gradle/actions
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit
Some checks failed
CI-integ-test-full / caching-integ-tests (push) Failing after 32s
Details
CI-integ-test-full / other-integ-tests (push) Failing after 29m15s
Details
Update Wrapper checksums file / Update checksums (push) Failing after 1m24s
Details
CI-codeql / Analyze (javascript-typescript) (push) Failing after 1m9s
Details

Browse Source
This commit is contained in:
Sebastiaan de Schaetzen
2024-09-25 17:07:42 +02:00
commit b3863e10a2
202 changed files with 944555 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
sources/src/actions/dependency-submission/main.ts Normal file
View File

@@ -0,0 +1,73 @@
import * as core from '@actions/core'
import * as setupGradle from '../../setup-gradle'
import * as gradle from '../../execution/gradle'
import * as dependencyGraph from '../../dependency-graph'
import {parseArgsStringToArgv} from 'string-argv'
import {
BuildScanConfig,
CacheConfig,
DependencyGraphConfig,
DependencyGraphOption,
GradleExecutionConfig,
setActionId,
WrapperValidationConfig
} from '../../configuration'
import {saveDeprecationState} from '../../deprecation-collector'
import {handleMainActionError} from '../../errors'
/**
* The main entry point for the action, called by Github Actions for the step.
*/
export async function run(): Promise<void> {
try {
setActionId('gradle/actions/dependency-submission')
// Configure Gradle environment (Gradle User Home)
await setupGradle.setup(new CacheConfig(), new BuildScanConfig(), new WrapperValidationConfig())
// Capture the enabled state of dependency-graph
const originallyEnabled = process.env['GITHUB_DEPENDENCY_GRAPH_ENABLED']
// Configure the dependency graph submission
const config = new DependencyGraphConfig()
await dependencyGraph.setup(config)
if (config.getDependencyGraphOption() === DependencyGraphOption.DownloadAndSubmit) {
// No execution to perform
return
}
// Only execute if arguments have been provided
const executionConfig = new GradleExecutionConfig()
const taskList = executionConfig.getDependencyResolutionTask()
const additionalArgs = executionConfig.getAdditionalArguments()
const executionArgs = `
-Dorg.gradle.configureondemand=false
-Dorg.gradle.dependency.verification=off
-Dorg.gradle.unsafe.isolated-projects=false
${taskList}
${additionalArgs}
`
const args: string[] = parseArgsStringToArgv(executionArgs)
await gradle.provisionAndMaybeExecute(
executionConfig.getGradleVersion(),
executionConfig.getBuildRootDirectory(),
args
)
await dependencyGraph.complete(config)
// Reset the enabled state of dependency graph
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', originallyEnabled)
saveDeprecationState()
} catch (error) {
handleMainActionError(error)
}
// Explicit process.exit() to prevent waiting for hanging promises.
process.exit()
}
run()

25
sources/src/actions/dependency-submission/post.ts Normal file
View File

@@ -0,0 +1,25 @@
import * as setupGradle from '../../setup-gradle'
import {CacheConfig, SummaryConfig} from '../../configuration'
import {handlePostActionError} from '../../errors'
// Catch and log any unhandled exceptions. These exceptions can leak out of the uploadChunk method in
// @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to
// throw an uncaught exception. Instead of failing this action, just warn.
process.on('uncaughtException', e => handlePostActionError(e))
/**
* The post-execution entry point for the action, called by Github Actions after completing all steps for the Job.
*/
export async function run(): Promise<void> {
try {
await setupGradle.complete(new CacheConfig(), new SummaryConfig())
} catch (error) {
handlePostActionError(error)
}
// Explicit process.exit() to prevent waiting for promises left hanging by `@actions/cache` on save.
process.exit()
}
run()

48
sources/src/actions/setup-gradle/main.ts Normal file
View File

@@ -0,0 +1,48 @@
import * as setupGradle from '../../setup-gradle'
import * as provisioner from '../../execution/provision'
import * as dependencyGraph from '../../dependency-graph'
import {
BuildScanConfig,
CacheConfig,
DependencyGraphConfig,
GradleExecutionConfig,
WrapperValidationConfig,
getActionId,
setActionId
} from '../../configuration'
import {failOnUseOfRemovedFeature, saveDeprecationState} from '../../deprecation-collector'
import {handleMainActionError} from '../../errors'
/**
* The main entry point for the action, called by Github Actions for the step.
*/
export async function run(): Promise<void> {
try {
if (getActionId() === 'gradle/gradle-build-action') {
failOnUseOfRemovedFeature(
'The action `gradle/gradle-build-action` has been replaced by `gradle/actions/setup-gradle`'
)
}
setActionId('gradle/actions/setup-gradle')
// Configure Gradle environment (Gradle User Home)
await setupGradle.setup(new CacheConfig(), new BuildScanConfig(), new WrapperValidationConfig())
// Configure the dependency graph submission
await dependencyGraph.setup(new DependencyGraphConfig())
const config = new GradleExecutionConfig()
config.verifyNoArguments()
await provisioner.provisionGradle(config.getGradleVersion())
saveDeprecationState()
} catch (error) {
handleMainActionError(error)
}
// Explicit process.exit() to prevent waiting for hanging promises.
process.exit()
}
run()

33
sources/src/actions/setup-gradle/post.ts Normal file
View File

@@ -0,0 +1,33 @@
import * as setupGradle from '../../setup-gradle'
import * as dependencyGraph from '../../dependency-graph'
import {CacheConfig, DependencyGraphConfig, SummaryConfig} from '../../configuration'
import {handlePostActionError} from '../../errors'
import {emitDeprecationWarnings, restoreDeprecationState} from '../../deprecation-collector'
// Catch and log any unhandled exceptions. These exceptions can leak out of the uploadChunk method in
// @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to
// throw an uncaught exception. Instead of failing this action, just warn.
process.on('uncaughtException', e => handlePostActionError(e))
/**
* The post-execution entry point for the action, called by Github Actions after completing all steps for the Job.
*/
export async function run(): Promise<void> {
try {
restoreDeprecationState()
emitDeprecationWarnings()
if (await setupGradle.complete(new CacheConfig(), new SummaryConfig())) {
// Only submit the dependency graphs once per job
await dependencyGraph.complete(new DependencyGraphConfig())
}
} catch (error) {
handlePostActionError(error)
}
// Explicit process.exit() to prevent waiting for promises left hanging by `@actions/cache` on save.
process.exit()
}
run()

50
sources/src/actions/wrapper-validation/main.ts Normal file
View File

@@ -0,0 +1,50 @@
import * as path from 'path'
import * as core from '@actions/core'
import * as validate from '../../wrapper-validation/validate'
import {getActionId, setActionId} from '../../configuration'
import {failOnUseOfRemovedFeature, emitDeprecationWarnings} from '../../deprecation-collector'
import {handleMainActionError} from '../../errors'
export async function run(): Promise<void> {
try {
if (getActionId() === 'gradle/wrapper-validation-action') {
failOnUseOfRemovedFeature(
'The action `gradle/wrapper-validation-action` has been replaced by `gradle/actions/wrapper-validation`'
)
}
setActionId('gradle/actions/wrapper-validation')
const result = await validate.findInvalidWrapperJars(
path.resolve('.'),
core.getInput('allow-snapshots') === 'true',
core.getInput('allow-checksums').split(',')
)
if (result.isValid()) {
core.info(result.toDisplayString())
const minWrapperCount = +core.getInput('min-wrapper-count')
if (result.valid.length < minWrapperCount) {
const message =
result.valid.length === 0
? 'Wrapper validation failed: no Gradle Wrapper jars found. Did you forget to checkout the repository?'
: `Wrapper validation failed: expected at least ${minWrapperCount} Gradle Wrapper jars, but found ${result.valid.length}.`
core.setFailed(message)
}
} else {
core.setFailed(
`At least one Gradle Wrapper Jar failed validation!\n See https://github.com/gradle/actions/blob/main/docs/wrapper-validation.md#validation-failures\n${result.toDisplayString()}`
)
if (result.invalid.length > 0) {
core.setOutput('failed-wrapper', `${result.invalid.map(w => w.path).join('|')}`)
}
}
emitDeprecationWarnings(false)
} catch (error) {
handleMainActionError(error)
}
}
run()

91
sources/src/build-results.ts Normal file
View File

@@ -0,0 +1,91 @@
import * as fs from 'fs'
import * as path from 'path'
export interface BuildResult {
get rootProjectName(): string
get rootProjectDir(): string
get requestedTasks(): string
get gradleVersion(): string
get gradleHomeDir(): string
get buildFailed(): boolean
get configCacheHit(): boolean
get buildScanUri(): string
get buildScanFailed(): boolean
}
export class BuildResults {
results: BuildResult[]
constructor(results: BuildResult[]) {
this.results = results
}
anyFailed(): boolean {
return this.results.some(result => result.buildFailed)
}
anyConfigCacheHit(): boolean {
return this.results.some(result => result.configCacheHit)
}
uniqueGradleHomes(): string[] {
const allHomes = this.results.map(buildResult => buildResult.gradleHomeDir)
return Array.from(new Set(allHomes))
}
}
export function loadBuildResults(): BuildResults {
const results = getUnprocessedResults().map(filePath => {
const content = fs.readFileSync(filePath, 'utf8')
const buildResult = JSON.parse(content) as BuildResult
addScanResults(filePath, buildResult)
return buildResult
})
return new BuildResults(results)
}
export function markBuildResultsProcessed(): void {
getUnprocessedResults().forEach(markProcessed)
}
function getUnprocessedResults(): string[] {
const buildResultsDir = path.resolve(process.env['RUNNER_TEMP']!, '.gradle-actions', 'build-results')
if (!fs.existsSync(buildResultsDir)) {
return []
}
return fs
.readdirSync(buildResultsDir)
.map(file => {
return path.resolve(buildResultsDir, file)
})
.filter(filePath => {
return path.extname(filePath) === '.json' && !isProcessed(filePath)
})
}
function addScanResults(buildResultsFile: string, buildResult: BuildResult): void {
const buildScansDir = path.resolve(process.env['RUNNER_TEMP']!, '.gradle-actions', 'build-scans')
if (!fs.existsSync(buildScansDir)) {
return
}
const buildScanResults = path.resolve(buildScansDir, path.basename(buildResultsFile))
if (fs.existsSync(buildScanResults)) {
const content = fs.readFileSync(buildScanResults, 'utf8')
const scanResults = JSON.parse(content)
Object.assign(buildResult, scanResults)
}
return
}
function isProcessed(resultFile: string): boolean {
const markerFile = `${resultFile}.processed`
return fs.existsSync(markerFile)
}
function markProcessed(resultFile: string): void {
const markerFile = `${resultFile}.processed`
fs.writeFileSync(markerFile, '')
}

88
sources/src/caching/cache-cleaner.ts Normal file
View File

@@ -0,0 +1,88 @@
import * as core from '@actions/core'
import * as exec from '@actions/exec'
import fs from 'fs'
import path from 'path'
import * as provisioner from '../execution/provision'
export class CacheCleaner {
private readonly gradleUserHome: string
private readonly tmpDir: string
constructor(gradleUserHome: string, tmpDir: string) {
this.gradleUserHome = gradleUserHome
this.tmpDir = tmpDir
}
async prepare(): Promise<string> {
// Save the current timestamp
const timestamp = Date.now().toString()
core.saveState('clean-timestamp', timestamp)
return timestamp
}
async forceCleanup(): Promise<void> {
const cleanTimestamp = core.getState('clean-timestamp')
await this.forceCleanupFilesOlderThan(cleanTimestamp)
}
// Visible for testing
async forceCleanupFilesOlderThan(cleanTimestamp: string): Promise<void> {
// Run a dummy Gradle build to trigger cache cleanup
const cleanupProjectDir = path.resolve(this.tmpDir, 'dummy-cleanup-project')
fs.mkdirSync(cleanupProjectDir, {recursive: true})
fs.writeFileSync(
path.resolve(cleanupProjectDir, 'settings.gradle'),
'rootProject.name = "dummy-cleanup-project"'
)
fs.writeFileSync(
path.resolve(cleanupProjectDir, 'init.gradle'),
`
beforeSettings { settings ->
def cleanupTime = ${cleanTimestamp}
settings.caches {
cleanup = Cleanup.ALWAYS
releasedWrappers.removeUnusedEntriesOlderThan.set(cleanupTime)
snapshotWrappers.removeUnusedEntriesOlderThan.set(cleanupTime)
downloadedResources.removeUnusedEntriesOlderThan.set(cleanupTime)
createdResources.removeUnusedEntriesOlderThan.set(cleanupTime)
buildCache.removeUnusedEntriesOlderThan.set(cleanupTime)
}
}
`
)
fs.writeFileSync(path.resolve(cleanupProjectDir, 'build.gradle'), 'task("noop") {}')
// Gradle >= 8.9 required for cache cleanup
const executable = await provisioner.provisionGradleAtLeast('8.9')
await core.group('Executing Gradle to clean up caches', async () => {
core.info(`Cleaning up caches last used before ${cleanTimestamp}`)
await this.executeCleanupBuild(executable, cleanupProjectDir)
})
}
private async executeCleanupBuild(executable: string, cleanupProjectDir: string): Promise<void> {
const args = [
'-g',
this.gradleUserHome,
'-I',
'init.gradle',
'--info',
'--no-daemon',
'--no-scan',
'--build-cache',
'-DGITHUB_DEPENDENCY_GRAPH_ENABLED=false',
'noop'
]
const result = await exec.getExecOutput(executable, args, {
cwd: cleanupProjectDir,
silent: true
})
core.info(result.stdout)
}
}

100
sources/src/caching/cache-key.ts Normal file
View File

@@ -0,0 +1,100 @@
import * as github from '@actions/github'
import {CacheConfig, getJobMatrix} from '../configuration'
import {hashStrings} from './cache-utils'
const CACHE_PROTOCOL_VERSION = 'v1'
const CACHE_KEY_PREFIX_VAR = 'GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX'
const CACHE_KEY_OS_VAR = 'GRADLE_BUILD_ACTION_CACHE_KEY_ENVIRONMENT'
const CACHE_KEY_JOB_VAR = 'GRADLE_BUILD_ACTION_CACHE_KEY_JOB'
const CACHE_KEY_JOB_INSTANCE_VAR = 'GRADLE_BUILD_ACTION_CACHE_KEY_JOB_INSTANCE'
const CACHE_KEY_JOB_EXECUTION_VAR = 'GRADLE_BUILD_ACTION_CACHE_KEY_JOB_EXECUTION'
/**
* Represents a key used to restore a cache entry.
* The Github Actions cache will first try for an exact match on the key.
* If that fails, it will try for a prefix match on any of the restoreKeys.
*/
export class CacheKey {
key: string
restoreKeys: string[]
constructor(key: string, restoreKeys: string[]) {
this.key = key
this.restoreKeys = restoreKeys
}
}
/**
* Generates a cache key specific to the current job execution.
* The key is constructed from the following inputs (with some user overrides):
* - The cache key prefix: defaults to 'gradle-' but can be overridden by the user
* - The cache protocol version
* - The runner operating system
* - The name of the workflow and Job being executed
* - The matrix values for the Job being executed (job context)
* - The SHA of the commit being executed
*
* Caches are restored by trying to match the these key prefixes in order:
* - The full key with SHA
* - A previous key for this Job + matrix
* - Any previous key for this Job (any matrix)
* - Any previous key for this cache on the current OS
*/
export function generateCacheKey(cacheName: string, config: CacheConfig): CacheKey {
const prefix = process.env[CACHE_KEY_PREFIX_VAR] || ''
const cacheKeyBase = `${prefix}${getCacheKeyBase(cacheName, CACHE_PROTOCOL_VERSION)}`
// At the most general level, share caches for all executions on the same OS
const cacheKeyForEnvironment = `${cacheKeyBase}|${getCacheKeyEnvironment()}`
// Then prefer caches that run job with the same ID
const cacheKeyForJob = `${cacheKeyForEnvironment}|${getCacheKeyJob()}`
// Prefer (even more) jobs that run this job in the same workflow with the same context (matrix)
const cacheKeyForJobContext = `${cacheKeyForJob}[${getCacheKeyJobInstance()}]`
// Exact match on Git SHA
const cacheKey = `${cacheKeyForJobContext}-${getCacheKeyJobExecution()}`
if (config.isCacheStrictMatch()) {
return new CacheKey(cacheKey, [cacheKeyForJobContext])
}
return new CacheKey(cacheKey, [cacheKeyForJobContext, cacheKeyForJob, cacheKeyForEnvironment])
}
export function getCacheKeyBase(cacheName: string, cacheProtocolVersion: string): string {
// Prefix can be used to force change all cache keys (defaults to cache protocol version)
return `gradle-${cacheName}-${cacheProtocolVersion}`
}
function getCacheKeyEnvironment(): string {
const runnerOs = process.env['RUNNER_OS'] || ''
const runnerArch = process.env['RUNNER_ARCH'] || ''
return process.env[CACHE_KEY_OS_VAR] || `${runnerOs}-${runnerArch}`
}
function getCacheKeyJob(): string {
return process.env[CACHE_KEY_JOB_VAR] || github.context.job
}
function getCacheKeyJobInstance(): string {
const override = process.env[CACHE_KEY_JOB_INSTANCE_VAR]
if (override) {
return override
}
// By default, we hash the workflow name and the full `matrix` data for the run, to uniquely identify this job invocation
// The only way we can obtain the `matrix` data is via the `workflow-job-context` parameter in action.yml.
const workflowName = github.context.workflow
const workflowJobContext = getJobMatrix()
return hashStrings([workflowName, workflowJobContext])
}
function getCacheKeyJobExecution(): string {
// Used to associate a cache key with a particular execution (default is bound to the git commit sha)
return process.env[CACHE_KEY_JOB_EXECUTION_VAR] || github.context.sha
}

