-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
160 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -35,6 +35,7 @@ _Note:_ | |
Some parameters need to be adjusted here: | ||
- The workflow name (here `Build`) triggered when a pull-request is submitted | ||
- The build workflow filename (here `build.yml`) has to be adjusted to the filename of the workflow using `maven-build-scan/save` | ||
- The location of the Develocity Terms of Service (here `https://foo.bar/tos.html`) | ||
- The Develocity URL (here `https://<MY_DEVELOCITY_URL>`) | ||
- The secret name holding the Develocity access key (here `<DEVELOCITY_ACCESS_KEY>`) | ||
|
||
|
@@ -56,45 +57,35 @@ jobs: | |
contents: write | ||
pull-requests: write | ||
steps: | ||
- name: Load data | ||
id: load | ||
uses: gradle/github-actions/maven-build-scan/[email protected] | ||
- name: Publish Build Scan | ||
uses: gradle/github-actions/[email protected] | ||
with: | ||
build-workflow-filename: 'build.yml' | ||
- name: Verify Terms of Service acceptance | ||
uses: gradle/github-actions/terms-of-service-acceptance/[email protected] | ||
with: | ||
tos-location: 'https://foo.bar/tos.html' | ||
pr-number: ${{ steps.load.outputs.pr-number }} | ||
- name: Publish Maven Build Scans | ||
uses: gradle/github-actions/maven-build-scan/[email protected] | ||
with: | ||
develocity-url: 'https://<MY_DEVELOCITY_URL>' | ||
develocity-access-key: ${{ secrets.<DEVELOCITY_ACCESS_KEY> }} | ||
pr-number: ${{ steps.load.outputs.pr-number }} | ||
``` | ||
### Implementation details | ||
#### terms-of-service-acceptance/run | ||
A composite action to verify that Develocity Terms of Service have been accepted. | ||
#### maven-build-scan | ||
This action checks if the user submitting a pull-request has accepted the Terms of Service. | ||
If the user has previously accepted the terms, then the action succeeds. | ||
If not, a comment is made on the pull-request asking the user to accept and the action fails. The user can then accept the Terms of Service by responding with a specific comment on the pull-request. | ||
This composite action is a meta action to simplify the logic on consumer side. | ||
See the [cla-assistant-lite documentation](https://github.com/marketplace/actions/cla-assistant-lite) for more details. | ||
The action will download any saved Build Scan® and publish them to Develocity after having checked that the Terms of Service were accepted. | ||
**Dependencies**: | ||
- [cla-assistant-lite](https://github.com/marketplace/actions/cla-assistant-lite) | ||
- `maven-build-scan/load` | ||
- `terms-of-service-acceptance/run` | ||
- `maven-build-scan/publish` | ||
|
||
**Event Triggers**: | ||
|
||
This action should be configured to respond to the following event triggers: | ||
- `workflow_run`: to check if the user has previously accepted the Terms of Service before publishing a Build Scan®. | ||
- `issue_comment`: to check if any new pull-request comment is accepting the Terms of Service. | ||
These event allows access to the repository secrets (_Develocity Access Key_) which is required to publish a Build Scan® to Gradle Enterprise when authentication is enabled. | ||
|
||
**Permissions**: | ||
|
||
|
@@ -106,8 +97,11 @@ The following permissions are required for this action to operate: | |
|
||
| Name | Description | Default | | ||
|------------------------------------------|------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------| | ||
| `build-workflow-filename` | Filename of the workflow using `maven-build-scan/save` (called upon pull-request submission) | | | ||
| `tos-location` | Terms Of Service location (URL) | | | ||
| `pr-number` | pull-request number | | | ||
| `develocity-url` | Develocity URL | | | ||
| `develocity-access-key` | *Optional*: Develocity access key | | | ||
| `develocity-allow-untrusted` | *Optional*: Develocity allow-untrusted flag | `false` | | ||
| `signature-branch` | *Optional*: Git branch where the signature file will be stored | `${{ github.event.repository.default_branch }}` | | ||
| `signature-location` | *Optional*: Signature file location | `.github/develocity-tos.json` | | ||
| `pr-comment-tos-acceptance-missing` | *Optional*: pull-request comment added when Terms of Service have not previously been accepted | `Please accept [Develocity Terms Of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:` | | ||
