From d731f29856be4e6b35fff0379f0baaa4dbb96402 Mon Sep 17 00:00:00 2001 From: daz Date: Mon, 22 Jan 2024 11:13:02 -0700 Subject: [PATCH] Use separate steps in composite action --- .../workflows/dependency-submission-save.yml | 2 +- .../dependency-submission-submit.yml | 2 +- dependency-submission/action.yml | 31 ++++++++++++++++--- 3 files changed, 29 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dependency-submission-save.yml b/.github/workflows/dependency-submission-save.yml index b34e9bb1..29264327 100644 --- a/.github/workflows/dependency-submission-save.yml +++ b/.github/workflows/dependency-submission-save.yml @@ -25,6 +25,6 @@ jobs: uses: ./dependency-submission with: build-root-directory: gradle-build-action/.github/workflow-samples/groovy-dsl - dependency-graph-action: generate-and-upload + dependency-graph-action: generate-and-save env: GITHUB_DEPENDENCY_GRAPH_REF: 'refs/tags/v0.0.1' # Use a different ref to avoid updating the real dependency graph for the repository diff --git a/.github/workflows/dependency-submission-submit.yml b/.github/workflows/dependency-submission-submit.yml index aba1f441..6c1a1c40 100644 --- a/.github/workflows/dependency-submission-submit.yml +++ b/.github/workflows/dependency-submission-submit.yml @@ -20,4 +20,4 @@ jobs: - name: Download and submit dependency graph uses: ./dependency-submission with: - dependency-graph-action: download-and-submit + dependency-graph-action: retrieve-and-submit diff --git a/dependency-submission/action.yml b/dependency-submission/action.yml index c3c192bf..f7cf2f8c 100644 --- a/dependency-submission/action.yml +++ b/dependency-submission/action.yml @@ -21,8 +21,8 @@ inputs: Specifies how the dependency-graph should be handled by this action. By default a dependency-graph will be generated and submitted. Valid values are: 'generate-and-submit' (default): Generates a dependency graph for the project and submits it in the same Job. - 'generate-and-upload': Generates a dependency graph for the project and saves it as a workflow artifact. - 'download-and-submit': Downloads a previously saved dependency-graph and submits it to the repository. + 'generate-and-save': Generates a dependency graph for the project and saves it as a workflow artifact. + 'retrieve-and-submit': Retrieves a previously saved dependency-graph and submits it to the repository. The `generate-and-upload` and `download-and-submit` options are designed to be used in an untrusted workflow scenario, where the workflow generating the dependency-graph cannot (or should not) be given the `contents: write` permissions @@ -33,9 +33,11 @@ inputs: runs: using: "composite" steps: - - uses: gradle/gradle-build-action@v3-beta + - name: Generate and submit dependency graph + if: ${{ inputs.dependency-graph-action == 'generate-and-submit' }} + uses: gradle/gradle-build-action@v3-beta with: - dependency-graph: ${{ inputs.dependency-graph-action }} + dependency-graph: 'generate-and-submit' dependency-graph-continue-on-failure: false gradle-version: ${{ inputs.gradle-version }} build-root-directory: ${{ inputs.build-root-directory }} @@ -45,3 +47,24 @@ runs: --dependency-verification=off --stacktrace :ForceDependencyResolutionPlugin_resolveAllDependencies + - name: Generate and save dependency graph + if: ${{ inputs.dependency-graph-action == 'generate-and-save' }} + uses: gradle/gradle-build-action@v3-beta + with: + dependency-graph: generate-and-upload + dependency-graph-continue-on-failure: false + gradle-version: ${{ inputs.gradle-version }} + build-root-directory: ${{ inputs.build-root-directory }} + cache-encryption-key: ${{ inputs.cache-encryption-key }} + arguments: | + --no-configure-on-demand + --dependency-verification=off + --stacktrace + :ForceDependencyResolutionPlugin_resolveAllDependencies + - name: Download and submit dependency graph + if: ${{ inputs.dependency-graph-action == 'retrieve-and-submit' }} + uses: gradle/gradle-build-action@v3-beta + with: + dependency-graph: download-and-submit + dependency-graph-continue-on-failure: false + cache-disabled: true