294
sources/src/caching/cache-reporting.ts Normal file
View File

@@ -0,0 +1,294 @@
import * as cache from '@actions/cache'
export const DEFAULT_CACHE_ENABLED_REASON = `[Cache was enabled](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#caching-build-state-between-jobs). Action attempted to both restore and save the Gradle User Home.`
export const DEFAULT_READONLY_REASON = `[Cache was read-only](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#using-the-cache-read-only). By default, the action will only write to the cache for Jobs running on the default branch.`
export const DEFAULT_DISABLED_REASON = `[Cache was disabled](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#disabling-caching) via action confiugration. Gradle User Home was not restored from or saved to the cache.`
export const DEFAULT_WRITEONLY_REASON = `[Cache was set to write-only](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#using-the-cache-write-only) via action configuration. Gradle User Home was not restored from cache.`
export const EXISTING_GRADLE_HOME = `[Cache was disabled to avoid overwriting a pre-existing Gradle User Home](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#overwriting-an-existing-gradle-user-home). Gradle User Home was not restored from or saved to the cache.`
export const CLEANUP_DISABLED_READONLY = `[Cache cleanup](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-cache-cleanup) is always disabled when cache is read-only or disabled.`
export const DEFAULT_CLEANUP_ENABLED_REASON = `[Cache cleanup](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-cache-cleanup) was enabled. Stale files in Gradle User Home were purged before saving to the cache.`
export const DEFAULT_CLEANUP_DISABLED_REASON = `[Cache cleanup](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-cache-cleanup) was disabled via action parameter. No cleanup of Gradle User Home was performed.`
export const CLEANUP_DISABLED_DUE_TO_FAILURE =
'[Cache cleanup was disabled due to build failure](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-cache-cleanup). Use `cache-cleanup: always` to override this behavior.'
export const CLEANUP_DISABLED_DUE_TO_CONFIG_CACHE_HIT =
'[Cache cleanup was disabled due to configuration-cache reuse](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-cache-cleanup). This is expected.'
/**
* Collects information on what entries were saved and restored during the action.
* This information is used to generate a summary of the cache usage.
*/
export class CacheListener {
cacheEntries: CacheEntryListener[] = []
cacheReadOnly = false
cacheWriteOnly = false
cacheDisabled = false
cacheStatusReason: string = DEFAULT_CACHE_ENABLED_REASON
cacheCleanupMessage: string = DEFAULT_CLEANUP_DISABLED_REASON
get fullyRestored(): boolean {
return this.cacheEntries.every(x => !x.wasRequestedButNotRestored())
}
get cacheStatus(): string {
if (!cache.isFeatureAvailable()) return 'not available'
if (this.cacheDisabled) return 'disabled'
if (this.cacheWriteOnly) return 'write-only'
if (this.cacheReadOnly) return 'read-only'
return 'enabled'
}
setReadOnly(reason: string = DEFAULT_READONLY_REASON): void {
this.cacheReadOnly = true
this.cacheStatusReason = reason
this.cacheCleanupMessage = CLEANUP_DISABLED_READONLY
}
setDisabled(reason: string = DEFAULT_DISABLED_REASON): void {
this.cacheDisabled = true
this.cacheStatusReason = reason
this.cacheCleanupMessage = CLEANUP_DISABLED_READONLY
}
setWriteOnly(reason: string = DEFAULT_WRITEONLY_REASON): void {
this.cacheWriteOnly = true
this.cacheStatusReason = reason
}
setCacheCleanupEnabled(): void {
this.cacheCleanupMessage = DEFAULT_CLEANUP_ENABLED_REASON
}
setCacheCleanupDisabled(reason: string = DEFAULT_CLEANUP_DISABLED_REASON): void {
this.cacheCleanupMessage = reason
}
entry(name: string): CacheEntryListener {
for (const entry of this.cacheEntries) {
if (entry.entryName === name) {
return entry
}
}
const newEntry = new CacheEntryListener(name)
this.cacheEntries.push(newEntry)
return newEntry
}
stringify(): string {
return JSON.stringify(this)
}
static rehydrate(stringRep: string): CacheListener {
if (stringRep === '') {
return new CacheListener()
}
const rehydrated: CacheListener = Object.assign(new CacheListener(), JSON.parse(stringRep))
const entries = rehydrated.cacheEntries
for (let index = 0; index < entries.length; index++) {
const rawEntry = entries[index]
entries[index] = Object.assign(new CacheEntryListener(rawEntry.entryName), rawEntry)
}
return rehydrated
}
}
/**
* Collects information on the state of a single cache entry.
*/
export class CacheEntryListener {
entryName: string
requestedKey: string | undefined
requestedRestoreKeys: string[] | undefined
restoredKey: string | undefined
restoredSize: number | undefined
restoredTime: number | undefined
notRestored: string | undefined
savedKey: string | undefined
savedSize: number | undefined
savedTime: number | undefined
notSaved: string | undefined
constructor(entryName: string) {
this.entryName = entryName
}
wasRequestedButNotRestored(): boolean {
return this.requestedKey !== undefined && this.restoredKey === undefined
}
markRequested(key: string, restoreKeys: string[] = []): CacheEntryListener {
this.requestedKey = key
this.requestedRestoreKeys = restoreKeys
return this
}
markRestored(key: string, size: number | undefined, time: number): CacheEntryListener {
this.restoredKey = key
this.restoredSize = size
this.restoredTime = time
return this
}
markNotRestored(message: string): CacheEntryListener {
this.notRestored = message
return this
}
markSaved(key: string, size: number | undefined, time: number): CacheEntryListener {
this.savedKey = key
this.savedSize = size
this.savedTime = time
return this
}
markAlreadyExists(key: string): CacheEntryListener {
this.savedKey = key
this.savedSize = 0
return this
}
markNotSaved(message: string): CacheEntryListener {
this.notSaved = message
return this
}
}
export function generateCachingReport(listener: CacheListener): string {
const entries = listener.cacheEntries
return `
<details>
<summary><h4>Caching for Gradle actions was ${listener.cacheStatus} - expand for details</h4></summary>
- ${listener.cacheStatusReason}
- ${listener.cacheCleanupMessage}
${renderEntryTable(entries)}
<h5>Cache Entry Details</h5>
<pre>
${renderEntryDetails(listener)}
</pre>
</details>
`
}
function renderEntryTable(entries: CacheEntryListener[]): string {
return `
<table>
<tr><td></td><th>Count</th><th>Total Size (Mb)</th><th>Total Time (ms)</tr>
<tr><td>Entries Restored</td>
<td>${getCount(entries, e => e.restoredSize)}</td>
<td>${getSize(entries, e => e.restoredSize)}</td>
<td>${getTime(entries, e => e.restoredTime)}</td>
</tr>
<tr><td>Entries Saved</td>
<td>${getCount(entries, e => e.savedSize)}</td>
<td>${getSize(entries, e => e.savedSize)}</td>
<td>${getTime(entries, e => e.savedTime)}</td>
</tr>
</table>
`
}
function renderEntryDetails(listener: CacheListener): string {
return listener.cacheEntries
.map(
entry => `Entry: ${entry.entryName}
Requested Key : ${entry.requestedKey ?? ''}
Restored Key : ${entry.restoredKey ?? ''}
Size: ${formatSize(entry.restoredSize)}
Time: ${formatTime(entry.restoredTime)}
${getRestoredMessage(entry, listener.cacheWriteOnly)}
Saved Key : ${entry.savedKey ?? ''}
Size: ${formatSize(entry.savedSize)}
Time: ${formatTime(entry.savedTime)}
${getSavedMessage(entry, listener.cacheReadOnly)}
`
)
.join('---\n')
}
function getRestoredMessage(entry: CacheEntryListener, cacheWriteOnly: boolean): string {
if (entry.notRestored) {
return `(Entry not restored: ${entry.notRestored})`
}
if (cacheWriteOnly) {
return '(Entry not restored: cache is write-only)'
}
if (entry.requestedKey === undefined) {
return '(Entry not restored: not requested)'
}
if (entry.restoredKey === undefined) {
return '(Entry not restored: no match found)'
}
if (entry.restoredKey === entry.requestedKey) {
return '(Entry restored: exact match found)'
}
return '(Entry restored: partial match found)'
}
function getSavedMessage(entry: CacheEntryListener, cacheReadOnly: boolean): string {
if (entry.notSaved) {
return `(Entry not saved: ${entry.notSaved})`
}
if (entry.savedKey === undefined) {
if (cacheReadOnly) {
return '(Entry not saved: cache is read-only)'
}
if (entry.notRestored) {
return '(Entry not saved: not restored)'
}
return '(Entry not saved: reason unknown)'
}
if (entry.savedSize === 0) {
return '(Entry not saved: entry with key already exists)'
}
return '(Entry saved)'
}
function getCount(
cacheEntries: CacheEntryListener[],
predicate: (value: CacheEntryListener) => number | undefined
): number {
return cacheEntries.filter(e => predicate(e)).length
}
function getSize(
cacheEntries: CacheEntryListener[],
predicate: (value: CacheEntryListener) => number | undefined
): number {
const bytes = cacheEntries.map(e => predicate(e) ?? 0).reduce((p, v) => p + v, 0)
return Math.round(bytes / (1024 * 1024))
}
function getTime(
cacheEntries: CacheEntryListener[],
predicate: (value: CacheEntryListener) => number | undefined
): number {
return cacheEntries.map(e => predicate(e) ?? 0).reduce((p, v) => p + v, 0)
}
function formatSize(bytes: number | undefined): string {
if (bytes === undefined || bytes === 0) {
return ''
}
return `${Math.round(bytes / (1024 * 1024))} MB (${bytes} B)`
}
function formatTime(ms: number | undefined): string {
if (ms === undefined || ms === 0) {
return ''
}
return `${ms} ms`
}

140
sources/src/caching/cache-utils.ts Normal file
View File

@@ -0,0 +1,140 @@
import * as core from '@actions/core'
import * as cache from '@actions/cache'
import * as exec from '@actions/exec'
import * as crypto from 'crypto'
import * as path from 'path'
import * as fs from 'fs'
import {CacheEntryListener} from './cache-reporting'
const SEGMENT_DOWNLOAD_TIMEOUT_VAR = 'SEGMENT_DOWNLOAD_TIMEOUT_MINS'
const SEGMENT_DOWNLOAD_TIMEOUT_DEFAULT = 10 * 60 * 1000 // 10 minutes
export function isCacheDebuggingEnabled(): boolean {
if (core.isDebug()) {
return true
}
return process.env['GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED'] ? true : false
}
export function hashFileNames(fileNames: string[]): string {
return hashStrings(fileNames.map(x => x.replace(new RegExp(`\\${path.sep}`, 'g'), '/')))
}
export function hashStrings(values: string[]): string {
const hash = crypto.createHash('md5')
for (const value of values) {
hash.update(value)
}
return hash.digest('hex')
}
export async function restoreCache(
cachePath: string[],
cacheKey: string,
cacheRestoreKeys: string[],
listener: CacheEntryListener
): Promise<cache.CacheEntry | undefined> {
listener.markRequested(cacheKey, cacheRestoreKeys)
try {
const startTime = Date.now()
// Only override the read timeout if the SEGMENT_DOWNLOAD_TIMEOUT_MINS env var has NOT been set
const cacheRestoreOptions = process.env[SEGMENT_DOWNLOAD_TIMEOUT_VAR]
? {}
: {segmentTimeoutInMs: SEGMENT_DOWNLOAD_TIMEOUT_DEFAULT}
const restoredEntry = await cache.restoreCache(cachePath, cacheKey, cacheRestoreKeys, cacheRestoreOptions)
if (restoredEntry !== undefined) {
const restoreTime = Date.now() - startTime
listener.markRestored(restoredEntry.key, restoredEntry.size, restoreTime)
core.info(`Restored cache entry with key ${cacheKey} to ${cachePath.join()} in ${restoreTime}ms`)
}
return restoredEntry
} catch (error) {
listener.markNotRestored((error as Error).message)
handleCacheFailure(error, `Failed to restore ${cacheKey}`)
return undefined
}
}
export async function saveCache(cachePath: string[], cacheKey: string, listener: CacheEntryListener): Promise<void> {
try {
const startTime = Date.now()
const savedEntry = await cache.saveCache(cachePath, cacheKey)
const saveTime = Date.now() - startTime
listener.markSaved(savedEntry.key, savedEntry.size, saveTime)
core.info(`Saved cache entry with key ${cacheKey} from ${cachePath.join()} in ${saveTime}ms`)
} catch (error) {
if (error instanceof cache.ReserveCacheError) {
listener.markAlreadyExists(cacheKey)
} else {
listener.markNotSaved((error as Error).message)
}
handleCacheFailure(error, `Failed to save cache entry with path '${cachePath}' and key: ${cacheKey}`)
}
}
export function cacheDebug(message: string): void {
if (isCacheDebuggingEnabled()) {
core.info(message)
} else {
core.debug(message)
}
}
export function handleCacheFailure(error: unknown, message: string): void {
if (error instanceof cache.ValidationError) {
// Fail on cache validation errors
throw error
}
if (error instanceof cache.ReserveCacheError) {
// Reserve cache errors are expected if the artifact has been previously cached
core.info(`${message}: ${error}`)
} else {
// Warn on all other errors
core.warning(`${message}: ${error}`)
if (error instanceof Error && error.stack) {
cacheDebug(error.stack)
}
}
}
/**
* Attempt to delete a file or directory, waiting to allow locks to be released
*/
export async function tryDelete(file: string): Promise<void> {
const maxAttempts = 5
for (let attempt = 1; attempt <= maxAttempts; attempt++) {
if (!fs.existsSync(file)) {
return
}
try {
const stat = fs.lstatSync(file)
if (stat.isDirectory()) {
fs.rmSync(file, {recursive: true})
} else {
fs.unlinkSync(file)
}
return
} catch (error) {
if (attempt === maxAttempts) {
core.warning(`Failed to delete ${file}, which will impact caching.
It is likely locked by another process. Output of 'jps -ml':
${await getJavaProcesses()}`)
throw error
} else {
cacheDebug(`Attempt to delete ${file} failed. Will try again.`)
await delay(1000)
}
}
}
}
async function delay(ms: number): Promise<void> {
return new Promise(resolve => setTimeout(resolve, ms))
}
async function getJavaProcesses(): Promise<string> {
const jpsOutput = await exec.getExecOutput('jps', ['-lm'])
return jpsOutput.stdout
}

124
sources/src/caching/caches.ts Normal file
View File

@@ -0,0 +1,124 @@
import * as core from '@actions/core'
import {
CacheListener,
EXISTING_GRADLE_HOME,
CLEANUP_DISABLED_DUE_TO_FAILURE,
CLEANUP_DISABLED_DUE_TO_CONFIG_CACHE_HIT
} from './cache-reporting'
import {GradleUserHomeCache} from './gradle-user-home-cache'
import {CacheCleaner} from './cache-cleaner'
import {DaemonController} from '../daemon-controller'
import {CacheConfig} from '../configuration'
import {BuildResults} from '../build-results'
const CACHE_RESTORED_VAR = 'GRADLE_BUILD_ACTION_CACHE_RESTORED'
export async function restore(
userHome: string,
gradleUserHome: string,
cacheListener: CacheListener,
cacheConfig: CacheConfig
): Promise<void> {
// Bypass restore cache on all but first action step in workflow.
if (process.env[CACHE_RESTORED_VAR]) {
core.info('Cache only restored on first action step.')
return
}
core.exportVariable(CACHE_RESTORED_VAR, true)
const gradleStateCache = new GradleUserHomeCache(userHome, gradleUserHome, cacheConfig)
if (cacheConfig.isCacheDisabled()) {
core.info('Cache is disabled: will not restore state from previous builds.')
// Initialize the Gradle User Home even when caching is disabled.
gradleStateCache.init()
cacheListener.setDisabled()
return
}
if (gradleStateCache.cacheOutputExists()) {
if (!cacheConfig.isCacheOverwriteExisting()) {
core.info('Gradle User Home already exists: will not restore from cache.')
// Initialize pre-existing Gradle User Home.
gradleStateCache.init()
cacheListener.setDisabled(EXISTING_GRADLE_HOME)
return
}
core.info('Gradle User Home already exists: will overwrite with cached contents.')
}
gradleStateCache.init()
// Mark the state as restored so that post-action will perform save.
core.saveState(CACHE_RESTORED_VAR, true)
if (cacheConfig.isCacheCleanupEnabled()) {
core.info('Preparing cache for cleanup.')
const cacheCleaner = new CacheCleaner(gradleUserHome, process.env['RUNNER_TEMP']!)
await cacheCleaner.prepare()
}
if (cacheConfig.isCacheWriteOnly()) {
core.info('Cache is write-only: will not restore from cache.')
cacheListener.setWriteOnly()
return
}
await core.group('Restore Gradle state from cache', async () => {
await gradleStateCache.restore(cacheListener)
})
}
export async function save(
userHome: string,
gradleUserHome: string,
cacheListener: CacheListener,
daemonController: DaemonController,
buildResults: BuildResults,
cacheConfig: CacheConfig
): Promise<void> {
if (cacheConfig.isCacheDisabled()) {
core.info('Cache is disabled: will not save state for later builds.')
return
}
if (!core.getState(CACHE_RESTORED_VAR)) {
core.info('Cache will not be saved: not restored in main action step.')
return
}
if (cacheConfig.isCacheReadOnly()) {
core.info('Cache is read-only: will not save state for use in subsequent builds.')
cacheListener.setReadOnly()
return
}
await core.group('Stopping Gradle daemons', async () => {
await daemonController.stopAllDaemons()
})
if (cacheConfig.isCacheCleanupEnabled()) {
if (buildResults.anyConfigCacheHit()) {
core.info('Not performing cache-cleanup due to config-cache reuse')
cacheListener.setCacheCleanupDisabled(CLEANUP_DISABLED_DUE_TO_CONFIG_CACHE_HIT)
} else if (cacheConfig.shouldPerformCacheCleanup(buildResults.anyFailed())) {
cacheListener.setCacheCleanupEnabled()
await performCacheCleanup(gradleUserHome)
} else {
core.info('Not performing cache-cleanup due to build failure')
cacheListener.setCacheCleanupDisabled(CLEANUP_DISABLED_DUE_TO_FAILURE)
}
}
await core.group('Caching Gradle state', async () => {
return new GradleUserHomeCache(userHome, gradleUserHome, cacheConfig).save(cacheListener)
})
}
async function performCacheCleanup(gradleUserHome: string): Promise<void> {
const cacheCleaner = new CacheCleaner(gradleUserHome, process.env['RUNNER_TEMP']!)
try {
await cacheCleaner.forceCleanup()
} catch (e) {
core.warning(`Cache cleanup failed. Will continue. ${String(e)}`)
}
}

