Introduces type descriptor YAML files for GitHub
Actions in the repository, improving type safety and documentation for
action inputs and outputs. It also adds a new GitHub Actions workflow to
validate these typings automatically on pushes and pull requests. The
changes are grouped into the addition of type descriptor files for
various actions and the automation of their validation.
https://github.com/typesafegithub/github-actions-typing
**Type descriptor files for GitHub Actions:**
* Added `action-types.yml` files to `setup-gradle`,
`dependency-submission`, and `wrapper-validation` actions, specifying
input and output types for each action to improve type safety and
documentation.
[[1]](diffhunk://#diff-542de74831b6dc1954ff20a4c329b170053c82087ea7df742bd536156133f25bR1-R171)
[[2]](diffhunk://#diff-44708a3af3d0f3cfed1873f9b77d7e815c6c14e941fa3dd5ed08835a69d67855R1-R146)
[[3]](diffhunk://#diff-3fe1028d7aa5ee815c90fa580d4f62e646f0b9a4b7372f227fc131a56948ace0R1-R17)
**Automation and validation:**
* Introduced a new GitHub Actions workflow
`.github/workflows/ci-validate-typings.yml` to automatically validate
action typings on pushes to `main` and `release/**` branches, as well as
on pull requests. This uses the `github-actions-typing` action for
validation.
Diagnosing unexpected dependencies in the GitHub Dependency Graph can
be difficult. In order to aid with diagnosis, the `dependency-submission`
action will now save each dependency-graph file as a workflow artifact.
If this is undesirable, the prior behaviour can be restored by explicitly setting
`dependency-graph: generate-and-submit`.
Fixes#519
- Add deprecation warning for `gradle-home-cache-cleanup`
- Change default for `dependency-submission` to `cache-cleanup: on-success`
- Update documentation for changed default
Adds new 'cache-cleanup' parameter with 3 settings: 'never', 'on-success' and 'always'.
This gives users more control over whether cache cleanup should occur.
Fixes#71
The setup-gradle action tries to get a short-lived access token given the supplied Develocity access key.
This key can be passed either with the `DEVELOCITY_ACCESS_KEY` env var or via the `develocity-access-key` input parameter.
If a token can be retrieved, then the `DEVELOCITY_ACCESS_KEY` env var will be set to the token.
Otherwise the `DEVELOCITY_ACCESS_KEY` will be set to a blank string, to avoid a leak.
---------
Co-authored-by: daz <daz@gradle.com>
To handle the rebranding of the GE plugin, this PR updates the inject-develocity init script
to apply the `com.gradle.develocity` plugin if `3.17+` version of the plugin is requested.
To prepare for converting the 'dependency-submission' action into Typescript,
we move the 'setup-gradle' entry points and outputs into a sub-directory.
