gradle/gradle-build-action
1
0
Fork 0
mirror of https://github.com/gradle/gradle-build-action.git synced 2024-11-22 09:02:50 +00:00
Code Issues Projects Releases Packages Wiki Activity

Warn on dependency-graph-submit failure

Browse source 
A common issue when submitting a dependency graph is that the required
'contents: write' permission is not set.
We now catch any dependency submission failure and inform the user to check
that the required permissions are available.
This commit is contained in:
daz 2023-09-30 08:37:51 -06:00
parent f92e7c3428
commit c3bdce8205
No known key found for this signature in database
1 changed files with 28 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
src/dependency-graph.ts
View file

@ -4,6 +4,7 @@ import * as github from '@actions/github'
import * as glob from '@actions/glob' import * as glob from '@actions/glob'
import * as toolCache from '@actions/tool-cache' import * as toolCache from '@actions/tool-cache'
import {GitHub} from '@actions/github/lib/utils' import {GitHub} from '@actions/github/lib/utils'
import {RequestError} from '@octokit/request-error'
import type {PullRequestEvent} from '@octokit/webhooks-types' import type {PullRequestEvent} from '@octokit/webhooks-types'
import * as path from 'path' import * as path from 'path'
@ -70,21 +71,37 @@ async function downloadAndSubmitDependencyGraphs(): Promise<void> {
} }
async function submitDependencyGraphs(dependencyGraphFiles: string[]): Promise<void> { async function submitDependencyGraphs(dependencyGraphFiles: string[]): Promise<void> {
const octokit = getOctokit()
for (const jsonFile of dependencyGraphFiles) { for (const jsonFile of dependencyGraphFiles) {
const jsonContent = fs.readFileSync(jsonFile, 'utf8') try {
await submitDependencyGraphFile(jsonFile)
const jsonObject = JSON.parse(jsonContent) } catch (error) {
jsonObject.owner = github.context.repo.owner if (error instanceof RequestError) {
jsonObject.repo = github.context.repo.repo const relativeJsonFile = getRelativePathFromWorkspace(jsonFile)
const response = await octokit.request('POST /repos/{owner}/{repo}/dependency-graph/snapshots', jsonObject) core.warning(
`Failed to submit dependency graph ${relativeJsonFile}.\n` +
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile) "Please ensure that the 'contents: write' permission is available for the workflow job.\n" +
core.notice(`Submitted ${relativeJsonFile}: ${response.data.message}`) "Note that this permission is never available for a 'pull_request' trigger from a repository fork."
)
} else {
throw error
}
}
} }
} }
async function submitDependencyGraphFile(jsonFile: string): Promise<void> {
const octokit = getOctokit()
const jsonContent = fs.readFileSync(jsonFile, 'utf8')
const jsonObject = JSON.parse(jsonContent)
jsonObject.owner = github.context.repo.owner
jsonObject.repo = github.context.repo.repo
const response = await octokit.request('POST /repos/{owner}/{repo}/dependency-graph/snapshots', jsonObject)
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile)
core.notice(`Submitted ${relativeJsonFile}: ${response.data.message}`)
}
async function retrieveDependencyGraphs(workspaceDirectory: string): Promise<string[]> { async function retrieveDependencyGraphs(workspaceDirectory: string): Promise<string[]> {
if (github.context.payload.workflow_run) { if (github.context.payload.workflow_run) {
return await retrieveDependencyGraphsForWorkflowRun(github.context.payload.workflow_run.id, workspaceDirectory) return await retrieveDependencyGraphsForWorkflowRun(github.context.payload.workflow_run.id, workspaceDirectory)