467
sources/src/caching/gradle-home-extry-extractor.ts Normal file
View File

@@ -0,0 +1,467 @@
import path from 'path'
import fs from 'fs'
import * as core from '@actions/core'
import * as glob from '@actions/glob'
import {CacheEntryListener, CacheListener} from './cache-reporting'
import {cacheDebug, hashFileNames, isCacheDebuggingEnabled, restoreCache, saveCache, tryDelete} from './cache-utils'
import {BuildResult, loadBuildResults} from '../build-results'
import {CacheConfig, ACTION_METADATA_DIR} from '../configuration'
import {getCacheKeyBase} from './cache-key'
import {versionIsAtLeast} from '../execution/gradle'
const SKIP_RESTORE_VAR = 'GRADLE_BUILD_ACTION_SKIP_RESTORE'
const CACHE_PROTOCOL_VERSION = 'v1'
/**
* Represents the result of attempting to load or store an extracted cache entry.
* An undefined cacheKey indicates that the operation did not succeed.
* The collected results are then used to populate the `cache-metadata.json` file for later use.
*/
class ExtractedCacheEntry {
artifactType: string
pattern: string
cacheKey: string | undefined
constructor(artifactType: string, pattern: string, cacheKey: string | undefined) {
this.artifactType = artifactType
this.pattern = pattern
this.cacheKey = cacheKey
}
}
/**
* Representation of all of the extracted cache entries for this Gradle User Home.
* This object is persisted to JSON file in the Gradle User Home directory for storing,
* and subsequently used to restore the Gradle User Home.
*/
class ExtractedCacheEntryMetadata {
entries: ExtractedCacheEntry[] = []
}
/**
* The specification for a type of extracted cache entry.
*/
class ExtractedCacheEntryDefinition {
artifactType: string
pattern: string
bundle: boolean
uniqueFileNames = true
notCacheableReason: string | undefined
constructor(artifactType: string, pattern: string, bundle: boolean) {
this.artifactType = artifactType
this.pattern = pattern
this.bundle = bundle
}
/**
* Indicate that the file names matching the cache entry pattern are NOT sufficient to uniquely identify the contents.
* If the file names are sufficient, then we use a hash of the file names to identify the entry.
* With non-unique-file-names, we hash the file contents to identify the cache entry.
*/
withNonUniqueFileNames(): ExtractedCacheEntryDefinition {
this.uniqueFileNames = false
return this
}
/**
* Specify that the cache entry, should not be saved for some reason, even though the contents exist.
* This is used to prevent configuration-cache entries being cached when they were generated by Gradle < 8.6,
*/
notCacheableBecause(reason: string): ExtractedCacheEntryDefinition {
this.notCacheableReason = reason
return this
}
}
/**
* Caches and restores the entire Gradle User Home directory, extracting entries containing common artifacts
* for more efficient storage.
*/
abstract class AbstractEntryExtractor {
protected readonly cacheConfig: CacheConfig
protected readonly gradleUserHome: string
private extractorName: string
constructor(gradleUserHome: string, extractorName: string, cacheConfig: CacheConfig) {
this.gradleUserHome = gradleUserHome
this.extractorName = extractorName
this.cacheConfig = cacheConfig
}
/**
* Restores any artifacts that were cached separately, based on the information in the `cache-metadata.json` file.
* Each extracted cache entry is restored in parallel, except when debugging is enabled.
*/
async restore(listener: CacheListener): Promise<void> {
const previouslyExtractedCacheEntries = this.loadExtractedCacheEntries()
const processes: Promise<ExtractedCacheEntry>[] = []
for (const cacheEntry of previouslyExtractedCacheEntries) {
const artifactType = cacheEntry.artifactType
const entryListener = listener.entry(cacheEntry.pattern)
// Handle case where the extracted-cache-entry definitions have been changed
const skipRestore = process.env[SKIP_RESTORE_VAR] || ''
if (skipRestore.includes(artifactType)) {
core.info(`Not restoring extracted cache entry for ${artifactType}`)
entryListener.markRequested('SKIP_RESTORE')
} else {
processes.push(
this.awaitForDebugging(
this.restoreExtractedCacheEntry(
artifactType,
cacheEntry.cacheKey!,
cacheEntry.pattern,
entryListener
)
)
)
}
}
this.saveMetadataForCacheResults(await Promise.all(processes))
}
private async restoreExtractedCacheEntry(
artifactType: string,
cacheKey: string,
pattern: string,
listener: CacheEntryListener
): Promise<ExtractedCacheEntry> {
const restoredEntry = await restoreCache(pattern.split('\n'), cacheKey, [], listener)
if (restoredEntry) {
return new ExtractedCacheEntry(artifactType, pattern, cacheKey)
} else {
core.info(`Did not restore ${artifactType} with key ${cacheKey} to ${pattern}`)
return new ExtractedCacheEntry(artifactType, pattern, undefined)
}
}
/**
* Saves any artifacts that are configured to be cached separately, based on the extracted cache entry definitions.
* Each entry is extracted and saved in parallel, except when debugging is enabled.
*/
async extract(listener: CacheListener): Promise<void> {
// Load the cache entry definitions (from config) and the previously restored entries (from persisted metadata file)
const cacheEntryDefinitions = this.getExtractedCacheEntryDefinitions()
cacheDebug(
`Extracting cache entries for ${this.extractorName}: ${JSON.stringify(cacheEntryDefinitions, null, 2)}`
)
const previouslyRestoredEntries = this.loadExtractedCacheEntries()
const cacheActions: Promise<ExtractedCacheEntry>[] = []
// For each cache entry definition, determine if it has already been restored, and if not, extract it
for (const cacheEntryDefinition of cacheEntryDefinitions) {
const artifactType = cacheEntryDefinition.artifactType
const pattern = cacheEntryDefinition.pattern
if (cacheEntryDefinition.notCacheableReason) {
listener.entry(pattern).markNotSaved(cacheEntryDefinition.notCacheableReason)
continue
}
// Find all matching files for this cache entry definition
const globber = await glob.create(pattern, {
implicitDescendants: false
})
const matchingFiles = await globber.glob()
if (matchingFiles.length === 0) {
cacheDebug(`No files found to cache for ${artifactType}`)
continue
}
if (cacheEntryDefinition.bundle) {
// For an extracted "bundle", use the defined pattern and cache all matching files in a single entry.
cacheActions.push(
this.awaitForDebugging(
this.saveExtractedCacheEntry(
matchingFiles,
artifactType,
pattern,
cacheEntryDefinition.uniqueFileNames,
previouslyRestoredEntries,
listener.entry(pattern)
)
)
)
} else {
// Otherwise cache each matching file in a separate entry, using the complete file path as the cache pattern.
for (const cacheFile of matchingFiles) {
cacheActions.push(
this.awaitForDebugging(
this.saveExtractedCacheEntry(
[cacheFile],
artifactType,
cacheFile,
cacheEntryDefinition.uniqueFileNames,
previouslyRestoredEntries,
listener.entry(cacheFile)
)
)
)
}
}
}
this.saveMetadataForCacheResults(await Promise.all(cacheActions))
}
private async saveExtractedCacheEntry(
matchingFiles: string[],
artifactType: string,
pattern: string,
uniqueFileNames: boolean,
previouslyRestoredEntries: ExtractedCacheEntry[],
entryListener: CacheEntryListener
): Promise<ExtractedCacheEntry> {
const cacheKey = uniqueFileNames
? this.createCacheKeyFromFileNames(artifactType, matchingFiles)
: await this.createCacheKeyFromFileContents(artifactType, pattern)
const previouslyRestoredKey = previouslyRestoredEntries.find(
x => x.artifactType === artifactType && x.pattern === pattern
)?.cacheKey
if (previouslyRestoredKey === cacheKey) {
cacheDebug(`No change to previously restored ${artifactType}. Not saving.`)
entryListener.markNotSaved('contents unchanged')
} else {
await saveCache(pattern.split('\n'), cacheKey, entryListener)
}
for (const file of matchingFiles) {
tryDelete(file)
}
return new ExtractedCacheEntry(artifactType, pattern, cacheKey)
}
protected createCacheKeyFromFileNames(artifactType: string, files: string[]): string {
const relativeFiles = files.map(x => path.relative(this.gradleUserHome, x))
const key = hashFileNames(relativeFiles)
cacheDebug(`Generating cache key for ${artifactType} from file names: ${relativeFiles}`)
return `${getCacheKeyBase(artifactType, CACHE_PROTOCOL_VERSION)}-${key}`
}
protected async createCacheKeyFromFileContents(artifactType: string, pattern: string): Promise<string> {
const key = await glob.hashFiles(pattern)
cacheDebug(`Generating cache key for ${artifactType} from files matching: ${pattern}`)
return `${getCacheKeyBase(artifactType, CACHE_PROTOCOL_VERSION)}-${key}`
}
// Run actions sequentially if debugging is enabled
private async awaitForDebugging(p: Promise<ExtractedCacheEntry>): Promise<ExtractedCacheEntry> {
if (isCacheDebuggingEnabled()) {
await p
}
return p
}
/**
* Load information about the extracted cache entries previously restored/saved. This is loaded from the 'cache-metadata.json' file.
*/
protected loadExtractedCacheEntries(): ExtractedCacheEntry[] {
const cacheMetadataFile = this.getCacheMetadataFile()
if (!fs.existsSync(cacheMetadataFile)) {
return []
}
const filedata = fs.readFileSync(cacheMetadataFile, 'utf-8')
cacheDebug(`Loaded cache metadata for ${this.extractorName}: ${filedata}`)
const extractedCacheEntryMetadata = JSON.parse(filedata) as ExtractedCacheEntryMetadata
return extractedCacheEntryMetadata.entries
}
/**
* Saves information about the extracted cache entries into the 'cache-metadata.json' file.
*/
protected saveMetadataForCacheResults(results: ExtractedCacheEntry[]): void {
const extractedCacheEntryMetadata = new ExtractedCacheEntryMetadata()
extractedCacheEntryMetadata.entries = results.filter(x => x.cacheKey !== undefined)
const filedata = JSON.stringify(extractedCacheEntryMetadata)
cacheDebug(`Saving cache metadata for ${this.extractorName}: ${filedata}`)
fs.writeFileSync(this.getCacheMetadataFile(), filedata, 'utf-8')
}
private getCacheMetadataFile(): string {
const actionMetadataDirectory = path.resolve(this.gradleUserHome, ACTION_METADATA_DIR)
fs.mkdirSync(actionMetadataDirectory, {recursive: true})
return path.resolve(actionMetadataDirectory, `${this.extractorName}-entry-metadata.json`)
}
protected abstract getExtractedCacheEntryDefinitions(): ExtractedCacheEntryDefinition[]
}
export class GradleHomeEntryExtractor extends AbstractEntryExtractor {
constructor(gradleUserHome: string, cacheConfig: CacheConfig) {
super(gradleUserHome, 'gradle-home', cacheConfig)
}
async extract(listener: CacheListener): Promise<void> {
await this.deleteWrapperZips()
return super.extract(listener)
}
/**
* Delete any downloaded wrapper zip files that are not needed after extraction.
* These files are cleaned up by Gradle >= 7.5, but for older versions we remove them manually.
*/
private async deleteWrapperZips(): Promise<void> {
const wrapperZips = path.resolve(this.gradleUserHome, 'wrapper/dists/*/*/*.zip')
const globber = await glob.create(wrapperZips, {
implicitDescendants: false
})
for (const wrapperZip of await globber.glob()) {
cacheDebug(`Deleting wrapper zip: ${wrapperZip}`)
await tryDelete(wrapperZip)
}
}
/**
* Return the extracted cache entry definitions, which determine which artifacts will be cached
* separately from the rest of the Gradle User Home cache entry.
*/
protected getExtractedCacheEntryDefinitions(): ExtractedCacheEntryDefinition[] {
const entryDefinition = (
artifactType: string,
patterns: string[],
bundle: boolean
): ExtractedCacheEntryDefinition => {
const resolvedPatterns = patterns
.map(x => {
const isDir = x.endsWith('/')
const resolved = path.resolve(this.gradleUserHome, x)
return isDir ? `${resolved}/` : resolved // Restore trailing '/' removed by path.resolve()
})
.join('\n')
return new ExtractedCacheEntryDefinition(artifactType, resolvedPatterns, bundle)
}
return [
entryDefinition('generated-gradle-jars', ['caches/*/generated-gradle-jars/*.jar'], false),
entryDefinition('wrapper-zips', ['wrapper/dists/*/*/'], false), // Each wrapper directory cached separately
entryDefinition('java-toolchains', ['jdks/*/'], false), // Each extracted JDK cached separately
entryDefinition('dependencies', ['caches/modules-*/files-*/*/*/*/*'], true),
entryDefinition('instrumented-jars', ['caches/jars-*/*/'], true),
entryDefinition('kotlin-dsl', ['caches/*/kotlin-dsl/accessors/*/', 'caches/*/kotlin-dsl/scripts/*/'], true),
entryDefinition('groovy-dsl', ['caches/*/groovy-dsl/*/'], true),
entryDefinition('transforms', ['caches/transforms-4/*/', 'caches/*/transforms/*/'], true)
]
}
}
export class ConfigurationCacheEntryExtractor extends AbstractEntryExtractor {
constructor(gradleUserHome: string, cacheConfig: CacheConfig) {
super(gradleUserHome, 'configuration-cache', cacheConfig)
}
/**
* Handle the case where Gradle User Home has not been fully restored, so that the configuration-cache
* entry is not reusable.
*/
async restore(listener: CacheListener): Promise<void> {
if (!listener.fullyRestored) {
this.markNotRestored(listener, 'Gradle User Home was not fully restored')
return
}
if (!this.cacheConfig.getCacheEncryptionKey()) {
this.markNotRestored(listener, 'Encryption Key was not provided')
return
}
return await super.restore(listener)
}
private markNotRestored(listener: CacheListener, reason: string): void {
const cacheEntries = this.loadExtractedCacheEntries()
if (cacheEntries.length > 0) {
core.info(`Not restoring configuration-cache state, as ${reason}`)
for (const cacheEntry of cacheEntries) {
listener.entry(cacheEntry.pattern).markNotRestored(reason)
}
// Update the results file based on no entries restored
this.saveMetadataForCacheResults([])
}
}
async extract(listener: CacheListener): Promise<void> {
if (!this.cacheConfig.getCacheEncryptionKey()) {
const cacheEntryDefinitions = this.getExtractedCacheEntryDefinitions()
if (cacheEntryDefinitions.length > 0) {
core.info('Not saving configuration-cache state, as no encryption key was provided')
for (const cacheEntry of cacheEntryDefinitions) {
listener.entry(cacheEntry.pattern).markNotSaved('No encryption key provided')
}
}
return
}
await super.extract(listener)
}
/**
* Extract cache entries for the configuration cache in each project.
*/
protected getExtractedCacheEntryDefinitions(): ExtractedCacheEntryDefinition[] {
// Group BuildResult by existing configCacheDir
const groupedResults = this.getConfigCacheDirectoriesWithAssociatedBuildResults()
return Object.entries(groupedResults).map(([configCachePath, pathResults]) => {
// Create a entry definition for each unique configuration cache directory
const definition = new ExtractedCacheEntryDefinition(
'configuration-cache',
configCachePath,
true
).withNonUniqueFileNames()
// If any associated build result used Gradle < 8.6, then mark it as not cacheable
if (
pathResults.find(result => {
return !versionIsAtLeast(result.gradleVersion, '8.6.0')
})
) {
core.info(
`Not saving config-cache data for ${configCachePath}. Configuration cache data is only saved for Gradle 8.6+`
)
definition.notCacheableBecause('Configuration cache data only saved for Gradle 8.6+')
}
return definition
})
}
private getConfigCacheDirectoriesWithAssociatedBuildResults(): Record<string, BuildResult[]> {
return loadBuildResults().results.reduce(
(acc, buildResult) => {
// For each build result, find the config-cache dir
const configCachePath = path.resolve(buildResult.rootProjectDir, '.gradle/configuration-cache')
// Ignore case where config-cache dir doesn't exist
if (!fs.existsSync(configCachePath)) {
return acc
}
// Group by unique config cache directories and collect associated build results
if (!acc[configCachePath]) {
acc[configCachePath] = []
}
acc[configCachePath].push(buildResult)
return acc
},
{} as Record<string, BuildResult[]>
)
}
}