|
@@ -120,16 +114,19 @@ The following permissions are required for this action to operate: | |
|
||
_Note:_ | ||
Some parameters need to be adjusted here: | ||
- The pull-request number (here `steps.load.outputs.pr-number`) has to be adjusted to the value set in the context | ||
- The build workflow filename (here `build.yml`) has to be adjusted to the filename of the workflow using `maven-build-scan/save` | ||
- The location of the Develocity Terms of Service (here `https://foo.bar/tos.html`) | ||
- The Develocity URL (here `https://<MY_DEVELOCITY_URL>`) | ||
- The secret name holding the Develocity access key (here `<DEVELOCITY_ACCESS_KEY>`) | ||
|
||
```yaml | ||
[...] | ||
- name: Verify Terms of Service acceptance | ||
uses: gradle/github-actions/terms-of-service-acceptance/[email protected] | ||
- name: Publish Build Scan | ||
uses: gradle/github-actions/[email protected] | ||
with: | ||
build-workflow-filename: 'build.yml' | ||
tos-location: 'https://foo.bar/tos.html' | ||
pr-number: ${{ steps.load.outputs.pr-number }} | ||
[...] | ||
develocity-url: 'https://<MY_DEVELOCITY_URL>' | ||
develocity-access-key: ${{ secrets.<DEVELOCITY_ACCESS_KEY> }} | ||
``` | ||
|
||
#### maven-build-scan/save | ||
|
@@ -181,7 +178,7 @@ This action should be configured to respond to the following event trigger (see | |
- `workflow_run`: to run after the pull-request workflow. | ||
- `issue_comment`: to run after the pull-request is commented. | ||
|
||
The action fails for any other event trigger, or if the comment is different than `recheck` or `I have read Develocity Terms Of Service and I hereby accept the Terms` (can be overridden). | ||
The action fails for any other event trigger, or if the comment is different than `recheck` or `I have read Develocity Terms Of Service and I hereby accept the Terms` (can be overridden). | ||
|
||
**Action inputs**: | ||
|
||
|
@@ -212,6 +209,62 @@ Some parameters need to be adjusted here: | |
[...] | ||
``` | ||
|
||
#### terms-of-service-acceptance/run | ||
|
||
A composite action to verify that Develocity Terms of Service have been accepted. | ||
|
||
This action checks if the user submitting a pull-request has accepted the Terms of Service. | ||
If the user has previously accepted the terms, then the action succeeds. | ||
If not, a comment is made on the pull-request asking the user to accept and the action fails. The user can then accept the Terms of Service by responding with a specific comment on the pull-request. | ||
|
||
See the [cla-assistant-lite documentation](https://github.com/marketplace/actions/cla-assistant-lite) for more details. | ||
|
||
**Dependencies**: | ||
|
||
- [cla-assistant-lite](https://github.com/marketplace/actions/cla-assistant-lite) | ||
|
||
**Event Triggers**: | ||
|
||
This action should be configured to respond to the following event triggers: | ||
- `workflow_run`: to check if the user has previously accepted the Terms of Service before publishing a Build Scan®. | ||
- `issue_comment`: to check if any new pull-request comment is accepting the Terms of Service. | ||
|
||
**Permissions**: | ||
|
||
The following permissions are required for this action to operate: | ||
- `contents: write`: to create/edit the signature file | ||
- `pull-requests: write`: to comment the pull-request | ||
|
||
**Action inputs**: | ||
|
||
| Name | Description | Default | | ||
|------------------------------------------|------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------| | ||
| `tos-location` | Terms Of Service location (URL) | | | ||
| `pr-number` | pull-request number | | | ||
| `signature-branch` | *Optional*: Git branch where the signature file will be stored | `${{ github.event.repository.default_branch }}` | | ||
| `signature-location` | *Optional*: Signature file location | `.github/develocity-tos.json` | | ||
| `pr-comment-tos-acceptance-missing` | *Optional*: pull-request comment added when Terms of Service have not previously been accepted | `Please accept [Develocity Terms Of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:` | | ||
| `pr-comment-tos-acceptance-request` | *Optional*: pull-request comment to accept the Terms of Service | `I have read Develocity Terms Of Service and I hereby accept the Terms` | | ||
| `pr-comment-tos-acceptance-confirmation` | *Optional*: pull-request comment added when Terms of Service are accepted | `All Contributors have accepted Develocity Terms Of Service.` | | ||
