Commit graph

1124 commits

Author SHA1 Message Date
daz
334a4b8d4d
Reinstate configuration-cache save/restore capability 2023-12-20 17:31:01 -07:00
daz
009bd36b91
Exclude cc-keystore from Gradle User Home 2023-12-20 17:31:01 -07:00
daz
9d6738618d
Support wildcards in cache-excludes 2023-12-20 10:05:25 -07:00
daz
f053e6b7e7
Deprecate the arguments parameter
Fixes #996
2023-12-20 09:57:20 -07:00
daz
c821b7c4f1
Update to run on Node 20 2023-12-20 09:57:18 -07:00
daz
982da8e78c
Attempt to make init-script compatible with Gradle 1.12
The `PluginManager` type wasn't introduced until Gradle 2.x.
Remove this type from the method signature in an attempt to allow this
file to be parsed with Gradle 1.12.
2023-12-19 14:12:27 -07:00
daz
a0fc8606d2
Build outputs 2023-12-19 14:08:34 -07:00
daz
a1980784de
Improve reporting for dependency-graph failure
The previous message was assuming a permissions issue, and was not
including the underlying error message in the response.
2023-12-19 14:05:20 -07:00
dependabot[bot]
89e46180c6
Bump com.google.guava:guava in /.github/workflow-samples/kotlin-dsl
Bumps [com.google.guava:guava](https://github.com/google/guava) from 32.1.3-jre to 33.0.0-jre.
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-18 22:30:59 +00:00
Daz DeBoer
f95e9c7459
Clarify dependency-graph example 2023-12-12 10:48:54 -07:00
daz
8cbcb9948b
Plugin repository URL is configurable
The repository URL used to resolve the `github-dependency-graph-gradle-plugin` is now
configurable, allowing a user to specify an internal proxy if the public portal is not available.

Specify a custom plugin repository using the `GRADLE_PLUGIN_REPOSITORY_URL` env var,
or the `gradle.plugin-repository.url` System property.

Fixes #933
2023-12-11 21:15:34 -07:00
daz
a71aff6a12
Handle failure in cache-cleanup
Do not abort the remainder of the post-action on failure in cache-cleanup.
Instead, just log a warning and continue.

Fixes #858
Fixes #990
2023-12-11 20:38:28 -07:00
daz
77699bae74
Handle failure writing build-results file
Fixes #866
2023-12-11 20:18:58 -07:00
daz
dc5927259f
Merge branch 'dd/dependency-updates'
* dd/dependency-updates:
  Bumps the npm-dependencies group with 5 updates:
  Bump the github-actions group with 2 updates
  Bump from Gradle 8.4 to Gradle 8.5
2023-12-11 19:49:28 -07:00
daz
4f0075d967
Clarify docs for dedicated workflow
Fixes #976
2023-12-11 19:48:32 -07:00
daz
e1f9864a52
Bumps the npm-dependencies group with 5 updates:
| Package | From | To |
    | --- | --- | --- |
    | [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.8` | `29.5.11` |
    | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `6.12.0` | `6.14.0` |
    | [eslint](https://github.com/eslint/eslint) | `8.54.0` | `8.55.0` |
    | [prettier](https://github.com/prettier/prettier) | `3.1.0` | `3.1.1` |
    | [typescript](https://github.com/Microsoft/TypeScript) | `5.3.2` | `5.3.3` |
2023-12-11 19:43:02 -07:00
dependabot[bot]
76d5a9b475
Bump the github-actions group with 2 updates
Bumps the github-actions group with 2 updates: [actions/setup-java](https://github.com/actions/setup-java) and [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action).


Updates `actions/setup-java` from 3 to 4
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3...v4)

Updates `gradle/gradle-build-action` from 2.9.0 to 2.10.0
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.9.0...v2.10.0)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-11 19:23:45 -07:00
daz
39d8c6d06e
Bump from Gradle 8.4 to Gradle 8.5 2023-12-11 18:33:39 -07:00
Kengo TODA
0280eb7de5 docs: upload build reports even when build failed
Signed-off-by: Kengo TODA <skypencil@gmail.com>
2023-11-28 04:50:00 +01:00
daz
87a9a15658
Use 1.0.0 release of dependency graph plugin 2023-11-27 17:46:35 +10:00
Daz DeBoer
375481748b
Document artifact-retention-days 2023-11-26 19:46:29 -07:00
daz
beff1c573c
Update dev dependencies 2023-11-27 12:28:37 +10:00
dependabot[bot]
21a3ebb55f Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile
Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-smile](https://github.com/FasterXML/jackson-dataformats-binary) from 2.15.3 to 2.16.0.
- [Commits](https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.15.3...jackson-dataformats-binary-2.16.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-smile
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-27 03:20:34 +01:00
dependabot[bot]
a5be560235 Bump the github-actions group with 2 updates
Bumps the github-actions group with 2 updates: [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) and [actions/github-script](https://github.com/actions/github-script).