290
sources/src/caching/gradle-user-home-cache.ts Normal file
View File

@@ -0,0 +1,290 @@
import * as core from '@actions/core'
import * as exec from '@actions/exec'
import * as glob from '@actions/glob'
import path from 'path'
import fs from 'fs'
import {generateCacheKey} from './cache-key'
import {CacheListener} from './cache-reporting'
import {saveCache, restoreCache, cacheDebug, isCacheDebuggingEnabled, tryDelete} from './cache-utils'
import {CacheConfig, ACTION_METADATA_DIR} from '../configuration'
import {GradleHomeEntryExtractor, ConfigurationCacheEntryExtractor} from './gradle-home-extry-extractor'
import {getPredefinedToolchains, mergeToolchainContent, readResourceFileAsString} from './gradle-user-home-utils'
const RESTORED_CACHE_KEY_KEY = 'restored-cache-key'
export class GradleUserHomeCache {
private readonly cacheName = 'home'
private readonly cacheDescription = 'Gradle User Home'
private readonly userHome: string
private readonly gradleUserHome: string
private readonly cacheConfig: CacheConfig
constructor(userHome: string, gradleUserHome: string, cacheConfig: CacheConfig) {
this.userHome = userHome
this.gradleUserHome = gradleUserHome
this.cacheConfig = cacheConfig
}
init(): void {
this.initializeGradleUserHome()
// Export the GRADLE_ENCRYPTION_KEY variable if provided
const encryptionKey = this.cacheConfig.getCacheEncryptionKey()
if (encryptionKey) {
core.exportVariable('GRADLE_ENCRYPTION_KEY', encryptionKey)
}
}
cacheOutputExists(): boolean {
const cachesDir = path.resolve(this.gradleUserHome, 'caches')
if (fs.existsSync(cachesDir)) {
cacheDebug(`Cache output exists at ${cachesDir}`)
return true
}
return false
}
/**
* Restores the cache entry, finding the closest match to the currently running job.
*/
async restore(listener: CacheListener): Promise<void> {
const entryListener = listener.entry(this.cacheDescription)
const cacheKey = generateCacheKey(this.cacheName, this.cacheConfig)
cacheDebug(
`Requesting ${this.cacheDescription} with
key:${cacheKey.key}
restoreKeys:[${cacheKey.restoreKeys}]`
)
const cachePath = this.getCachePath()
const cacheResult = await restoreCache(cachePath, cacheKey.key, cacheKey.restoreKeys, entryListener)
if (!cacheResult) {
core.info(`${this.cacheDescription} cache not found. Will initialize empty.`)
return
}
core.saveState(RESTORED_CACHE_KEY_KEY, cacheResult.key)
try {
await this.afterRestore(listener)
} catch (error) {
core.warning(`Restore ${this.cacheDescription} failed in 'afterRestore': ${error}`)
}
}
/**
* Restore any extracted cache entries after the main Gradle User Home entry is restored.
*/
async afterRestore(listener: CacheListener): Promise<void> {
await this.debugReportGradleUserHomeSize('as restored from cache')
await new GradleHomeEntryExtractor(this.gradleUserHome, this.cacheConfig).restore(listener)
await new ConfigurationCacheEntryExtractor(this.gradleUserHome, this.cacheConfig).restore(listener)
await this.deleteExcludedPaths()
await this.debugReportGradleUserHomeSize('after restoring common artifacts')
}
/**
* Saves the cache entry based on the current cache key unless the cache was restored with the exact key,
* in which case we cannot overwrite it.
*
* If the cache entry was restored with a partial match on a restore key, then
* it is saved with the exact key.
*/
async save(listener: CacheListener): Promise<void> {
const cacheKey = generateCacheKey(this.cacheName, this.cacheConfig).key
const restoredCacheKey = core.getState(RESTORED_CACHE_KEY_KEY)
const gradleHomeEntryListener = listener.entry(this.cacheDescription)
if (restoredCacheKey && cacheKey === restoredCacheKey) {
core.info(`Cache hit occurred on the cache key ${cacheKey}, not saving cache.`)
for (const entryListener of listener.cacheEntries) {
if (entryListener === gradleHomeEntryListener) {
entryListener.markNotSaved('cache key not changed')
} else {
entryListener.markNotSaved(`referencing '${this.cacheDescription}' cache entry not saved`)
}
}
return
}
try {
await this.beforeSave(listener)
} catch (error) {
core.warning(`Save ${this.cacheDescription} failed in 'beforeSave': ${error}`)
return
}
const cachePath = this.getCachePath()
await saveCache(cachePath, cacheKey, gradleHomeEntryListener)
return
}
/**
* Extract and save any defined extracted cache entries prior to the main Gradle User Home entry being saved.
*/
async beforeSave(listener: CacheListener): Promise<void> {
await this.debugReportGradleUserHomeSize('before saving common artifacts')
await this.deleteExcludedPaths()
await Promise.all([
new GradleHomeEntryExtractor(this.gradleUserHome, this.cacheConfig).extract(listener),
new ConfigurationCacheEntryExtractor(this.gradleUserHome, this.cacheConfig).extract(listener)
])
await this.debugReportGradleUserHomeSize(
"after extracting common artifacts (only 'caches' and 'notifications' will be stored)"
)
}
/**
* Delete any file paths that are excluded by the `gradle-home-cache-excludes` parameter.
*/
private async deleteExcludedPaths(): Promise<void> {
const rawPaths: string[] = this.cacheConfig.getCacheExcludes()
rawPaths.push('caches/*/cc-keystore')
const resolvedPaths = rawPaths.map(x => path.resolve(this.gradleUserHome, x))
for (const p of resolvedPaths) {
cacheDebug(`Removing excluded path: ${p}`)
const globber = await glob.create(p, {
implicitDescendants: false
})
for (const toDelete of await globber.glob()) {
cacheDebug(`Removing excluded file: ${toDelete}`)
await tryDelete(toDelete)
}
}
}
/**
* Determines the paths within Gradle User Home to cache.
* By default, this is the 'caches' and 'notifications' directories,
* but this can be overridden by the `gradle-home-cache-includes` parameter.
*/
protected getCachePath(): string[] {
const rawPaths: string[] = this.cacheConfig.getCacheIncludes()
rawPaths.push(ACTION_METADATA_DIR)
const resolvedPaths = rawPaths.map(x => this.resolveCachePath(x))
cacheDebug(`Using cache paths: ${resolvedPaths}`)
return resolvedPaths
}
private resolveCachePath(rawPath: string): string {
if (rawPath.startsWith('!')) {
const resolved = this.resolveCachePath(rawPath.substring(1))
return `!${resolved}`
}
return path.resolve(this.gradleUserHome, rawPath)
}
private initializeGradleUserHome(): void {
// Create a directory for storing action metadata
const actionCacheDir = path.resolve(this.gradleUserHome, ACTION_METADATA_DIR)
fs.mkdirSync(actionCacheDir, {recursive: true})
this.copyInitScripts()
// Copy the default toolchain definitions to `~/.m2/toolchains.xml`
this.registerToolchains()
if (core.isDebug()) {
this.configureInfoLogLevel()
}
}
private copyInitScripts(): void {
// Copy init scripts from src/resources to Gradle UserHome
const initScriptsDir = path.resolve(this.gradleUserHome, 'init.d')
fs.mkdirSync(initScriptsDir, {recursive: true})
const initScriptFilenames = [
'gradle-actions.build-result-capture.init.gradle',
'gradle-actions.build-result-capture-service.plugin.groovy',
'gradle-actions.github-dependency-graph.init.gradle',
'gradle-actions.github-dependency-graph-gradle-plugin-apply.groovy',
'gradle-actions.inject-develocity.init.gradle'
]
for (const initScriptFilename of initScriptFilenames) {
const initScriptContent = readResourceFileAsString('init-scripts', initScriptFilename)
const initScriptPath = path.resolve(initScriptsDir, initScriptFilename)
fs.writeFileSync(initScriptPath, initScriptContent)
}
}
private registerToolchains(): void {
const preInstalledToolchains: string | null = getPredefinedToolchains()
if (preInstalledToolchains == null) return
const m2dir = path.resolve(this.userHome, '.m2')
const toolchainXmlTarget = path.resolve(m2dir, 'toolchains.xml')
if (!fs.existsSync(toolchainXmlTarget)) {
// Write a new toolchains.xml file if it doesn't exist
fs.mkdirSync(m2dir, {recursive: true})
fs.writeFileSync(toolchainXmlTarget, preInstalledToolchains)
core.info(`Wrote default JDK locations to ${toolchainXmlTarget}`)
} else {
// Merge into an existing toolchains.xml file
const existingToolchainContent = fs.readFileSync(toolchainXmlTarget, 'utf8')
const mergedContent = mergeToolchainContent(existingToolchainContent, preInstalledToolchains)
fs.writeFileSync(toolchainXmlTarget, mergedContent)
core.info(`Merged default JDK locations into ${toolchainXmlTarget}`)
}
}
/**
* When the GitHub environment ACTIONS_RUNNER_DEBUG is true, run Gradle with --info and --stacktrace.
* see https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging
*
* @VisibleForTesting
*/
configureInfoLogLevel(): void {
const infoProperties = `org.gradle.logging.level=info\norg.gradle.logging.stacktrace=all\n`
const propertiesFile = path.resolve(this.gradleUserHome, 'gradle.properties')
if (fs.existsSync(propertiesFile)) {
core.info(`Merged --info and --stacktrace into existing ${propertiesFile} file`)
const existingProperties = fs.readFileSync(propertiesFile, 'utf-8')
fs.writeFileSync(propertiesFile, `${infoProperties}\n${existingProperties}`)
} else {
core.info(`Created a new ${propertiesFile} with --info and --stacktrace`)
fs.writeFileSync(propertiesFile, infoProperties)
}
}
/**
* When cache debugging is enabled (or ACTIONS_STEP_DEBUG is on),
* this method will give a detailed report of the Gradle User Home contents.
*/
private async debugReportGradleUserHomeSize(label: string): Promise<void> {
if (!isCacheDebuggingEnabled() && !core.isDebug()) {
return
}
if (!fs.existsSync(this.gradleUserHome)) {
return
}
const result = await exec.getExecOutput('du', ['-h', '-c', '-t', '5M'], {
cwd: this.gradleUserHome,
silent: true,
ignoreReturnCode: true
})
core.info(`Gradle User Home (directories >5M): ${label}`)
core.info(
result.stdout
.trimEnd()
.replace(/\t/g, ' ')
.split('\n')
.map(it => {
return ` ${it}`
})
.join('\n')
)
core.info('-----------------------')
}
}

49
sources/src/caching/gradle-user-home-utils.ts Normal file
View File

@@ -0,0 +1,49 @@
import path from 'path'
import fs from 'fs'
export function readResourceFileAsString(...paths: string[]): string {
// Resolving relative to __dirname will allow node to find the resource at runtime
const absolutePath = path.resolve(__dirname, '..', '..', '..', 'sources', 'src', 'resources', ...paths)
return fs.readFileSync(absolutePath, 'utf8')
}
/**
* Iterate over all `JAVA_HOME_{version}_{arch}` envs and construct the toolchain.xml.
*
* @VisibleForTesting
*/
export function getPredefinedToolchains(): string | null {
const javaHomeEnvs: string[] = []
for (const javaHomeEnvsKey in process.env) {
if (javaHomeEnvsKey.startsWith('JAVA_HOME_')) {
javaHomeEnvs.push(javaHomeEnvsKey)
}
}
if (javaHomeEnvs.length === 0) {
return null
}
// language=XML
let toolchainsXml = `<?xml version="1.0" encoding="UTF-8"?>
<toolchains>
<!-- JDK Toolchains installed by default on GitHub-hosted runners -->
`
for (const javaHomeEnv of javaHomeEnvs) {
const version = javaHomeEnv.match(/JAVA_HOME_(\d+)_/)?.[1]!
toolchainsXml += ` <toolchain>
<type>jdk</type>
<provides>
<version>${version}</version>
</provides>
<configuration>
<jdkHome>\${env.${javaHomeEnv}}</jdkHome>
</configuration>
</toolchain>\n`
}
toolchainsXml += `</toolchains>\n`
return toolchainsXml
}
export function mergeToolchainContent(existingToolchainContent: string, preInstalledToolchains: string): string {
const appendedContent = preInstalledToolchains.split('<toolchains>').pop()!
return existingToolchainContent.replace('</toolchains>', appendedContent)
}

431
sources/src/configuration.ts Normal file
View File

@@ -0,0 +1,431 @@
import * as core from '@actions/core'
import * as github from '@actions/github'
import * as cache from '@actions/cache'
import * as deprecator from './deprecation-collector'
import {SUMMARY_ENV_VAR} from '@actions/core/lib/summary'
import path from 'path'
const ACTION_ID_VAR = 'GRADLE_ACTION_ID'
export const ACTION_METADATA_DIR = '.setup-gradle'
export class DependencyGraphConfig {
getDependencyGraphOption(): DependencyGraphOption {
const val = core.getInput('dependency-graph')
switch (val.toLowerCase().trim()) {
case 'disabled':
return DependencyGraphOption.Disabled
case 'generate':
return DependencyGraphOption.Generate
case 'generate-and-submit':
return DependencyGraphOption.GenerateAndSubmit
case 'generate-and-upload':
return DependencyGraphOption.GenerateAndUpload
case 'download-and-submit':
return DependencyGraphOption.DownloadAndSubmit
}
throw TypeError(
`The value '${val}' is not valid for 'dependency-graph'. Valid values are: [disabled, generate, generate-and-submit, generate-and-upload, download-and-submit]. The default value is 'disabled'.`
)
}
getDependencyGraphContinueOnFailure(): boolean {
return getBooleanInput('dependency-graph-continue-on-failure', true)
}
getArtifactRetentionDays(): number {
const val = core.getInput('artifact-retention-days')
return parseNumericInput('artifact-retention-days', val, 0)
// Zero indicates that the default repository settings should be used
}
getJobCorrelator(): string {
return DependencyGraphConfig.constructJobCorrelator(github.context.workflow, github.context.job, getJobMatrix())
}
getReportDirectory(): string {
const param = core.getInput('dependency-graph-report-dir')
return path.resolve(getWorkspaceDirectory(), param)
}
getDownloadArtifactName(): string | undefined {
return process.env['DEPENDENCY_GRAPH_DOWNLOAD_ARTIFACT_NAME']
}
getExcludeProjects(): string | undefined {
return getOptionalInput('dependency-graph-exclude-projects')
}
getIncludeProjects(): string | undefined {
return getOptionalInput('dependency-graph-include-projects')
}
getExcludeConfigurations(): string | undefined {
return getOptionalInput('dependency-graph-exclude-configurations')
}
getIncludeConfigurations(): string | undefined {
return getOptionalInput('dependency-graph-include-configurations')
}
static constructJobCorrelator(workflow: string, jobId: string, matrixJson: string): string {
const matrixString = this.describeMatrix(matrixJson)
const label = matrixString ? `${workflow}-${jobId}-${matrixString}` : `${workflow}-${jobId}`
return this.sanitize(label)
}
private static describeMatrix(matrixJson: string): string {
core.debug(`Got matrix json: ${matrixJson}`)
const matrix = JSON.parse(matrixJson)
if (matrix) {
return Object.values(matrix).join('-')
}
return ''
}
private static sanitize(value: string): string {
return value
.replace(/[^a-zA-Z0-9_-\s]/g, '')
.replace(/\s+/g, '_')
.toLowerCase()
}
}
export enum DependencyGraphOption {
Disabled = 'disabled',
Generate = 'generate',
GenerateAndSubmit = 'generate-and-submit',
GenerateAndUpload = 'generate-and-upload',
DownloadAndSubmit = 'download-and-submit'
}
export class CacheConfig {
isCacheDisabled(): boolean {
if (!cache.isFeatureAvailable()) {
return true
}
return getBooleanInput('cache-disabled')
}
isCacheReadOnly(): boolean {
return !this.isCacheWriteOnly() && getBooleanInput('cache-read-only')
}
isCacheWriteOnly(): boolean {
return getBooleanInput('cache-write-only')
}
isCacheOverwriteExisting(): boolean {
return getBooleanInput('cache-overwrite-existing')
}
isCacheStrictMatch(): boolean {
return getBooleanInput('gradle-home-cache-strict-match')
}
isCacheCleanupEnabled(): boolean {
if (this.isCacheReadOnly()) {
return false
}
const cleanupOption = this.getCacheCleanupOption()
return cleanupOption === CacheCleanupOption.Always || cleanupOption === CacheCleanupOption.OnSuccess
}
shouldPerformCacheCleanup(hasFailure: boolean): boolean {
const cleanupOption = this.getCacheCleanupOption()
if (cleanupOption === CacheCleanupOption.Always) {
return true
}
if (cleanupOption === CacheCleanupOption.OnSuccess) {
return !hasFailure
}
return false
}
private getCacheCleanupOption(): CacheCleanupOption {
const legacyVal = getOptionalBooleanInput('gradle-home-cache-cleanup')
if (legacyVal !== undefined) {
deprecator.recordDeprecation(
'The `gradle-home-cache-cleanup` input parameter has been replaced by `cache-cleanup`'
)
return legacyVal ? CacheCleanupOption.Always : CacheCleanupOption.Never
}
const val = core.getInput('cache-cleanup')
switch (val.toLowerCase().trim()) {
case 'always':
return CacheCleanupOption.Always
case 'on-success':
return CacheCleanupOption.OnSuccess
case 'never':
return CacheCleanupOption.Never
}
throw TypeError(
`The value '${val}' is not valid for cache-cleanup. Valid values are: [never, always, on-success].`
)
}
getCacheEncryptionKey(): string {
return core.getInput('cache-encryption-key')
}
getCacheIncludes(): string[] {
return core.getMultilineInput('gradle-home-cache-includes')
}
getCacheExcludes(): string[] {
return core.getMultilineInput('gradle-home-cache-excludes')
}
}
export enum CacheCleanupOption {
Never = 'never',
OnSuccess = 'on-success',
Always = 'always'
}
export class SummaryConfig {
shouldGenerateJobSummary(hasFailure: boolean): boolean {
// Check if Job Summary is supported on this platform
if (!process.env[SUMMARY_ENV_VAR]) {
return false
}
return this.shouldAddJobSummary(this.getJobSummaryOption(), hasFailure)
}
shouldAddPRComment(hasFailure: boolean): boolean {
return this.shouldAddJobSummary(this.getPRCommentOption(), hasFailure)
}
private shouldAddJobSummary(option: JobSummaryOption, hasFailure: boolean): boolean {
switch (option) {
case JobSummaryOption.Always:
return true
case JobSummaryOption.Never:
return false
case JobSummaryOption.OnFailure:
return hasFailure
}
}
private getJobSummaryOption(): JobSummaryOption {
return this.parseJobSummaryOption('add-job-summary')
}
private getPRCommentOption(): JobSummaryOption {
return this.parseJobSummaryOption('add-job-summary-as-pr-comment')
}
private parseJobSummaryOption(paramName: string): JobSummaryOption {
const val = core.getInput(paramName)
switch (val.toLowerCase().trim()) {
case 'never':
return JobSummaryOption.Never
case 'always':
return JobSummaryOption.Always
case 'on-failure':
return JobSummaryOption.OnFailure
}
throw TypeError(
`The value '${val}' is not valid for ${paramName}. Valid values are: [never, always, on-failure].`
)
}
}
export enum JobSummaryOption {
Never = 'never',
Always = 'always',
OnFailure = 'on-failure'
}
export class BuildScanConfig {
static DevelocityAccessKeyEnvVar = 'DEVELOCITY_ACCESS_KEY'
static GradleEnterpriseAccessKeyEnvVar = 'GRADLE_ENTERPRISE_ACCESS_KEY'
getBuildScanPublishEnabled(): boolean {
return getBooleanInput('build-scan-publish') && this.verifyTermsOfUseAgreement()
}
getBuildScanTermsOfUseUrl(): string {
return core.getInput('build-scan-terms-of-use-url')
}
getBuildScanTermsOfUseAgree(): string {
return core.getInput('build-scan-terms-of-use-agree')
}
getDevelocityAccessKey(): string {
return (
core.getInput('develocity-access-key') ||
process.env[BuildScanConfig.DevelocityAccessKeyEnvVar] ||
process.env[BuildScanConfig.GradleEnterpriseAccessKeyEnvVar] ||
''
)
}
getDevelocityTokenExpiry(): string {
return core.getInput('develocity-token-expiry')
}
getDevelocityInjectionEnabled(): boolean | undefined {
return getOptionalBooleanInput('develocity-injection-enabled')
}
getDevelocityUrl(): string {
return core.getInput('develocity-url')
}
getDevelocityAllowUntrustedServer(): boolean | undefined {
return getOptionalBooleanInput('develocity-allow-untrusted-server')
}
getDevelocityCaptureFileFingerprints(): boolean | undefined {
return getOptionalBooleanInput('develocity-capture-file-fingerprints')
}
getDevelocityEnforceUrl(): boolean | undefined {
return getOptionalBooleanInput('develocity-enforce-url')
}
getDevelocityPluginVersion(): string {
return core.getInput('develocity-plugin-version')
}
getDevelocityCcudPluginVersion(): string {
return core.getInput('develocity-ccud-plugin-version')
}
getGradlePluginRepositoryUrl(): string {
return core.getInput('gradle-plugin-repository-url')
}
getGradlePluginRepositoryUsername(): string {
return core.getInput('gradle-plugin-repository-username')
}
getGradlePluginRepositoryPassword(): string {
return core.getInput('gradle-plugin-repository-password')
}
private verifyTermsOfUseAgreement(): boolean {
if (
(this.getBuildScanTermsOfUseUrl() !== 'https://gradle.com/terms-of-service' &&
this.getBuildScanTermsOfUseUrl() !== 'https://gradle.com/help/legal-terms-of-use') ||
this.getBuildScanTermsOfUseAgree() !== 'yes'
) {
core.warning(
`Terms of use at 'https://gradle.com/help/legal-terms-of-use' must be agreed in order to publish build scans.`
)
return false
}
return true
}
}
export class GradleExecutionConfig {
getGradleVersion(): string {
return core.getInput('gradle-version')
}
getBuildRootDirectory(): string {
const baseDirectory = getWorkspaceDirectory()
const buildRootDirectoryInput = core.getInput('build-root-directory')
const resolvedBuildRootDirectory =
buildRootDirectoryInput === ''
? path.resolve(baseDirectory)
: path.resolve(baseDirectory, buildRootDirectoryInput)
return resolvedBuildRootDirectory
}
getDependencyResolutionTask(): string {
return core.getInput('dependency-resolution-task') || ':ForceDependencyResolutionPlugin_resolveAllDependencies'
}
getAdditionalArguments(): string {
return core.getInput('additional-arguments')
}
verifyNoArguments(): void {
const input = core.getInput('arguments')
if (input.length !== 0) {
deprecator.failOnUseOfRemovedFeature(
`The 'arguments' parameter is no longer supported for ${getActionId()}`,
'Using the action to execute Gradle via the `arguments` parameter is deprecated'
)
}
}
}
export class WrapperValidationConfig {
doValidateWrappers(): boolean {
return getBooleanInput('validate-wrappers')
}
allowSnapshotWrappers(): boolean {
return getBooleanInput('allow-snapshot-wrappers')
}
}
// Internal parameters
export function getJobMatrix(): string {
return core.getInput('workflow-job-context')
}
export function getGithubToken(): string {
return core.getInput('github-token', {required: true})
}
export function getWorkspaceDirectory(): string {
return process.env[`GITHUB_WORKSPACE`] || ''
}
export function getActionId(): string | undefined {
return process.env[ACTION_ID_VAR]
}
export function setActionId(id: string): void {
core.exportVariable(ACTION_ID_VAR, id)
}
export function parseNumericInput(paramName: string, paramValue: string, paramDefault: number): number {
if (paramValue.length === 0) {
return paramDefault
}
const numericValue = parseInt(paramValue)
if (isNaN(numericValue)) {
throw TypeError(`The value '${paramValue}' is not a valid numeric value for '${paramName}'.`)
}
return numericValue
}
function getOptionalInput(paramName: string): string | undefined {
const paramValue = core.getInput(paramName)
if (paramValue.length > 0) {
return paramValue
}
return undefined
}
function getBooleanInput(paramName: string, paramDefault = false): boolean {
const paramValue = core.getInput(paramName)
switch (paramValue.toLowerCase().trim()) {
case '':
return paramDefault
case 'false':
return false
case 'true':
return true
}
throw TypeError(`The value '${paramValue} is not valid for '${paramName}. Valid values are: [true, false]`)
}
function getOptionalBooleanInput(paramName: string): boolean | undefined {
const paramValue = core.getInput(paramName)
if (paramValue === '') {
return undefined
}
return getBooleanInput(paramName)
}

