gradle/.github/workflows/integ-test-dependency-submission-failures.yml
dependabot[bot] a74a056dbc
Bump the github-actions group across 2 directories with 4 updates
Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [gradle/actions](https://github.com/gradle/actions), [github/codeql-action](https://github.com/github/codeql-action) and [actions/download-artifact](https://github.com/actions/download-artifact).
Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/download-artifact](https://github.com/actions/download-artifact).


Updates `actions/checkout` from 4.2.2 to 5.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](11bd71901b...08c6903cd8)

Updates `gradle/actions` from 4.4.1 to 4.4.2
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](ac638b010c...017a9effdb)

Updates `github/codeql-action` from 3.29.7 to 3.29.10
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](51f77329af...96f518a34f)

Updates `actions/download-artifact` from 4.3.0 to 5.0.0
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](d3f86a106a...634f93cb29)

Updates `actions/download-artifact` from 4.3.0 to 5.0.0
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](d3f86a106a...634f93cb29)

Updates `actions/download-artifact` from 4.3.0 to 5.0.0
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](d3f86a106a...634f93cb29)

Updates `actions/download-artifact` from 4.3.0 to 5.0.0
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](d3f86a106a...634f93cb29)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: gradle/actions
  dependency-version: 4.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-version: 3.29.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/download-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/download-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/download-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/download-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-08-19 10:17:44 +00:00

104 lines
3.2 KiB
YAML

name: Test dependency submission failures
on:
workflow_call:
inputs:
cache-key-prefix:
type: string
default: '0'
runner-os:
type: string
default: '["ubuntu-latest"]'
skip-dist:
type: boolean
default: false
env:
SKIP_DIST: ${{ inputs.skip-dist }}
GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: dependency-submission-failures-${{ inputs.cache-key-prefix }}
GITHUB_DEPENDENCY_GRAPH_REF: 'refs/tags/v0.0.1' # Use a different ref to avoid updating the real dependency graph for the repository
permissions:
contents: read
jobs:
dependency-submission-failures-failing-build:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Submit with failing build
id: gradle-build
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
additional-arguments: fail
continue-on-error: true
- name: Check step failed
if: steps.gradle-build.outcome != 'failure'
run: |
echo "Expected dependency submission step to fail"
exit 1
- name: Check no dependency graph is generated
shell: bash
run: |
if [ ! -z "$(ls -A dependency-graph-reports)" ]; then
echo "Expected no dependency graph files to be generated"
ls -l dependency-graph-reports
exit 1
fi
dependency-submission-failures-unsupported-gradle-version:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Submit with unsupported Gradle version
id: gradle-build
uses: ./dependency-submission
with:
gradle-version: '7.0.1'
build-root-directory: .github/workflow-samples/groovy-dsl
continue-on-error: true
- name: Check step failed
if: steps.gradle-build.outcome != 'failure'
run: |
echo "Expected dependency submission step to fail"
exit 1
- name: Check no dependency graph is generated
shell: bash
run: |
if [ ! -z "$(ls -A dependency-graph-reports)" ]; then
echo "Expected no dependency graph files to be generated"
ls -l dependency-graph-reports
exit 1
fi
dependency-submission-failures-insufficient-permissions:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout sources
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Initialize integ-test
uses: ./.github/actions/init-integ-test
- name: Submit with insufficient permissions
id: gradle-build
uses: ./dependency-submission
with:
build-root-directory: .github/workflow-samples/groovy-dsl
continue-on-error: true
- name: Check step failed
if: steps.gradle-build.outcome != 'failure'
run: |
echo "Expected dependency submission step to fail"
exit 1