +847,8 @@ To reduce storage costs for these artifacts, you can set the `artifact-retention
artifact-retention-days: 1 artifact-retention-days: 1
``` ```
# Gradle Enterprise plugin injection # Gradle Enterprise plugin injection
The `gradle-build-action` provides support for injecting and configuring the Gradle Enterprise Gradle plugin into any Gradle build, without any modification to the project sources. The `gradle-build-action` provides support for injecting and configuring the Gradle Enterprise Gradle plugin into any Gradle build, without any modification to the project sources.

View file

@ -1,6 +1,12 @@
buildscript { buildscript {
def getInputParam = { String name ->
def envVarName = name.toUpperCase().replace('.', '_').replace('-', '_')
return System.getProperty(name) ?: System.getenv(envVarName)
}
def pluginRepositoryUrl = getInputParam('gradle.plugin-repository.url') ?: 'https://plugins.gradle.org/m2'
repositories { repositories {
maven { url "https://plugins.gradle.org/m2/" } maven { url pluginRepositoryUrl }
} }
dependencies { dependencies {
classpath "org.gradle:github-dependency-graph-gradle-plugin:1.0.0" classpath "org.gradle:github-dependency-graph-gradle-plugin:1.0.0"