33
sources/src/daemon-controller.ts Normal file
View File

@@ -0,0 +1,33 @@
import * as core from '@actions/core'
import * as exec from '@actions/exec'
import * as fs from 'fs'
import * as path from 'path'
import {BuildResults} from './build-results'
export class DaemonController {
private readonly gradleHomes
constructor(buildResults: BuildResults) {
this.gradleHomes = buildResults.uniqueGradleHomes()
}
async stopAllDaemons(): Promise<void> {
const executions: Promise<number>[] = []
const args = ['--stop']
for (const gradleHome of this.gradleHomes) {
const executable = path.resolve(gradleHome, 'bin', 'gradle')
if (!fs.existsSync(executable)) {
core.warning(`Gradle executable not found at ${executable}. Could not stop Gradle daemons.`)
continue
}
core.info(`Stopping Gradle daemons for ${gradleHome}`)
executions.push(
exec.exec(executable, args, {
ignoreReturnCode: true
})
)
}
await Promise.all(executions)
}
}

271
sources/src/dependency-graph.ts Normal file
View File

@@ -0,0 +1,271 @@
import * as core from '@actions/core'
import * as github from '@actions/github'
import * as glob from '@actions/glob'
import {DefaultArtifactClient} from '@actions/artifact'
import {GitHub} from '@actions/github/lib/utils'
import {RequestError} from '@octokit/request-error'
import type {PullRequestEvent} from '@octokit/webhooks-types'
import * as path from 'path'
import fs from 'fs'
import {JobFailure} from './errors'
import {DependencyGraphConfig, DependencyGraphOption, getGithubToken, getWorkspaceDirectory} from './configuration'
const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_'
export async function setup(config: DependencyGraphConfig): Promise<void> {
const option = config.getDependencyGraphOption()
if (option === DependencyGraphOption.Disabled) {
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'false')
return
}
// Download and submit early, for compatability with dependency review.
if (option === DependencyGraphOption.DownloadAndSubmit) {
maybeExportVariable('DEPENDENCY_GRAPH_REPORT_DIR', config.getReportDirectory())
await downloadAndSubmitDependencyGraphs(config)
return
}
core.info('Enabling dependency graph generation')
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true')
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', config.getDependencyGraphContinueOnFailure())
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', config.getJobCorrelator())
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId.toString())
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref)
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_SHA', getShaFromContext())
maybeExportVariable('GITHUB_DEPENDENCY_GRAPH_WORKSPACE', getWorkspaceDirectory())
maybeExportVariable('DEPENDENCY_GRAPH_REPORT_DIR', config.getReportDirectory())
maybeExportVariable('DEPENDENCY_GRAPH_EXCLUDE_PROJECTS', config.getExcludeProjects())
maybeExportVariable('DEPENDENCY_GRAPH_INCLUDE_PROJECTS', config.getIncludeProjects())
maybeExportVariable('DEPENDENCY_GRAPH_EXCLUDE_CONFIGURATIONS', config.getExcludeConfigurations())
maybeExportVariable('DEPENDENCY_GRAPH_INCLUDE_CONFIGURATIONS', config.getIncludeConfigurations())
}
function maybeExportVariable(variableName: string, value: string | boolean | undefined): void {
if (!process.env[variableName]) {
if (value !== undefined) {
core.exportVariable(variableName, value)
}
}
}
export async function complete(config: DependencyGraphConfig): Promise<void> {
const option = config.getDependencyGraphOption()
try {
switch (option) {
case DependencyGraphOption.Disabled:
case DependencyGraphOption.Generate: // Performed via init-script: nothing to do here
case DependencyGraphOption.DownloadAndSubmit: // Performed in setup
return
case DependencyGraphOption.GenerateAndSubmit:
await findAndSubmitDependencyGraphs(config)
return
case DependencyGraphOption.GenerateAndUpload:
await findAndUploadDependencyGraphs(config)
}
} catch (e) {
warnOrFail(config, option, e)
}
}
async function downloadAndSubmitDependencyGraphs(config: DependencyGraphConfig): Promise<void> {
if (isRunningInActEnvironment()) {
core.info('Dependency graph not supported in the ACT environment.')
return
}
try {
await submitDependencyGraphs(await downloadDependencyGraphs(config))
} catch (e) {
warnOrFail(config, DependencyGraphOption.DownloadAndSubmit, e)
}
}
async function findAndSubmitDependencyGraphs(config: DependencyGraphConfig): Promise<void> {
if (isRunningInActEnvironment()) {
core.info('Dependency graph not supported in the ACT environment.')
return
}
const dependencyGraphFiles = await findDependencyGraphFiles()
try {
await submitDependencyGraphs(dependencyGraphFiles)
} catch (e) {
try {
await uploadDependencyGraphs(dependencyGraphFiles, config)
} catch (uploadError) {
core.info(String(uploadError))
}
throw e
}
}
async function findAndUploadDependencyGraphs(config: DependencyGraphConfig): Promise<void> {
if (isRunningInActEnvironment()) {
core.info('Dependency graph not supported in the ACT environment.')
return
}
await uploadDependencyGraphs(await findDependencyGraphFiles(), config)
}
async function downloadDependencyGraphs(config: DependencyGraphConfig): Promise<string[]> {
const findBy = github.context.payload.workflow_run
? {
token: getGithubToken(),
workflowRunId: github.context.payload.workflow_run.id,
repositoryName: github.context.repo.repo,
repositoryOwner: github.context.repo.owner
}
: undefined
const artifactClient = new DefaultArtifactClient()
let dependencyGraphArtifacts = (
await artifactClient.listArtifacts({
latest: true,
findBy
})
).artifacts.filter(artifact => artifact.name.startsWith(DEPENDENCY_GRAPH_PREFIX))
const artifactName = config.getDownloadArtifactName()
if (artifactName) {
core.info(`Filtering for artifacts ending with ${artifactName}`)
dependencyGraphArtifacts = dependencyGraphArtifacts.filter(artifact => artifact.name.includes(artifactName))
}
for (const artifact of dependencyGraphArtifacts) {
const downloadedArtifact = await artifactClient.downloadArtifact(artifact.id, {
findBy
})
core.info(`Downloading dependency-graph artifact ${artifact.name} to ${downloadedArtifact.downloadPath}`)
}
return findDependencyGraphFiles()
}
async function findDependencyGraphFiles(): Promise<string[]> {
const globber = await glob.create(`${getReportDirectory()}/**/*.json`)
const allFiles = await globber.glob()
const unprocessedFiles = allFiles.filter(file => !isProcessed(file))
unprocessedFiles.forEach(markProcessed)
core.info(`Found dependency graph files: ${unprocessedFiles.join(', ')}`)
return unprocessedFiles
}
async function uploadDependencyGraphs(dependencyGraphFiles: string[], config: DependencyGraphConfig): Promise<void> {
if (dependencyGraphFiles.length === 0) {
core.info('No dependency graph files found to upload.')
return
}
const workspaceDirectory = getWorkspaceDirectory()
const artifactClient = new DefaultArtifactClient()
for (const dependencyGraphFile of dependencyGraphFiles) {
const relativePath = getRelativePathFromWorkspace(dependencyGraphFile)
core.info(`Uploading dependency graph file: ${relativePath}`)
const artifactName = `${DEPENDENCY_GRAPH_PREFIX}${path.basename(dependencyGraphFile)}`
await artifactClient.uploadArtifact(artifactName, [dependencyGraphFile], workspaceDirectory, {
retentionDays: config.getArtifactRetentionDays()
})
}
}
async function submitDependencyGraphs(dependencyGraphFiles: string[]): Promise<void> {
if (dependencyGraphFiles.length === 0) {
core.info('No dependency graph files found to submit.')
return
}
for (const dependencyGraphFile of dependencyGraphFiles) {
try {
await submitDependencyGraphFile(dependencyGraphFile)
} catch (error) {
if (error instanceof RequestError) {
error.message = translateErrorMessage(dependencyGraphFile, error)
}
throw error
}
}
}
function translateErrorMessage(jsonFile: string, error: RequestError): string {
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile)
const mainWarning = `Dependency submission failed for ${relativeJsonFile}.\n${error.message}`
if (error.message === 'Resource not accessible by integration') {
return `${mainWarning}
Please ensure that the 'contents: write' permission is available for the workflow job.
Note that this permission is never available for a 'pull_request' trigger from a repository fork.
`
}
return mainWarning
}
async function submitDependencyGraphFile(jsonFile: string): Promise<void> {
const octokit = getOctokit()
const jsonContent = fs.readFileSync(jsonFile, 'utf8')
const jsonObject = JSON.parse(jsonContent)
jsonObject.owner = github.context.repo.owner
jsonObject.repo = github.context.repo.repo
const response = await octokit.request('POST /repos/{owner}/{repo}/dependency-graph/snapshots', jsonObject)
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile)
core.notice(`Submitted ${relativeJsonFile}: ${response.data.message}`)
}
function getReportDirectory(): string {
return process.env.DEPENDENCY_GRAPH_REPORT_DIR!
}
function isProcessed(dependencyGraphFile: string): boolean {
const markerFile = `${dependencyGraphFile}.processed`
return fs.existsSync(markerFile)
}
function markProcessed(dependencyGraphFile: string): void {
const markerFile = `${dependencyGraphFile}.processed`
fs.writeFileSync(markerFile, '')
}
function warnOrFail(config: DependencyGraphConfig, option: String, error: unknown): void {
if (!config.getDependencyGraphContinueOnFailure()) {
throw new JobFailure(error)
}
core.warning(`Failed to ${option} dependency graph. Will continue.\n${String(error)}`)
}
function getOctokit(): InstanceType<typeof GitHub> {
return github.getOctokit(getGithubToken())
}
function getRelativePathFromWorkspace(file: string): string {
const workspaceDirectory = getWorkspaceDirectory()
return path.relative(workspaceDirectory, file)
}
function getShaFromContext(): string {
const context = github.context
const pullRequestEvents = [
'pull_request',
'pull_request_comment',
'pull_request_review',
'pull_request_review_comment'
// Note that pull_request_target is omitted here.
// That event runs in the context of the base commit of the PR,
// so the snapshot should not be associated with the head commit.
]
if (pullRequestEvents.includes(context.eventName)) {
const pr = (context.payload as PullRequestEvent).pull_request
return pr.head.sha
} else {
return context.sha
}
}
function isRunningInActEnvironment(): boolean {
return process.env.ACT !== undefined
}

70
sources/src/deprecation-collector.ts Normal file
View File

@@ -0,0 +1,70 @@
import * as core from '@actions/core'
import {getActionId} from './configuration'
const DEPRECATION_UPGRADE_PAGE = 'https://github.com/gradle/actions/blob/main/docs/deprecation-upgrade-guide.md'
const recordedDeprecations: Deprecation[] = []
const recordedErrors: string[] = []
export class Deprecation {
constructor(readonly message: string) {}
getDocumentationLink(): string {
const deprecationAnchor = this.message
.toLowerCase()
.replace(/[^\w\s-]|_/g, '')
.replace(/ /g, '-')
return `${DEPRECATION_UPGRADE_PAGE}#${deprecationAnchor}`
}
}
export function recordDeprecation(message: string): void {
if (!recordedDeprecations.some(deprecation => deprecation.message === message)) {
recordedDeprecations.push(new Deprecation(message))
}
}
export function failOnUseOfRemovedFeature(removalMessage: string, deprecationMessage: string = removalMessage): void {
const deprecation = new Deprecation(deprecationMessage)
const errorMessage = `${removalMessage}.\nSee ${deprecation.getDocumentationLink()}`
recordedErrors.push(errorMessage)
core.setFailed(errorMessage)
}
export function getDeprecations(): Deprecation[] {
return recordedDeprecations
}
export function getErrors(): string[] {
return recordedErrors
}
export function emitDeprecationWarnings(hasJobSummary = true): void {
if (recordedDeprecations.length > 0) {
core.warning(
`This job uses deprecated functionality from the '${getActionId()}' action. Consult the ${hasJobSummary ? 'Job Summary' : 'logs'} for more details.`
)
for (const deprecation of recordedDeprecations) {
core.info(`DEPRECATION: ${deprecation.message}. See ${deprecation.getDocumentationLink()}`)
}
}
}
export function saveDeprecationState(): void {
core.saveState('deprecation-collector_deprecations', JSON.stringify(recordedDeprecations))
core.saveState('deprecation-collector_errors', JSON.stringify(recordedErrors))
}
export function restoreDeprecationState(): void {
const savedDeprecations = core.getState('deprecation-collector_deprecations')
if (savedDeprecations) {
// eslint-disable-next-line @typescript-eslint/no-explicit-any
JSON.parse(savedDeprecations).forEach((obj: any) => {
recordedDeprecations.push(new Deprecation(obj.message))
})
}
const savedErrors = core.getState('deprecation-collector_errors')
if (savedErrors) {
recordedErrors.push(...JSON.parse(savedErrors))
}
}

39
sources/src/develocity/build-scan.ts Normal file
View File

@@ -0,0 +1,39 @@
import * as core from '@actions/core'
import {BuildScanConfig} from '../configuration'
import {setupToken} from './short-lived-token'
export async function setup(config: BuildScanConfig): Promise<void> {
maybeExportVariable('DEVELOCITY_INJECTION_INIT_SCRIPT_NAME', 'gradle-actions.inject-develocity.init.gradle')
maybeExportVariable('DEVELOCITY_AUTO_INJECTION_CUSTOM_VALUE', 'gradle-actions')
if (config.getBuildScanPublishEnabled()) {
maybeExportVariable('DEVELOCITY_INJECTION_ENABLED', 'true')
maybeExportVariable('DEVELOCITY_PLUGIN_VERSION', '3.18.1')
maybeExportVariable('DEVELOCITY_CCUD_PLUGIN_VERSION', '2.0')
maybeExportVariable('DEVELOCITY_TERMS_OF_USE_URL', config.getBuildScanTermsOfUseUrl())
maybeExportVariable('DEVELOCITY_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree())
}
maybeExportVariableNotEmpty('DEVELOCITY_INJECTION_ENABLED', config.getDevelocityInjectionEnabled())
maybeExportVariableNotEmpty('DEVELOCITY_URL', config.getDevelocityUrl())
maybeExportVariableNotEmpty('DEVELOCITY_ALLOW_UNTRUSTED_SERVER', config.getDevelocityAllowUntrustedServer())
maybeExportVariableNotEmpty('DEVELOCITY_CAPTURE_FILE_FINGERPRINTS', config.getDevelocityCaptureFileFingerprints())
maybeExportVariableNotEmpty('DEVELOCITY_ENFORCE_URL', config.getDevelocityEnforceUrl())
maybeExportVariableNotEmpty('DEVELOCITY_PLUGIN_VERSION', config.getDevelocityPluginVersion())
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_URL', config.getGradlePluginRepositoryUrl())
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_USERNAME', config.getGradlePluginRepositoryUsername())
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_PASSWORD', config.getGradlePluginRepositoryPassword())
return setupToken(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry())
}
function maybeExportVariable(variableName: string, value: unknown): void {
if (!process.env[variableName]) {
core.exportVariable(variableName, value)
}
}
function maybeExportVariableNotEmpty(variableName: string, value: unknown): void {
if (value !== null && value !== undefined && value !== '') {
maybeExportVariable(variableName, value)
}
}