Updates `gradle/gradle-build-action` from 2.8.1 to 2.9.0
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.8.1...v2.9.0)

Updates `actions/github-script` from 6 to 7
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-27 03:20:09 +01:00
Daz DeBoer
9bca466e27
Make artifact retention configurable
- Added a new `artifact-retention-days` input parameter to control retention of uploaded artifacts
- Artifacts retention will use repository settings if not overridden.
2023-11-09 00:06:31 -07:00
Daz DeBoer
f757bcfd86
Merge pull request #951 from gradle/dd/v2.9.1
Update dependencies
2023-11-09 06:19:22 +01:00
daz
8b6c211905
Bump to RC of github dependency graph plugin 2023-11-08 21:11:42 -08:00
daz
8db1c7621b
Build outputs 2023-11-08 21:02:15 -08:00
daz
6eaacfc06c
Update NPM dependencies 2023-11-08 21:02:15 -08:00
dependabot[bot]
750905c0ed
Bump @babel/traverse from 7.21.3 to 7.23.2
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.3 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-08 21:02:15 -08:00
daz
d5fbcc8361
Bump java dependency versions in tests 2023-11-08 21:02:15 -08:00
daz
0e761ca2b4
Bump to Gradle 8.4 for tests and samples 2023-11-08 21:02:15 -08:00
daz
6b7c087721
Bump version of Develocity plugins 2023-11-08 20:35:00 -08:00
Matthew Haughton
0bfe00a136 Fix typos in README
Signed-off-by: Matthew Haughton <3flex@users.noreply.github.com>
2023-10-12 21:33:54 +02:00
Daz DeBoer
62cce3c597
FIx dependency review example in README 2023-09-30 18:24:45 -06:00
Daz DeBoer
842c587ad8
Merge pull request #911 - Improve dependency review support 2023-10-01 02:01:56 +02:00
daz
4241e05054
Document configuration for dependency-review-action 2023-09-30 17:45:44 -06:00
daz
bfa3c0508e
Build outputs 2023-09-30 08:49:10 -06:00
daz
c3bdce8205
Warn on dependency-graph-submit failure
A common issue when submitting a dependency graph is that the required
'contents: write' permission is not set.
We now catch any dependency submission failure and inform the user to check
that the required permissions are available.
2023-09-30 08:47:10 -06:00
daz
f92e7c3428
Improve compat with dependency-review-action
When using 'download-and-submit' for dependency graphs, we now run the
submission immediately instead of waiting until the post-action.
This allows a single job to both submit the graph and run the dependency
review action.
2023-09-29 20:36:16 -06:00
daz
d1b726d8c1 Do not generate dependency graph in cache-cleanup
- Allow environment variables to be overridden by system properties in dependency-graph initscript
- Set `GITHUB_DEPENDENCY_GRAPH_ENABLED=false` when executing Gradle for cache cleanup
2023-09-29 22:55:54 +02:00
Daz DeBoer
6fcc109efa
Dependency updates (#904)
### Github Action updates

Updates `gradle/gradle-build-action` from 2.8.0 to 2.8.1

### NPM updates

Updates `@octokit/webhooks-types` from 7.3.0 to 7.3.1
- [Release notes](https://github.com/octokit/webhooks/releases)
- [Commits](https://github.com/octokit/webhooks/compare/v7.3.0...v7.3.1)

Updates `@typescript-eslint/parser` from 6.7.2 to 6.7.3
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.3/packages/parser)

Updates `eslint` from 8.49.0 to 8.50.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.49.0...v8.50.0)
2023-09-29 13:55:35 -06:00
Benoit Pierre
fde5b4fcde fix README.md internal references
Signed-off-by: Benoit Pierre <benoit.pierre@gmail.com>
2023-09-29 21:35:43 +02:00
daz
324fbdc804
Update to dep-graph plugin 0.4.1 2023-09-29 13:22:08 -06:00
daz
5658338fb0 Build outputs 2023-09-26 15:51:30 +02:00
daz
87ccc98a2a Use correct SHA for pull request events
In a pull request, GITHUB_SHA is set to the "last merge commit on the GITHUB_REF branch".
This isn't the correct value to use when generating a dependency graph.
This changes to use the value of `pull_request.head.sha`, which is the correct
value for a dependency graph.

Fixes #882
2023-09-26 15:51:30 +02:00
daz
4441c9f9bf Update to dep-graph plugin 0.4.0 2023-09-26 15:51:30 +02:00
Daz DeBoer
b5126f31db
Use github.getOctokit() for compat with GitHub Enterprise
Thanks @nise-nabe for the inspiration

Fixes #885
2023-09-21 10:55:26 -06:00
Daz DeBoer
d8615ccc8b
Document configuration to publish to scans.gradle.com
Fixes #870
2023-09-21 10:47:51 -06:00
Daz DeBoer
444c20baf7 Test multiple dependency graphs on all os's 2023-09-21 18:22:31 +02:00