forked from typetools/checker-framework
-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use three stage dependency generate, submission and review Github action
- Loading branch information
1 parent
99c5603
commit 832afc3
Showing
4 changed files
with
59 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -154,23 +154,3 @@ jobs: | |
- name: Run test script checker/bin-devel/test-${{ matrix.script }} | ||
shell: bash | ||
run: ./checker/bin-devel/test-${{ matrix.script }}.sh | ||
|
||
dependency-submission: | ||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: write | ||
# Only run on the main repository because forks do not have write access to the main repository. | ||
if: github.event.pull_request.head.repo.fork == false | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Set up JDK 21 | ||
uses: actions/setup-java@v4 | ||
with: | ||
java-version: '21' | ||
distribution: 'temurin' | ||
|
||
# Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies. | ||
# See: https://github.com/gradle/actions/blob/main/dependency-submission/README.md | ||
- name: Generate and submit dependency graph | ||
uses: gradle/actions/[email protected] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
name: Download and submit dependency graph | ||
|
||
on: | ||
workflow_run: | ||
workflows: ['Generate and save dependency graph'] | ||
types: [completed] | ||
|
||
permissions: | ||
actions: read | ||
contents: write | ||
|
||
jobs: | ||
submit-dependency-graph: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Download and submit dependency graph | ||
uses: gradle/actions/dependency-submission@v4 | ||
with: | ||
dependency-graph: download-and-submit # Download saved dependency-graph and submit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
name: Generate and save dependency graph | ||
|
||
on: | ||
pull_request: | ||
|
||
permissions: | ||
contents: read # 'write' permission is not available | ||
|
||
jobs: | ||
dependency-submission: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Set up JDK 21 | ||
uses: actions/setup-java@v4 | ||
with: | ||
java-version: '21' | ||
distribution: 'temurin' | ||
|
||
- name: Generate and save dependency graph | ||
uses: gradle/actions/dependency-submission@v4 | ||
with: | ||
dependency-graph: generate-and-upload |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
name: dependency-review | ||
|
||
on: | ||
pull_request: | ||
|
||
permissions: | ||
contents: read | ||
|
||
jobs: | ||
dependency-review: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: 'Dependency Review' | ||
uses: actions/dependency-review-action@v4 | ||
with: | ||
retry-on-snapshot-warnings: true | ||
retry-on-snapshot-warnings-timeout: 600 |