160
sources/src/develocity/short-lived-token.ts Normal file
View File

@@ -0,0 +1,160 @@
import * as httpm from 'typed-rest-client/HttpClient'
import * as core from '@actions/core'
import {BuildScanConfig} from '../configuration'
import {recordDeprecation} from '../deprecation-collector'
export async function setupToken(develocityAccessKey: string, develocityTokenExpiry: string): Promise<void> {
if (develocityAccessKey) {
try {
core.debug('Fetching short-lived token...')
const tokens = await getToken(develocityAccessKey, develocityTokenExpiry)
if (tokens != null && !tokens.isEmpty()) {
core.debug(`Got token(s), setting the access key env vars`)
const token = tokens.raw()
core.setSecret(token)
exportAccessKeyEnvVars(token)
} else {
handleMissingAccessToken()
}
} catch (e) {
handleMissingAccessToken()
core.warning(`Failed to fetch short-lived token, reason: ${e}`)
}
}
}
function exportAccessKeyEnvVars(value: string): void {
;[BuildScanConfig.DevelocityAccessKeyEnvVar, BuildScanConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key =>
core.exportVariable(key, value)
)
}
function handleMissingAccessToken(): void {
core.warning(`Failed to fetch short-lived token for Develocity`)
if (process.env[BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
// We do not clear the GRADLE_ENTERPRISE_ACCESS_KEY env var in v3, to let the users upgrade to DV 2024.1
recordDeprecation(`The ${BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`)
}
if (process.env[BuildScanConfig.DevelocityAccessKeyEnvVar]) {
core.warning(`The ${BuildScanConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`)
}
}
export async function getToken(accessKey: string, expiry: string): Promise<DevelocityAccessCredentials | null> {
const empty: Promise<DevelocityAccessCredentials | null> = new Promise(r => r(null))
const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey)
const shortLivedTokenClient = new ShortLivedTokenClient()
if (develocityAccessKey == null) {
return empty
}
const tokens = new Array<HostnameAccessKey>()
for (const k of develocityAccessKey.keys) {
try {
core.info(`Requesting short-lived Develocity access token for ${k.hostname}`)
const token = await shortLivedTokenClient.fetchToken(`https://${k.hostname}`, k, expiry)
tokens.push(token)
} catch (e) {
// Ignore failure to obtain token
core.info(`Failed to obtain short-lived Develocity access token for ${k.hostname}: ${e}`)
}
}
if (tokens.length > 0) {
return DevelocityAccessCredentials.of(tokens)
}
return empty
}
class ShortLivedTokenClient {
httpc = new httpm.HttpClient('gradle/actions/setup-gradle')
maxRetries = 3
retryInterval = 1000
async fetchToken(serverUrl: string, accessKey: HostnameAccessKey, expiry: string): Promise<HostnameAccessKey> {
const queryParams = expiry ? `?expiresInHours=${expiry}` : ''
const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl
const headers = {
'Content-Type': 'application/json',
Authorization: `Bearer ${accessKey.key}`
}
let attempts = 0
while (attempts < this.maxRetries) {
try {
const requestUrl = `${sanitizedServerUrl}api/auth/token${queryParams}`
core.debug(`Attempt ${attempts} to fetch short lived token at ${requestUrl}`)
const response = await this.httpc.post(requestUrl, '', headers)
if (response.message.statusCode === 200) {
const text = await response.readBody()
return new Promise<HostnameAccessKey>(resolve => resolve({hostname: accessKey.hostname, key: text}))
}
// This should be only 404
attempts++
if (attempts === this.maxRetries) {
return new Promise((resolve, reject) =>
reject(
new Error(
`Develocity short lived token request failed ${serverUrl} with status code ${response.message.statusCode}`
)
)
)
}
} catch (error) {
attempts++
if (attempts === this.maxRetries) {
return new Promise((resolve, reject) => reject(error))
}
}
await new Promise(resolve => setTimeout(resolve, this.retryInterval))
}
return new Promise((resolve, reject) => reject(new Error('Illegal state')))
}
}
type HostnameAccessKey = {
hostname: string
key: string
}
export class DevelocityAccessCredentials {
static readonly accessKeyRegexp = /^([^;=\s]+=\w+)(;[^;=\s]+=\w+)*$/
readonly keys: HostnameAccessKey[]
private constructor(allKeys: HostnameAccessKey[]) {
this.keys = allKeys
}
static of(allKeys: HostnameAccessKey[]): DevelocityAccessCredentials {
return new DevelocityAccessCredentials(allKeys)
}
private static readonly keyDelimiter = ';'
private static readonly hostDelimiter = '='
static parse(rawKey: string): DevelocityAccessCredentials | null {
if (!this.isValid(rawKey)) {
return null
}
return new DevelocityAccessCredentials(
rawKey.split(this.keyDelimiter).map(hostKey => {
const pair = hostKey.split(this.hostDelimiter)
return {hostname: pair[0], key: pair[1]}
})
)
}
isEmpty(): boolean {
return this.keys.length === 0
}
raw(): string {
return this.keys
.map(k => `${k.hostname}${DevelocityAccessCredentials.hostDelimiter}${k.key}`)
.join(DevelocityAccessCredentials.keyDelimiter)
}
private static isValid(allKeys: string): boolean {
return this.accessKeyRegexp.test(allKeys)
}
}

49
sources/src/errors.ts Normal file
View File

@@ -0,0 +1,49 @@
import * as core from '@actions/core'
export class JobFailure extends Error {
constructor(error: unknown) {
if (error instanceof Error) {
super(error.message)
this.name = error.name
this.stack = error.stack
} else {
super(String(error))
}
}
}
export function handleMainActionError(error: unknown): void {
if (error instanceof AggregateError) {
core.setFailed(`Multiple errors returned`)
for (const err of error.errors) {
core.error(`Error ${error.errors.indexOf(err)}: ${err.message}`)
if (err.stack) {
core.info(err.stack)
}
}
} else if (error instanceof JobFailure) {
core.setFailed(String(error))
if (error.stack) {
core.info(error.stack)
}
} else {
core.setFailed(String(error))
if (error instanceof Error && error.stack) {
core.info(error.stack)
}
}
}
export function handlePostActionError(error: unknown): void {
if (error instanceof JobFailure) {
core.setFailed(String(error))
if (error.stack) {
core.info(error.stack)
}
} else {
core.warning(`Unhandled error in Gradle post-action - job will continue: ${error}`)
if (error instanceof Error && error.stack) {
core.info(error.stack)
}
}
}

74
sources/src/execution/gradle.ts Normal file
View File

@@ -0,0 +1,74 @@
import * as core from '@actions/core'
import * as exec from '@actions/exec'
import which from 'which'
import * as semver from 'semver'
import * as provisioner from './provision'
import * as gradlew from './gradlew'
export async function provisionAndMaybeExecute(
gradleVersion: string,
buildRootDirectory: string,
args: string[]
): Promise<void> {
// Download and install Gradle if required
const executable = await provisioner.provisionGradle(gradleVersion)
// Only execute if arguments have been provided
if (args.length > 0) {
await executeGradleBuild(executable, buildRootDirectory, args)
}
}
async function executeGradleBuild(executable: string | undefined, root: string, args: string[]): Promise<void> {
// Use the provided executable, or look for a Gradle wrapper script to run
const toExecute = executable ?? gradlew.gradleWrapperScript(root)
const status: number = await exec.exec(toExecute, args, {
cwd: root,
ignoreReturnCode: true
})
if (status !== 0) {
core.setFailed(`Gradle build failed: see console output for details`)
}
}
export function versionIsAtLeast(actualVersion: string, requiredVersion: string): boolean {
const splitVersion = actualVersion.split('-')
const coreVersion = splitVersion[0]
const prerelease = splitVersion.length > 1
const actualSemver = semver.coerce(coreVersion)!
const comparisonSemver = semver.coerce(requiredVersion)!
if (prerelease) {
return semver.gt(actualSemver, comparisonSemver)
} else {
return semver.gte(actualSemver, comparisonSemver)
}
}
export async function findGradleVersionOnPath(): Promise<GradleExecutable | undefined> {
const gradleExecutable = await which('gradle', {nothrow: true})
if (gradleExecutable) {
const output = await exec.getExecOutput(gradleExecutable, ['-v'], {silent: true})
const version = parseGradleVersionFromOutput(output.stdout)
return version ? new GradleExecutable(version, gradleExecutable) : undefined
}
return undefined
}
export function parseGradleVersionFromOutput(output: string): string | undefined {
const regex = /Gradle (\d+\.\d+(\.\d+)?(-.*)?)/
const versionString = output.match(regex)?.[1]
return versionString
}
class GradleExecutable {
constructor(
readonly version: string,
readonly executable: string
) {}
}

46
sources/src/execution/gradlew.ts Normal file
View File

@@ -0,0 +1,46 @@
import * as core from '@actions/core'
import * as path from 'path'
import fs from 'fs'
const IS_WINDOWS = process.platform === 'win32'
export function wrapperScriptFilename(): string {
return IS_WINDOWS ? './gradlew.bat' : './gradlew'
}
export function installScriptFilename(): string {
return IS_WINDOWS ? 'gradle.bat' : 'gradle'
}
export function gradleWrapperScript(buildRootDirectory: string): string {
validateGradleWrapper(buildRootDirectory)
return wrapperScriptFilename()
}
function validateGradleWrapper(buildRootDirectory: string): void {
const wrapperScript = path.resolve(buildRootDirectory, wrapperScriptFilename())
verifyExists(wrapperScript, 'Gradle Wrapper script')
verifyIsExecutableScript(wrapperScript)
const wrapperProperties = path.resolve(buildRootDirectory, 'gradle/wrapper/gradle-wrapper.properties')
verifyExists(wrapperProperties, 'Gradle wrapper properties file')
}
function verifyExists(file: string, description: string): void {
if (!fs.existsSync(file)) {
throw new Error(
`Cannot locate ${description} at '${file}'. Specify 'gradle-version' for projects without Gradle wrapper configured.`
)
}
}
function verifyIsExecutableScript(toExecute: string): void {
try {
fs.accessSync(toExecute, fs.constants.X_OK)
} catch (err) {
core.warning(
`Gradle wrapper script '${toExecute}' is not executable. Action will set executable permission and continue.`
)
fs.chmodSync(toExecute, '755')
}
}

217
sources/src/execution/provision.ts Normal file
View File

@@ -0,0 +1,217 @@
import * as fs from 'fs'
import * as os from 'os'
import * as path from 'path'
import * as httpm from '@actions/http-client'
import * as core from '@actions/core'
import * as cache from '@actions/cache'
import * as toolCache from '@actions/tool-cache'
import {findGradleVersionOnPath, versionIsAtLeast} from './gradle'
import * as gradlew from './gradlew'
import {handleCacheFailure} from '../caching/cache-utils'
import {CacheConfig} from '../configuration'
const gradleVersionsBaseUrl = 'https://services.gradle.org/versions'
/**
* Install any configured version of Gradle, adding the executable to the PATH.
* @return Installed Gradle executable or undefined if no version configured.
*/
export async function provisionGradle(gradleVersion: string): Promise<string | undefined> {
if (gradleVersion !== '' && gradleVersion !== 'wrapper') {
return addToPath(await installGradle(gradleVersion))
}
return undefined
}
/**
* Ensure that the Gradle version on PATH is no older than the specified version.
* If the version on PATH is older, install the specified version and add it to the PATH.
* @return Installed Gradle executable or undefined if no version configured.
*/
export async function provisionGradleAtLeast(gradleVersion: string): Promise<string> {
const installedVersion = await installGradleVersionAtLeast(await gradleRelease(gradleVersion))
return addToPath(installedVersion)
}
async function addToPath(executable: string): Promise<string> {
core.addPath(path.dirname(executable))
return executable
}
async function installGradle(version: string): Promise<string> {
const versionInfo = await resolveGradleVersion(version)
core.setOutput('gradle-version', versionInfo.version)
return installGradleVersion(versionInfo)
}
async function resolveGradleVersion(version: string): Promise<GradleVersionInfo> {
switch (version) {
case 'current':
return gradleCurrent()
case 'rc':
core.warning(`Specifying gradle-version 'rc' has been deprecated. Use 'release-candidate' instead.`)
return gradleReleaseCandidate()
case 'release-candidate':
return gradleReleaseCandidate()
case 'nightly':
return gradleNightly()
case 'release-nightly':
return gradleReleaseNightly()
default:
return gradleRelease(version)
}
}
async function gradleCurrent(): Promise<GradleVersionInfo> {
return await gradleVersionDeclaration(`${gradleVersionsBaseUrl}/current`)
}
async function gradleReleaseCandidate(): Promise<GradleVersionInfo> {
const versionInfo = await gradleVersionDeclaration(`${gradleVersionsBaseUrl}/release-candidate`)
if (versionInfo && versionInfo.version && versionInfo.downloadUrl) {
return versionInfo
}
core.info('No current release-candidate found, will fallback to current')
return gradleCurrent()
}
async function gradleNightly(): Promise<GradleVersionInfo> {
return await gradleVersionDeclaration(`${gradleVersionsBaseUrl}/nightly`)
}
async function gradleReleaseNightly(): Promise<GradleVersionInfo> {
return await gradleVersionDeclaration(`${gradleVersionsBaseUrl}/release-nightly`)
}
async function gradleRelease(version: string): Promise<GradleVersionInfo> {
const versionInfo = await findGradleVersionDeclaration(version)
if (!versionInfo) {
throw new Error(`Gradle version ${version} does not exists`)
}
return versionInfo
}
async function gradleVersionDeclaration(url: string): Promise<GradleVersionInfo> {
return await httpGetGradleVersion(url)
}
async function findGradleVersionDeclaration(version: string): Promise<GradleVersionInfo | undefined> {
const gradleVersions = await httpGetGradleVersions(`${gradleVersionsBaseUrl}/all`)
return gradleVersions.find((entry: GradleVersionInfo) => {
return entry.version === version
})
}
async function installGradleVersion(versionInfo: GradleVersionInfo): Promise<string> {
return core.group(`Provision Gradle ${versionInfo.version}`, async () => {
const gradleOnPath = await findGradleVersionOnPath()
if (gradleOnPath?.version === versionInfo.version) {
core.info(`Gradle version ${versionInfo.version} is already available on PATH. Not installing.`)
return gradleOnPath.executable
}
return locateGradleAndDownloadIfRequired(versionInfo)
})
}
async function installGradleVersionAtLeast(versionInfo: GradleVersionInfo): Promise<string> {
return core.group(`Provision Gradle >= ${versionInfo.version}`, async () => {
const gradleOnPath = await findGradleVersionOnPath()
if (gradleOnPath && versionIsAtLeast(gradleOnPath.version, versionInfo.version)) {
core.info(
`Gradle version ${gradleOnPath.version} is available on PATH and >= ${versionInfo.version}. Not installing.`
)
return gradleOnPath.executable
}
return locateGradleAndDownloadIfRequired(versionInfo)
})
}
async function locateGradleAndDownloadIfRequired(versionInfo: GradleVersionInfo): Promise<string> {
const installsDir = path.join(getProvisionDir(), 'installs')
const installDir = path.join(installsDir, `gradle-${versionInfo.version}`)
if (fs.existsSync(installDir)) {
core.info(`Gradle installation already exists at ${installDir}`)
return executableFrom(installDir)
}
const downloadPath = await downloadAndCacheGradleDistribution(versionInfo)
await toolCache.extractZip(downloadPath, installsDir)
core.info(`Extracted Gradle ${versionInfo.version} to ${installDir}`)
const executable = executableFrom(installDir)
fs.chmodSync(executable, '755')
core.info(`Provisioned Gradle executable ${executable}`)
return executable
}
async function downloadAndCacheGradleDistribution(versionInfo: GradleVersionInfo): Promise<string> {
const downloadPath = path.join(getProvisionDir(), `downloads/gradle-${versionInfo.version}-bin.zip`)
// TODO: Convert this to a class and inject config
const cacheConfig = new CacheConfig()
if (cacheConfig.isCacheDisabled()) {
await downloadGradleDistribution(versionInfo, downloadPath)
return downloadPath
}
const cacheKey = `gradle-${versionInfo.version}`
try {
const restoreKey = await cache.restoreCache([downloadPath], cacheKey)
if (restoreKey) {
core.info(`Restored Gradle distribution ${cacheKey} from cache to ${downloadPath}`)
return downloadPath
}
} catch (error) {
handleCacheFailure(error, `Restore Gradle distribution ${versionInfo.version} failed`)
}
core.info(`Gradle distribution ${versionInfo.version} not found in cache. Will download.`)
await downloadGradleDistribution(versionInfo, downloadPath)
if (!cacheConfig.isCacheReadOnly()) {
try {
await cache.saveCache([downloadPath], cacheKey)
} catch (error) {
handleCacheFailure(error, `Save Gradle distribution ${versionInfo.version} failed`)
}
}
return downloadPath
}
function getProvisionDir(): string {
const tmpDir = process.env['RUNNER_TEMP'] ?? os.tmpdir()
return path.join(tmpDir, `.gradle-actions/gradle-installations`)
}
async function downloadGradleDistribution(versionInfo: GradleVersionInfo, downloadPath: string): Promise<void> {
await toolCache.downloadTool(versionInfo.downloadUrl, downloadPath)
core.info(`Downloaded ${versionInfo.downloadUrl} to ${downloadPath} (size ${fs.statSync(downloadPath).size})`)
}
function executableFrom(installDir: string): string {
return path.join(installDir, 'bin', `${gradlew.installScriptFilename()}`)
}
async function httpGetGradleVersion(url: string): Promise<GradleVersionInfo> {
return JSON.parse(await httpGetString(url))
}
async function httpGetGradleVersions(url: string): Promise<GradleVersionInfo[]> {
return JSON.parse(await httpGetString(url))
}
async function httpGetString(url: string): Promise<string> {
const httpClient = new httpm.HttpClient('gradle/actions')
const response = await httpClient.get(url)
return response.readBody()
}
interface GradleVersionInfo {
version: string
downloadUrl: string
}