| `white-list` | *Optional*: CSV List of users not required to accept the Terms of Service | `''` | | ||
| `github-token` | *Optional*: Github token | `${{ github.token }}` | | ||
|
||
**Usage**: | ||
|
||
_Note:_ | ||
Some parameters need to be adjusted here: | ||
- The pull-request number (here `steps.load.outputs.pr-number`) has to be adjusted to the value set in the context | ||
|
||
```yaml | ||
[...] | ||
- name: Verify Terms of Service acceptance | ||
uses: gradle/github-actions/terms-of-service-acceptance/[email protected] | ||
with: | ||
tos-location: 'https://foo.bar/tos.html' | ||
pr-number: ${{ steps.load.outputs.pr-number }} | ||
[...] | ||
``` | ||
|
||
#### maven-build-scan/publish | ||
|
||
This action will publish all Maven Build Scans® that have been saved as workflow artifacts by the `maven-build-scan/save` action. | ||
|
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
name: Publish Maven Build Scan | ||
description: Publish Maven Build Scan | ||
|
||
inputs: | ||
build-workflow-filename: | ||
description: 'Filename of the workflow where the maven-build-scan/save action was triggered' | ||
required: true | ||
develocity-url: | ||
description: 'Develocity URL' | ||
required: true | ||
develocity-access-key: | ||
description: 'Develocity access key' | ||
required: false | ||
tos-location: | ||
description: 'Terms of Service location as an URL (https://foo.com/tos.html) or a Github repository file (/<owner>/<repo>/blob/<branch>/tos.html)' | ||
required: true | ||
develocity-allow-untrusted: | ||
description: 'Develocity allow-untrusted flag' | ||
default: 'false' | ||
pr-comment-tos-acceptance-missing: | ||
description: 'pull-request comment added when Terms of Service are not accepted ({0} in the value will be replaced by tos-location input)' | ||
default: 'Please accept [Develocity Terms of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:' | ||
pr-comment-tos-acceptance-request: | ||
description: 'pull-request comment to accept the Terms of Service' | ||
default: 'I have read Develocity Terms of Service and I hereby accept the Terms' | ||
pr-comment-tos-acceptance-validation: | ||
description: 'pull-request comment added when Terms of Service are accepted' | ||
default: 'All Contributors have accepted Develocity Terms of Service.' | ||
signature-branch: | ||
description: 'Git branch where the signature file will be stored' | ||
default: ${{ github.event.repository.default_branch }} | ||
signature-location: | ||
description: 'Signature file location' | ||
default: '.github/develocity-tos.json' | ||
white-list: | ||
description: 'CSV List of users not required to accept the Terms of Service' | ||
default: '' | ||
github-token: | ||
description: 'The token used for Github API requests' | ||
default: ${{ github.token }} | ||
required: false | ||
|
||
runs: | ||
using: composite | ||
steps: | ||
- name: Load data | ||
id: load | ||
uses: gradle/github-actions/maven-build-scan/[email protected] | ||
with: | ||
build-workflow-filename: ${{ inputs.build-workflow-filename }} | ||
pr-comment-tos-acceptance-request: ${{ inputs.pr-comment-tos-acceptance-request }} | ||
- name: Verify Terms of Service acceptance | ||
uses: gradle/github-actions/terms-of-service-acceptance/[email protected] | ||
with: | ||
tos-location: ${{ inputs.tos-location }} | ||
pr-number: ${{ steps.load.outputs.pr-number }} | ||
pr-comment-tos-acceptance-missing: ${{ inputs.pr-comment-tos-acceptance-missing }} | ||
pr-comment-tos-acceptance-request: ${{ inputs.pr-comment-tos-acceptance-request }} | ||
pr-comment-tos-acceptance-validation: ${{ inputs.pr-comment-tos-acceptance-validation }} | ||
signature-branch: ${{ inputs.signature-branch }} | ||
signature-location: ${{ inputs.signature-location }} | ||
white-list: ${{ inputs.white-list }} | ||
github-token: ${{ inputs.github-token }} | ||
- name: Publish Maven Build Scans | ||
uses: gradle/github-actions/maven-build-scan/[email protected] | ||
with: | ||
develocity-url: ${{ inputs.develocity-url }} | ||
develocity-access-key: ${{ inputs.develocity-access-key }} | ||
pr-number: ${{ steps.load.outputs.pr-number }} | ||
develocity-allow-untrusted: ${{ inputs.develocity-allow-untrusted }} | ||
github-token: ${{ inputs.github-token }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters