Commit graph

1036 commits

Author SHA1 Message Date
daz
c3bdce8205
Warn on dependency-graph-submit failure
A common issue when submitting a dependency graph is that the required
'contents: write' permission is not set.
We now catch any dependency submission failure and inform the user to check
that the required permissions are available.
2023-09-30 08:47:10 -06:00
daz
f92e7c3428
Improve compat with dependency-review-action
When using 'download-and-submit' for dependency graphs, we now run the
submission immediately instead of waiting until the post-action.
This allows a single job to both submit the graph and run the dependency
review action.
2023-09-29 20:36:16 -06:00
daz
d1b726d8c1 Do not generate dependency graph in cache-cleanup
- Allow environment variables to be overridden by system properties in dependency-graph initscript
- Set `GITHUB_DEPENDENCY_GRAPH_ENABLED=false` when executing Gradle for cache cleanup
2023-09-29 22:55:54 +02:00
Daz DeBoer
6fcc109efa
Dependency updates (#904)
### Github Action updates

Updates `gradle/gradle-build-action` from 2.8.0 to 2.8.1

### NPM updates

Updates `@octokit/webhooks-types` from 7.3.0 to 7.3.1
- [Release notes](https://github.com/octokit/webhooks/releases)
- [Commits](https://github.com/octokit/webhooks/compare/v7.3.0...v7.3.1)

Updates `@typescript-eslint/parser` from 6.7.2 to 6.7.3
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.3/packages/parser)

Updates `eslint` from 8.49.0 to 8.50.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.49.0...v8.50.0)
2023-09-29 13:55:35 -06:00
Benoit Pierre
fde5b4fcde fix README.md internal references
Signed-off-by: Benoit Pierre <benoit.pierre@gmail.com>
2023-09-29 21:35:43 +02:00
daz
324fbdc804
Update to dep-graph plugin 0.4.1 2023-09-29 13:22:08 -06:00
daz
5658338fb0 Build outputs 2023-09-26 15:51:30 +02:00
daz
87ccc98a2a Use correct SHA for pull request events
In a pull request, GITHUB_SHA is set to the "last merge commit on the GITHUB_REF branch".
This isn't the correct value to use when generating a dependency graph.
This changes to use the value of `pull_request.head.sha`, which is the correct
value for a dependency graph.

Fixes #882
2023-09-26 15:51:30 +02:00
daz
4441c9f9bf Update to dep-graph plugin 0.4.0 2023-09-26 15:51:30 +02:00
Daz DeBoer
b5126f31db
Use github.getOctokit() for compat with GitHub Enterprise
Thanks @nise-nabe for the inspiration

Fixes #885
2023-09-21 10:55:26 -06:00
Daz DeBoer
d8615ccc8b
Document configuration to publish to scans.gradle.com
Fixes #870
2023-09-21 10:47:51 -06:00
Daz DeBoer
444c20baf7 Test multiple dependency graphs on all os's 2023-09-21 18:22:31 +02:00
daz
aea76e1766
Dependency updates 2023-09-21 10:01:33 -06:00
daz
103e3a7ba7
Build outputs 2023-09-21 08:47:55 -06:00
dependabot[bot]
73e3fc21c7
Bump the npm-dependencies group with 12 updates
Bumps the npm-dependencies group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [@actions/artifact](https://github.com/actions/toolkit/tree/HEAD/packages/artifact) | `1.1.1` | `1.1.2` |
| [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) | `1.10.0` | `1.10.1` |
| [@types/unzipper](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/unzipper) | `0.10.6` | `0.10.7` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `6.4.1` | `6.7.2` |
| [@vercel/ncc](https://github.com/vercel/ncc) | `0.36.1` | `0.38.0` |
| [eslint](https://github.com/eslint/eslint) | `8.47.0` | `8.49.0` |
| [eslint-plugin-github](https://github.com/github/eslint-plugin-github) | `4.9.2` | `4.10.0` |
| [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `27.2.3` | `27.4.0` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.6.3` | `29.7.0` |
| [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.4` | `29.5.5` |
| [prettier](https://github.com/prettier/prettier) | `3.0.2` | `3.0.3` |
| [typescript](https://github.com/Microsoft/TypeScript) | `5.1.6` | `5.2.2` |


Updates `@actions/artifact` from 1.1.1 to 1.1.2
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/artifact/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/artifact)

Updates `@actions/core` from 1.10.0 to 1.10.1
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Updates `@types/unzipper` from 0.10.6 to 0.10.7
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/unzipper)

Updates `@typescript-eslint/parser` from 6.4.1 to 6.7.2
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.2/packages/parser)

Updates `@vercel/ncc` from 0.36.1 to 0.38.0
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](https://github.com/vercel/ncc/compare/0.36.1...0.38.0)

Updates `eslint` from 8.47.0 to 8.49.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.47.0...v8.49.0)

Updates `eslint-plugin-github` from 4.9.2 to 4.10.0
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](https://github.com/github/eslint-plugin-github/compare/v4.9.2...v4.10.0)

Updates `eslint-plugin-jest` from 27.2.3 to 27.4.0
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.2.3...v27.4.0)

Updates `jest` from 29.6.3 to 29.7.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v29.7.0/packages/jest)

Updates `@types/jest` from 29.5.4 to 29.5.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Updates `prettier` from 3.0.2 to 3.0.3
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.0.2...3.0.3)

Updates `typescript` from 5.1.6 to 5.2.2
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.1.6...v5.2.2)

---
updated-dependencies:
- dependency-name: "@actions/artifact"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@types/unzipper"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-21 08:44:23 -06:00
daz
b063df05a4
Bump GE plugin versions 2023-09-21 08:41:43 -06:00
dependabot[bot]
5e3952da92 Bump the github-actions group with 2 updates
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action).


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

Updates `gradle/gradle-build-action` from 2.7.1 to 2.8.0
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.7.1...v2.8.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-21 16:35:57 +02:00
Daz DeBoer
ed940a329a
Fix name of test dependency-graph workflow 2023-09-21 08:19:49 -06:00
Daz DeBoer
3bfe3a4658
Clarify documentation
Fixes #867
2023-09-04 16:09:52 -06:00
daz
8f08e41675
Use unique cache key for workflow 2023-08-28 12:40:55 -06:00
Daz DeBoer
ef76a971e2
Simplify GE-inject config params (#863) 2023-08-28 11:59:09 -06:00
dependabot[bot]
98d77952ea Bump the npm-dependencies group with 1 update
Bumps the npm-dependencies group with 1 update: [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest).

- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-28 18:47:31 +02:00
Daz DeBoer
3122f2c659
Mention GE authentication with GE injection 2023-08-23 12:07:20 -06:00
Daz DeBoer
53c4cf6c4c
Merge pull request #861 from gradle/dd/dependency-updates
Dependency updates
2023-08-23 15:59:29 +02:00
daz
f2d7085b02
Add octokit to dependabot ignores 2023-08-22 10:28:15 -06:00
dependabot[bot]
9124f04a83
Bump the npm-dependencies group with 3 updates
Updates `@typescript-eslint/parser` from 6.4.0 to 6.4.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.4.1/packages/parser)

Updates `jest` from 29.6.2 to 29.6.3
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v29.6.3/packages/jest)

Updates `prettier` from 3.0.1 to 3.0.2
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.0.1...3.0.2)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
2023-08-22 09:13:40 -06:00
dependabot[bot]
c304f927c4
Bump the github-actions group with 1 update
Bumps the github-actions group with 1 update: [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action).

- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.7.0...v2.7.1)

---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-21 22:36:46 +00:00
Daz DeBoer
e3426b1f20
Merge pull request #857 from gradle/dd/inject-ge
Add support for Gradle Enterprise injection into Gradle Builds
2023-08-21 01:38:14 +02:00
daz
d79398df06
Add docs for GE injection 2023-08-20 16:30:34 -06:00
daz
b9cd1d9e69
Build outputs 2023-08-20 16:29:23 -06:00
daz
d4db33d499
Add integ-test for GE injection 2023-08-20 16:29:23 -06:00
daz
05acc776e8
Wire new init-script into action
- Copy init-script to Gradle User Home
- Rename init-scripts for consistency and clarity
2023-08-20 16:29:23 -06:00
daz
33c9bfac14
Fix test for dependency graph with configuration cache 2023-08-20 16:29:23 -06:00
daz
97d9c134b7
Add init-script for Gradle Enterprise injection
Adds a new init-script which can enable and configure the Gradle Enterprise plugin(s)
for a build, without needing to modify the settings script for the project.
The functionality is enabled and configured via environment variables or system properties.

Not yet wired into `gradle-build-action`.
2023-08-20 16:29:23 -06:00
Daz DeBoer
a617adb316
Minor documentation updates 2023-08-20 15:56:45 -06:00
Daz DeBoer
b156d58cac
Document the cache-overwrite-existing parameter 2023-08-20 14:14:54 -06:00
Daz DeBoer
b946c060aa
Document the gradle-version output parameter 2023-08-20 14:05:33 -06:00
Daz DeBoer
96bed685e4
Merge pull request #855 from gradle/dd/installed-toolchains
Detect installed java toolchains
2023-08-20 05:27:22 +02:00
daz
800e5e1e62
Fix check 2023-08-19 20:42:08 -06:00
daz
ff3f4cfbf8
Build outputs 2023-08-19 20:14:11 -06:00
daz
a07019c726
Inform Gradle where to locate pre-installed JDKs 2023-08-19 20:14:11 -06:00
daz
b17d107b8c
Add test for detection of java toolchains 2023-08-19 20:14:11 -06:00
daz
12dcfaa735
Bump to the latest Foojay resolver 2023-08-19 17:24:51 -06:00
Daz DeBoer
9fb6114fb4
Merge pull request #854 from gradle/dd/existing-gradle-home
- Report the cache as disabled when Gradle User Home exists #434 
- Allow cache restore over pre-existing Gradle User Home #480
2023-08-19 22:27:30 +02:00
daz
50d07aa0e5
Build outputs 2023-08-19 13:37:53 -06:00
daz
3d49588efc
Allow cache to overwrite existing Gradle User Home
Fixes #480
2023-08-19 13:37:53 -06:00
daz
68e1dcdea4
Report the cache as disabled when Gradle User Home exists
Fixes #434
2023-08-19 13:37:49 -06:00
daz
8cade330d4 Include provisioned Gradle version as action output
Fixes #259
2023-08-19 20:37:12 +02:00
daz
124cb765ee
Update to Gradle 8.3 2023-08-19 10:32:05 -06:00
Daz DeBoer
243af859f8
Improve and extend documentation for dependency-graph generation (#851)
* Improve documentation for dependency-graph generation

Fixes #849
Fixes #843
2023-08-18 15:50:06 -06:00