201
sources/src/job-summary.ts Normal file
View File

@@ -0,0 +1,201 @@
import * as core from '@actions/core'
import * as github from '@actions/github'
import {RequestError} from '@octokit/request-error'
import {BuildResults, BuildResult} from './build-results'
import {SummaryConfig, getActionId, getGithubToken} from './configuration'
import {Deprecation, getDeprecations, getErrors} from './deprecation-collector'
export async function generateJobSummary(
buildResults: BuildResults,
cachingReport: string,
config: SummaryConfig
): Promise<void> {
const errors = renderErrors()
if (errors) {
core.summary.addRaw(errors)
await core.summary.write()
return
}
const summaryTable = renderSummaryTable(buildResults.results)
const hasFailure = buildResults.anyFailed()
if (config.shouldGenerateJobSummary(hasFailure)) {
core.info('Generating Job Summary')
core.summary.addRaw(summaryTable)
core.summary.addRaw(cachingReport)
await core.summary.write()
} else {
core.info('============================')
core.info(summaryTable)
core.info('============================')
core.info(cachingReport)
core.info('============================')
}
if (config.shouldAddPRComment(hasFailure)) {
await addPRComment(summaryTable)
}
}
async function addPRComment(jobSummary: string): Promise<void> {
const context = github.context
if (context.payload.pull_request == null) {
core.info('No pull_request trigger detected: not adding PR comment')
return
}
const pull_request_number = context.payload.pull_request.number
core.info(`Adding Job Summary as comment to PR #${pull_request_number}.`)
const prComment = `<h3>Job Summary for Gradle</h3>
<a href="${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}" target="_blank">
<h5>${context.workflow} :: <em>${context.job}</em></h5>
</a>
${jobSummary}`
const github_token = getGithubToken()
const octokit = github.getOctokit(github_token)
try {
await octokit.rest.issues.createComment({
...context.repo,
issue_number: pull_request_number,
body: prComment
})
} catch (error) {
if (error instanceof RequestError) {
core.warning(buildWarningMessage(error))
} else {
throw error
}
}
}
function buildWarningMessage(error: RequestError): string {
const mainWarning = `Failed to generate PR comment.\n${String(error)}`
if (error.message === 'Resource not accessible by integration') {
return `${mainWarning}
Please ensure that the 'pull-requests: write' permission is available for the workflow job.
Note that this permission is never available for a workflow triggered from a repository fork.
`
}
return mainWarning
}
export function renderSummaryTable(results: BuildResult[]): string {
return `${renderDeprecations()}\n${renderBuildResults(results)}`
}
function renderErrors(): string | undefined {
const errors = getErrors()
if (errors.length === 0) {
return undefined
}
return errors.map(error => `<b>:x: ${error}</b>`).join('\n')
}
function renderDeprecations(): string {
const deprecations = getDeprecations()
if (deprecations.length === 0) {
return ''
}
return `
<h4>Deprecation warnings</h4>
This job uses deprecated functionality from the <code>${getActionId()}</code> action. Follow the links for upgrade details.
<ul>
${deprecations.map(deprecation => `<li>${getDeprecationHtml(deprecation)}</li>`).join('')}
</ul>
<h4>Gradle Build Results</h4>`
}
function getDeprecationHtml(deprecation: Deprecation): string {
return `<a href="${deprecation.getDocumentationLink()}" target="_blank">${deprecation.message}</a>`
}
function renderBuildResults(results: BuildResult[]): string {
if (results.length === 0) {
return '<b>No Gradle build results detected.</b>'
}
return `
<table>
<tr>
<th>Gradle Root Project</th>
<th>Requested Tasks</th>
<th>Gradle Version</th>
<th>Build Outcome</th>
<th>Build&nbsp;Scan®</th>
</tr>${results.map(result => renderBuildResultRow(result)).join('')}
</table>
`
}
function renderBuildResultRow(result: BuildResult): string {
return `
<tr>
<td>${truncateString(result.rootProjectName, 30)}</td>
<td>${truncateString(result.requestedTasks, 60)}</td>
<td align='center'>${result.gradleVersion}</td>
<td align='center'>${renderOutcome(result)}</td>
<td>${renderBuildScan(result)}</td>
</tr>`
}
function renderOutcome(result: BuildResult): string {
return result.buildFailed ? ':x:' : ':white_check_mark:'
}
interface BadgeSpec {
text: string
alt: string
color: string
logo: boolean
targetUrl: string
}
function renderBuildScan(result: BuildResult): string {
if (result.buildScanFailed) {
return renderBuildScanBadge({
text: 'Publish failed',
alt: 'Build Scan publish failed',
color: 'orange',
logo: false,
targetUrl: 'https://docs.gradle.com/develocity/gradle-plugin/#troubleshooting'
})
}
if (result.buildScanUri) {
return renderBuildScanBadge({
text: 'Build Scan®',
alt: 'Build Scan published',
color: '06A0CE',
logo: true,
targetUrl: result.buildScanUri
})
}
return renderBuildScanBadge({
text: 'Not published',
alt: 'Build Scan not published',
color: 'lightgrey',
logo: false,
targetUrl: 'https://scans.gradle.com'
})
}
function renderBuildScanBadge({text, alt, color, logo, targetUrl}: BadgeSpec): string {
const encodedText = encodeURIComponent(text)
const badgeUrl = `https://img.shields.io/badge/${encodedText}-${color}${logo ? '?logo=Gradle' : ''}`
const badgeHtml = `<img src="${badgeUrl}" alt="${alt}" />`
return `<a href="${targetUrl}" rel="nofollow" target="_blank">${badgeHtml}</a>`
}
function truncateString(str: string, maxLength: number): string {
if (str.length > maxLength) {
return `<div title='${str}'>${str.slice(0, maxLength - 1)}…</div>`
} else {
return str
}
}

78
sources/src/resources/init-scripts/gradle-actions.build-result-capture-service.plugin.groovy Normal file
View File

@@ -0,0 +1,78 @@
import org.gradle.tooling.events.*
import org.gradle.tooling.events.task.*
import org.gradle.internal.operations.*
import org.gradle.initialization.*
import org.gradle.api.internal.tasks.execution.*
import org.gradle.execution.*
import org.gradle.internal.build.event.BuildEventListenerRegistryInternal
import org.gradle.util.GradleVersion
settingsEvaluated { settings ->
def projectTracker = gradle.sharedServices.registerIfAbsent("gradle-action-buildResultsRecorder", BuildResultsRecorder, { spec ->
spec.getParameters().getRootProjectName().set(settings.rootProject.name)
spec.getParameters().getRootProjectDir().set(settings.rootDir.absolutePath)
spec.getParameters().getRequestedTasks().set(gradle.startParameter.taskNames.join(" "))
spec.getParameters().getGradleHomeDir().set(gradle.gradleHomeDir.absolutePath)
spec.getParameters().getInvocationId().set(gradle.ext.invocationId)
})
gradle.services.get(BuildEventListenerRegistryInternal).onOperationCompletion(projectTracker)
}
abstract class BuildResultsRecorder implements BuildService<BuildResultsRecorder.Params>, BuildOperationListener, AutoCloseable {
private boolean buildFailed = false
private boolean configCacheHit = true
interface Params extends BuildServiceParameters {
Property<String> getRootProjectName()
Property<String> getRootProjectDir()
Property<String> getRequestedTasks()
Property<String> getGradleHomeDir()
Property<String> getInvocationId()
}
void started(BuildOperationDescriptor buildOperation, OperationStartEvent startEvent) {}
void progress(OperationIdentifier operationIdentifier, OperationProgressEvent progressEvent) {}
void finished(BuildOperationDescriptor buildOperation, OperationFinishEvent finishEvent) {
if (buildOperation.details in EvaluateSettingsBuildOperationType.Details) {
// Got EVALUATE SETTINGS event: not a config-cache hit"
configCacheHit = false
}
if (buildOperation.details in RunRootBuildWorkBuildOperationType.Details) {
if (finishEvent.failure != null) {
buildFailed = true
}
}
}
@Override
public void close() {
def buildResults = [
rootProjectName: getParameters().getRootProjectName().get(),
rootProjectDir: getParameters().getRootProjectDir().get(),
requestedTasks: getParameters().getRequestedTasks().get(),
gradleVersion: GradleVersion.current().version,
gradleHomeDir: getParameters().getGradleHomeDir().get(),
buildFailed: buildFailed,
configCacheHit: configCacheHit
]
def runnerTempDir = System.getProperty("RUNNER_TEMP") ?: System.getenv("RUNNER_TEMP")
def githubActionStep = System.getProperty("GITHUB_ACTION") ?: System.getenv("GITHUB_ACTION")
if (!runnerTempDir || !githubActionStep) {
return
}
try {
def buildResultsDir = new File(runnerTempDir, ".gradle-actions/build-results")
buildResultsDir.mkdirs()
def buildResultsFile = new File(buildResultsDir, githubActionStep + getParameters().getInvocationId().get() + ".json")
if (!buildResultsFile.exists()) {
buildResultsFile << groovy.json.JsonOutput.toJson(buildResults)
}
} catch (Exception e) {
println "\ngradle action failed to write build-results file. Will continue.\n> ${e.getLocalizedMessage()}"
}
}
}

135
sources/src/resources/init-scripts/gradle-actions.build-result-capture.init.gradle Normal file
View File

@@ -0,0 +1,135 @@
/*
* Capture information for each executed Gradle build to display in the job summary.
*/
import org.gradle.util.GradleVersion
def BUILD_SCAN_PLUGIN_ID = "com.gradle.build-scan"
def BUILD_SCAN_EXTENSION = "buildScan"
def DEVELOCITY_PLUGIN_ID = "com.gradle.develocity"
def DEVELOCITY_EXTENSION = "develocity"
def GE_PLUGIN_ID = "com.gradle.enterprise"
def GE_EXTENSION = "gradleEnterprise"
// Only run against root build. Do not run against included builds.
def isTopLevelBuild = gradle.getParent() == null
if (isTopLevelBuild) {
def resultsWriter = new ResultsWriter()
def version = GradleVersion.current().baseVersion
def atLeastGradle3 = version >= GradleVersion.version("3.0")
def atLeastGradle6 = version >= GradleVersion.version("6.0")
def invocationId = "-${System.currentTimeMillis()}"
if (atLeastGradle6) {
// By default, use standard mechanisms to capture build results
def useBuildService = version >= GradleVersion.version("6.6")
if (useBuildService) {
captureUsingBuildService(invocationId)
} else {
captureUsingBuildFinished(gradle, invocationId, resultsWriter)
}
// Use the Develocity plugin to also capture build scan links, when available
settingsEvaluated { settings ->
settings.pluginManager.withPlugin(GE_PLUGIN_ID) {
// Only execute if develocity plugin isn't applied.
if (!settings.extensions.findByName(DEVELOCITY_EXTENSION)) {
captureUsingBuildScanPublished(settings.extensions[GE_EXTENSION].buildScan, invocationId, resultsWriter)
}
}
settings.pluginManager.withPlugin(DEVELOCITY_PLUGIN_ID) {
captureUsingBuildScanPublished(settings.extensions[DEVELOCITY_EXTENSION].buildScan, invocationId, resultsWriter)
}
}
} else if (atLeastGradle3) {
projectsEvaluated { gradle ->
// By default, use 'buildFinished' to capture build results
captureUsingBuildFinished(gradle, invocationId, resultsWriter)
gradle.rootProject.pluginManager.withPlugin(BUILD_SCAN_PLUGIN_ID) {
// Only execute if develocity plugin isn't applied.
if (!gradle.rootProject.extensions.findByName(DEVELOCITY_EXTENSION)) {
captureUsingBuildScanPublished(gradle.rootProject.extensions[BUILD_SCAN_EXTENSION], invocationId, resultsWriter)
}
}
gradle.rootProject.pluginManager.withPlugin(DEVELOCITY_PLUGIN_ID) {
captureUsingBuildScanPublished(gradle.rootProject.extensions[DEVELOCITY_EXTENSION].buildScan, invocationId, resultsWriter)
}
}
}
}
def captureUsingBuildService(invocationId) {
gradle.ext.invocationId = invocationId
apply from: 'gradle-actions.build-result-capture-service.plugin.groovy'
}
void captureUsingBuildFinished(gradle, String invocationId, ResultsWriter resultsWriter) {
gradle.buildFinished { result ->
println "Got buildFinished: ${result}"
def buildResults = [
rootProjectName: rootProject.name,
rootProjectDir: rootProject.projectDir.absolutePath,
requestedTasks: gradle.startParameter.taskNames.join(" "),
gradleVersion: GradleVersion.current().version,
gradleHomeDir: gradle.gradleHomeDir.absolutePath,
buildFailed: result.failure != null,
configCacheHit: false
]
resultsWriter.writeToResultsFile("build-results", invocationId, buildResults)
}
}
// The `buildScanPublished` hook allows the capture of the Build Scan URI.
// Results captured this way will overwrite any results from 'buildFinished'.
void captureUsingBuildScanPublished(buildScanExtension, String invocationId, ResultsWriter resultsWriter) {
buildScanExtension.with {
buildScanPublished { buildScan ->
def scanResults = [
buildScanUri: buildScan.buildScanUri.toASCIIString(),
buildScanFailed: false
]
resultsWriter.writeToResultsFile("build-scans", invocationId, scanResults)
def githubOutput = System.getenv("GITHUB_OUTPUT")
if (githubOutput) {
new File(githubOutput) << "build-scan-url=${buildScan.buildScanUri}\n"
} else {
// Retained for compatibility with older GHES versions
println("::set-output name=build-scan-url::${buildScan.buildScanUri}")
}
}
onError { error ->
def scanResults = [
buildScanUri: null,
buildScanFailed: true
]
resultsWriter.writeToResultsFile("build-scans", invocationId, scanResults)
}
}
}
class ResultsWriter {
void writeToResultsFile(String subDir, String invocationId, def content) {
def runnerTempDir = System.getProperty("RUNNER_TEMP") ?: System.getenv("RUNNER_TEMP")
def githubActionStep = System.getProperty("GITHUB_ACTION") ?: System.getenv("GITHUB_ACTION")
if (!runnerTempDir || !githubActionStep) {
return
}
try {
def buildResultsDir = new File(runnerTempDir, ".gradle-actions/${subDir}")
buildResultsDir.mkdirs()
def buildResultsFile = new File(buildResultsDir, githubActionStep + invocationId + ".json")
if (!buildResultsFile.exists()) {
buildResultsFile << groovy.json.JsonOutput.toJson(content)
}
} catch (Exception e) {
println "\ngradle action failed to write build-results file. Will continue.\n> ${e.getLocalizedMessage()}"
}
}
}

32
sources/src/resources/init-scripts/gradle-actions.github-dependency-graph-gradle-plugin-apply.groovy Normal file
View File

@@ -0,0 +1,32 @@
buildscript {
def getInputParam = { String name ->
def envVarName = name.toUpperCase().replace('.', '_').replace('-', '_')
return System.getProperty(name) ?: System.getenv(envVarName)
}
def pluginRepositoryUrl = getInputParam('gradle.plugin-repository.url') ?: 'https://plugins.gradle.org/m2'
def pluginRepositoryUsername = getInputParam('gradle.plugin-repository.username')
def pluginRepositoryPassword = getInputParam('gradle.plugin-repository.password')
def dependencyGraphPluginVersion = getInputParam('dependency-graph-plugin.version') ?: '1.3.1'
logger.lifecycle("Resolving dependency graph plugin ${dependencyGraphPluginVersion} from plugin repository: ${pluginRepositoryUrl}")
repositories {
maven {
url pluginRepositoryUrl
if (pluginRepositoryUsername && pluginRepositoryPassword) {
logger.lifecycle("Applying credentials for plugin repository: ${pluginRepositoryUrl}")
credentials {
username(pluginRepositoryUsername)
password(pluginRepositoryPassword)
}
authentication {
basic(BasicAuthentication)
}
}
}
}
dependencies {
classpath "org.gradle:github-dependency-graph-gradle-plugin:${dependencyGraphPluginVersion}"
}
}
apply plugin: org.gradle.github.GitHubDependencyGraphPlugin

65
sources/src/resources/init-scripts/gradle-actions.github-dependency-graph.init.gradle Normal file
View File

@@ -0,0 +1,65 @@
import org.gradle.util.GradleVersion
// Only run when dependency graph is explicitly enabled
if (getVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED') != "true") {
return
}
// Do not run for unsupported versions of Gradle
def gradleVersion = GradleVersion.current().baseVersion
if (gradleVersion < GradleVersion.version("5.2") ||
(gradleVersion >= GradleVersion.version("7.0") && gradleVersion < GradleVersion.version("7.1"))) {
if (getVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE') != "true") {
throw new GradleException("Dependency Graph is not supported for ${gradleVersion}. No dependency snapshot will be generated.")
}
logger.warn("::warning::Dependency Graph is not supported for ${gradleVersion}. No dependency snapshot will be generated.")
return
}
// Attempt to find a unique job correlator to use based on the environment variable
// This is only required for top-level builds
def isTopLevelBuild = gradle.getParent() == null
if (isTopLevelBuild) {
def reportFile = getUniqueReportFile(getVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR'))
if (reportFile == null) {
logger.warn("::warning::No dependency snapshot generated for step. Could not determine unique job correlator - specify GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR var for this step.")
return
}
logger.lifecycle("Generating dependency graph into '${reportFile}'")
}
apply from: 'gradle-actions.github-dependency-graph-gradle-plugin-apply.groovy'
/**
* Using the supplied jobCorrelator value:
* - Checks if report file already exists
* - If so, tries to find a unique value that does not yet have a corresponding report file.
* - When found, this value is set as a System property override.
*/
File getUniqueReportFile(String jobCorrelator) {
def reportDir = getVariable('DEPENDENCY_GRAPH_REPORT_DIR')
def reportFile = new File(reportDir, jobCorrelator + ".json")
if (!reportFile.exists()) return reportFile
// Try at most 100 suffixes
for (int i = 1; i < 100; i++) {
def candidateCorrelator = jobCorrelator + "-" + i
def candidateFile = new File(reportDir, candidateCorrelator + ".json")
if (!candidateFile.exists()) {
System.properties['GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR'] = candidateCorrelator
return candidateFile
}
}
// Could not determine unique job correlator
return null
}
/**
* Return the environment variable value, or equivalent system property (if set)
*/
String getVariable(String name) {
return System.properties[name] ?: System.getenv(name)
}

414
sources/src/resources/init-scripts/gradle-actions.inject-develocity.init.gradle Normal file
View File

@@ -0,0 +1,414 @@
/*
* Initscript for injection of Develocity into Gradle builds.
* Version: v1.0
*/
import org.gradle.util.GradleVersion
initscript {
// NOTE: there is no mechanism to share code between the initscript{} block and the main script, so some logic is duplicated
def isTopLevelBuild = !gradle.parent
if (!isTopLevelBuild) {
return
}
def getInputParam = { String name ->
def ENV_VAR_PREFIX = ''
def envVarName = ENV_VAR_PREFIX + name.toUpperCase().replace('.', '_').replace('-', '_')
return System.getProperty(name) ?: System.getenv(envVarName)
}
def requestedInitScriptName = getInputParam('develocity.injection.init-script-name')
def initScriptName = buildscript.sourceFile.name
if (requestedInitScriptName != initScriptName) {
return
}
// Plugin loading is only required for Develocity injection. Abort early if not enabled.
def develocityInjectionEnabled = Boolean.parseBoolean(getInputParam("develocity.injection-enabled"))
if (!develocityInjectionEnabled) {
return
}
def pluginRepositoryUrl = getInputParam('gradle.plugin-repository.url')
def pluginRepositoryUsername = getInputParam('gradle.plugin-repository.username')
def pluginRepositoryPassword = getInputParam('gradle.plugin-repository.password')
def develocityPluginVersion = getInputParam('develocity.plugin.version')
def ccudPluginVersion = getInputParam('develocity.ccud-plugin.version')
def atLeastGradle5 = GradleVersion.current() >= GradleVersion.version('5.0')
def atLeastGradle4 = GradleVersion.current() >= GradleVersion.version('4.0')
if (develocityPluginVersion || ccudPluginVersion && atLeastGradle4) {
pluginRepositoryUrl = pluginRepositoryUrl ?: 'https://plugins.gradle.org/m2'
logger.lifecycle("Develocity plugins resolution: $pluginRepositoryUrl")
repositories {
maven {
url pluginRepositoryUrl
if (pluginRepositoryUsername && pluginRepositoryPassword) {
logger.lifecycle("Using credentials for plugin repository")
credentials {
username(pluginRepositoryUsername)
password(pluginRepositoryPassword)
}
authentication {
basic(BasicAuthentication)
}
}
}
}
}
dependencies {
if (develocityPluginVersion) {
if (atLeastGradle5) {
if (GradleVersion.version(develocityPluginVersion) >= GradleVersion.version("3.17")) {
classpath "com.gradle:develocity-gradle-plugin:$develocityPluginVersion"
} else {
classpath "com.gradle:gradle-enterprise-gradle-plugin:$develocityPluginVersion"
}
} else {
classpath "com.gradle:build-scan-plugin:1.16"
}
}
if (ccudPluginVersion && atLeastGradle4) {
classpath "com.gradle:common-custom-user-data-gradle-plugin:$ccudPluginVersion"
}
}
}
static getInputParam(String name) {
def ENV_VAR_PREFIX = ''
def envVarName = ENV_VAR_PREFIX + name.toUpperCase().replace('.', '_').replace('-', '_')
return System.getProperty(name) ?: System.getenv(envVarName)
}
def isTopLevelBuild = !gradle.parent
if (!isTopLevelBuild) {
return
}
def requestedInitScriptName = getInputParam('develocity.injection.init-script-name')
def initScriptName = buildscript.sourceFile.name
if (requestedInitScriptName != initScriptName) {
logger.quiet("Ignoring init script '${initScriptName}' as requested name '${requestedInitScriptName}' does not match")
return
}
def develocityInjectionEnabled = Boolean.parseBoolean(getInputParam("develocity.injection-enabled"))
if (develocityInjectionEnabled) {
enableDevelocityInjection()
}
// To enable build-scan capture, a `captureBuildScanLink(String)` method must be added to `BuildScanCollector`.
def buildScanCollector = new BuildScanCollector()
def buildScanCaptureEnabled = buildScanCollector.metaClass.respondsTo(buildScanCollector, 'captureBuildScanLink', String)
if (buildScanCaptureEnabled) {
enableBuildScanLinkCapture(buildScanCollector)
}
void enableDevelocityInjection() {
def BUILD_SCAN_PLUGIN_ID = 'com.gradle.build-scan'
def BUILD_SCAN_PLUGIN_CLASS = 'com.gradle.scan.plugin.BuildScanPlugin'
def GRADLE_ENTERPRISE_PLUGIN_ID = 'com.gradle.enterprise'
def GRADLE_ENTERPRISE_PLUGIN_CLASS = 'com.gradle.enterprise.gradleplugin.GradleEnterprisePlugin'
def DEVELOCITY_PLUGIN_ID = 'com.gradle.develocity'
def DEVELOCITY_PLUGIN_CLASS = 'com.gradle.develocity.agent.gradle.DevelocityPlugin'
def CI_AUTO_INJECTION_CUSTOM_VALUE_NAME = 'CI auto injection'
def CCUD_PLUGIN_ID = 'com.gradle.common-custom-user-data-gradle-plugin'
def CCUD_PLUGIN_CLASS = 'com.gradle.CommonCustomUserDataGradlePlugin'
def develocityUrl = getInputParam('develocity.url')
def develocityAllowUntrustedServer = Boolean.parseBoolean(getInputParam('develocity.allow-untrusted-server'))
def develocityEnforceUrl = Boolean.parseBoolean(getInputParam('develocity.enforce-url'))
def buildScanUploadInBackground = Boolean.parseBoolean(getInputParam('develocity.build-scan.upload-in-background'))
def develocityCaptureFileFingerprints = getInputParam('develocity.capture-file-fingerprints') ? Boolean.parseBoolean(getInputParam('develocity.capture-file-fingerprints')) : true
def develocityPluginVersion = getInputParam('develocity.plugin.version')
def ccudPluginVersion = getInputParam('develocity.ccud-plugin.version')
def buildScanTermsOfUseUrl = getInputParam('develocity.terms-of-use.url')
def buildScanTermsOfUseAgree = getInputParam('develocity.terms-of-use.agree')
def ciAutoInjectionCustomValueValue = getInputParam('develocity.auto-injection.custom-value')
def atLeastGradle5 = GradleVersion.current() >= GradleVersion.version('5.0')
def atLeastGradle4 = GradleVersion.current() >= GradleVersion.version('4.0')
def shouldApplyDevelocityPlugin = atLeastGradle5 && develocityPluginVersion && isAtLeast(develocityPluginVersion, '3.17')
def dvOrGe = { def dvValue, def geValue ->
if (shouldApplyDevelocityPlugin) {
return dvValue instanceof Closure<?> ? dvValue() : dvValue
}
return geValue instanceof Closure<?> ? geValue() : geValue
}
// finish early if configuration parameters passed in via system properties are not valid/supported
if (ccudPluginVersion && isNotAtLeast(ccudPluginVersion, '1.7')) {
logger.warn("Common Custom User Data Gradle plugin must be at least 1.7. Configured version is $ccudPluginVersion.")
return
}
// Conditionally apply and configure the Develocity plugin
if (GradleVersion.current() < GradleVersion.version('6.0')) {
rootProject {
buildscript.configurations.getByName("classpath").incoming.afterResolve { ResolvableDependencies incoming ->
def resolutionResult = incoming.resolutionResult
if (develocityPluginVersion) {
def scanPluginComponent = resolutionResult.allComponents.find {
it.moduleVersion.with { group == "com.gradle" && ['build-scan-plugin', 'gradle-enterprise-gradle-plugin', 'develocity-gradle-plugin'].contains(name) }
}
if (!scanPluginComponent) {
def pluginClass = dvOrGe(DEVELOCITY_PLUGIN_CLASS, BUILD_SCAN_PLUGIN_CLASS)
logger.lifecycle("Applying $pluginClass via init script")
applyPluginExternally(pluginManager, pluginClass)
def rootExtension = dvOrGe(
{ develocity },
{ buildScan }
)
def buildScanExtension = dvOrGe(
{ rootExtension.buildScan },
{ rootExtension }
)
if (develocityUrl) {
logger.lifecycle("Connection to Develocity: $develocityUrl, allowUntrustedServer: $develocityAllowUntrustedServer, captureFileFingerprints: $develocityCaptureFileFingerprints")
rootExtension.server = develocityUrl
rootExtension.allowUntrustedServer = develocityAllowUntrustedServer
}
if (!shouldApplyDevelocityPlugin) {
// Develocity plugin publishes scans by default
buildScanExtension.publishAlways()
}
// uploadInBackground not available for build-scan-plugin 1.16
if (buildScanExtension.metaClass.respondsTo(buildScanExtension, 'setUploadInBackground', Boolean)) buildScanExtension.uploadInBackground = buildScanUploadInBackground
buildScanExtension.value CI_AUTO_INJECTION_CUSTOM_VALUE_NAME, ciAutoInjectionCustomValueValue
if (isAtLeast(develocityPluginVersion, '2.1') && atLeastGradle5) {
logger.lifecycle("Setting captureFileFingerprints: $develocityCaptureFileFingerprints")
if (isAtLeast(develocityPluginVersion, '3.17')) {
buildScanExtension.capture.fileFingerprints.set(develocityCaptureFileFingerprints)
} else if (isAtLeast(develocityPluginVersion, '3.7')) {
buildScanExtension.capture.taskInputFiles = develocityCaptureFileFingerprints
} else {
buildScanExtension.captureTaskInputFiles = develocityCaptureFileFingerprints
}
}
}
if (develocityUrl && develocityEnforceUrl) {
logger.lifecycle("Enforcing Develocity: $develocityUrl, allowUntrustedServer: $develocityAllowUntrustedServer, captureFileFingerprints: $develocityCaptureFileFingerprints")
}
pluginManager.withPlugin(BUILD_SCAN_PLUGIN_ID) {
// Only execute if develocity plugin isn't applied.
if (gradle.rootProject.extensions.findByName("develocity")) return
afterEvaluate {
if (develocityUrl && develocityEnforceUrl) {
buildScan.server = develocityUrl
buildScan.allowUntrustedServer = develocityAllowUntrustedServer
}
}
if (buildScanTermsOfUseUrl && buildScanTermsOfUseAgree) {
buildScan.termsOfServiceUrl = buildScanTermsOfUseUrl
buildScan.termsOfServiceAgree = buildScanTermsOfUseAgree
}
}
pluginManager.withPlugin(DEVELOCITY_PLUGIN_ID) {
afterEvaluate {
if (develocityUrl && develocityEnforceUrl) {
develocity.server = develocityUrl
develocity.allowUntrustedServer = develocityAllowUntrustedServer
}
}
if (buildScanTermsOfUseUrl && buildScanTermsOfUseAgree) {
develocity.buildScan.termsOfUseUrl = buildScanTermsOfUseUrl
develocity.buildScan.termsOfUseAgree = buildScanTermsOfUseAgree
}
}
}
if (ccudPluginVersion && atLeastGradle4) {
def ccudPluginComponent = resolutionResult.allComponents.find {
it.moduleVersion.with { group == "com.gradle" && name == "common-custom-user-data-gradle-plugin" }
}
if (!ccudPluginComponent) {
logger.lifecycle("Applying $CCUD_PLUGIN_CLASS via init script")
pluginManager.apply(initscript.classLoader.loadClass(CCUD_PLUGIN_CLASS))
}
}
}
}
} else {
gradle.settingsEvaluated { settings ->
if (develocityPluginVersion) {
if (!settings.pluginManager.hasPlugin(GRADLE_ENTERPRISE_PLUGIN_ID) && !settings.pluginManager.hasPlugin(DEVELOCITY_PLUGIN_ID)) {
def pluginClass = dvOrGe(DEVELOCITY_PLUGIN_CLASS, GRADLE_ENTERPRISE_PLUGIN_CLASS)
logger.lifecycle("Applying $pluginClass via init script")
applyPluginExternally(settings.pluginManager, pluginClass)
if (develocityUrl) {
logger.lifecycle("Connection to Develocity: $develocityUrl, allowUntrustedServer: $develocityAllowUntrustedServer, captureFileFingerprints: $develocityCaptureFileFingerprints")
eachDevelocitySettingsExtension(settings) { ext ->
ext.server = develocityUrl
ext.allowUntrustedServer = develocityAllowUntrustedServer
}
}
eachDevelocitySettingsExtension(settings) { ext ->
ext.buildScan.uploadInBackground = buildScanUploadInBackground
ext.buildScan.value CI_AUTO_INJECTION_CUSTOM_VALUE_NAME, ciAutoInjectionCustomValueValue
}
eachDevelocitySettingsExtension(settings,
{ develocity ->
logger.lifecycle("Setting captureFileFingerprints: $develocityCaptureFileFingerprints")
develocity.buildScan.capture.fileFingerprints = develocityCaptureFileFingerprints
},
{ gradleEnterprise ->
gradleEnterprise.buildScan.publishAlways()
if (isAtLeast(develocityPluginVersion, '2.1')) {
logger.lifecycle("Setting captureFileFingerprints: $develocityCaptureFileFingerprints")
if (isAtLeast(develocityPluginVersion, '3.7')) {
gradleEnterprise.buildScan.capture.taskInputFiles = develocityCaptureFileFingerprints
} else {
gradleEnterprise.buildScan.captureTaskInputFiles = develocityCaptureFileFingerprints
}
}
}
)
}
if (develocityUrl && develocityEnforceUrl) {
logger.lifecycle("Enforcing Develocity: $develocityUrl, allowUntrustedServer: $develocityAllowUntrustedServer, captureFileFingerprints: $develocityCaptureFileFingerprints")
}
eachDevelocitySettingsExtension(settings,
{ develocity ->
if (develocityUrl && develocityEnforceUrl) {
develocity.server = develocityUrl
develocity.allowUntrustedServer = develocityAllowUntrustedServer
}
if (buildScanTermsOfUseUrl && buildScanTermsOfUseAgree) {
develocity.buildScan.termsOfUseUrl = buildScanTermsOfUseUrl
develocity.buildScan.termsOfUseAgree = buildScanTermsOfUseAgree
}
},
{ gradleEnterprise ->
if (develocityUrl && develocityEnforceUrl) {
gradleEnterprise.server = develocityUrl
gradleEnterprise.allowUntrustedServer = develocityAllowUntrustedServer
}
if (buildScanTermsOfUseUrl && buildScanTermsOfUseAgree) {
gradleEnterprise.buildScan.termsOfServiceUrl = buildScanTermsOfUseUrl
gradleEnterprise.buildScan.termsOfServiceAgree = buildScanTermsOfUseAgree
}
}
)
}
if (ccudPluginVersion) {
if (!settings.pluginManager.hasPlugin(CCUD_PLUGIN_ID)) {
logger.lifecycle("Applying $CCUD_PLUGIN_CLASS via init script")
settings.pluginManager.apply(initscript.classLoader.loadClass(CCUD_PLUGIN_CLASS))
}
}
}
}
}
void applyPluginExternally(def pluginManager, String pluginClassName) {
def externallyApplied = 'develocity.externally-applied'
def externallyAppliedDeprecated = 'gradle.enterprise.externally-applied'
def oldValue = System.getProperty(externallyApplied)
def oldValueDeprecated = System.getProperty(externallyAppliedDeprecated)
System.setProperty(externallyApplied, 'true')
System.setProperty(externallyAppliedDeprecated, 'true')
try {
pluginManager.apply(initscript.classLoader.loadClass(pluginClassName))
} finally {
if (oldValue == null) {
System.clearProperty(externallyApplied)
} else {
System.setProperty(externallyApplied, oldValue)
}
if (oldValueDeprecated == null) {
System.clearProperty(externallyAppliedDeprecated)
} else {
System.setProperty(externallyAppliedDeprecated, oldValueDeprecated)
}
}
}
/**
* Apply the `dvAction` to all 'develocity' extensions.
* If no 'develocity' extensions are found, apply the `geAction` to all 'gradleEnterprise' extensions.
* (The develocity plugin creates both extensions, and we want to prefer configuring 'develocity').
*/
static def eachDevelocitySettingsExtension(def settings, def dvAction, def geAction = dvAction) {
def GRADLE_ENTERPRISE_EXTENSION_CLASS = 'com.gradle.enterprise.gradleplugin.GradleEnterpriseExtension'
def DEVELOCITY_CONFIGURATION_CLASS = 'com.gradle.develocity.agent.gradle.DevelocityConfiguration'
def dvExtensions = settings.extensions.extensionsSchema.elements
.findAll { it.publicType.concreteClass.name == DEVELOCITY_CONFIGURATION_CLASS }
.collect { settings[it.name] }
if (!dvExtensions.empty) {
dvExtensions.each(dvAction)
} else {
def geExtensions = settings.extensions.extensionsSchema.elements
.findAll { it.publicType.concreteClass.name == GRADLE_ENTERPRISE_EXTENSION_CLASS }
.collect { settings[it.name] }
geExtensions.each(geAction)
}
}
static boolean isAtLeast(String versionUnderTest, String referenceVersion) {
GradleVersion.version(versionUnderTest) >= GradleVersion.version(referenceVersion)
}
static boolean isNotAtLeast(String versionUnderTest, String referenceVersion) {
!isAtLeast(versionUnderTest, referenceVersion)
}
void enableBuildScanLinkCapture(BuildScanCollector collector) {
def BUILD_SCAN_PLUGIN_ID = 'com.gradle.build-scan'
def DEVELOCITY_PLUGIN_ID = 'com.gradle.develocity'
// Conditionally apply and configure the Develocity plugin
if (GradleVersion.current() < GradleVersion.version('6.0')) {
rootProject {
pluginManager.withPlugin(BUILD_SCAN_PLUGIN_ID) {
// Only execute if develocity plugin isn't applied.
if (gradle.rootProject.extensions.findByName("develocity")) return
buildScanPublishedAction(buildScan, collector)
}
pluginManager.withPlugin(DEVELOCITY_PLUGIN_ID) {
buildScanPublishedAction(develocity.buildScan, collector)
}
}
} else {
gradle.settingsEvaluated { settings ->
eachDevelocitySettingsExtension(settings) { ext ->
buildScanPublishedAction(ext.buildScan, collector)
}
}
}
}
// Action will only be called if a `BuildScanCollector.captureBuildScanLink` method is present.
// Add `void captureBuildScanLink(String) {}` to the `BuildScanCollector` class to respond to buildScanPublished events
static buildScanPublishedAction(def buildScanExtension, BuildScanCollector collector) {
if (buildScanExtension.metaClass.respondsTo(buildScanExtension, 'buildScanPublished', Action)) {
buildScanExtension.buildScanPublished { scan ->
collector.captureBuildScanLink(scan.buildScanUri.toString())
}
}
}
class BuildScanCollector {}

129
sources/src/setup-gradle.ts Normal file
View File

@@ -0,0 +1,129 @@
import * as core from '@actions/core'
import * as exec from '@actions/exec'
import * as fs from 'fs'
import * as path from 'path'
import * as os from 'os'
import * as caches from './caching/caches'
import * as jobSummary from './job-summary'
import * as buildScan from './develocity/build-scan'
import {loadBuildResults, markBuildResultsProcessed} from './build-results'
import {CacheListener, generateCachingReport} from './caching/cache-reporting'
import {DaemonController} from './daemon-controller'
import {
BuildScanConfig,
CacheConfig,
SummaryConfig,
WrapperValidationConfig,
getWorkspaceDirectory
} from './configuration'
import * as wrapperValidator from './wrapper-validation/wrapper-validator'
const GRADLE_SETUP_VAR = 'GRADLE_BUILD_ACTION_SETUP_COMPLETED'
const USER_HOME = 'USER_HOME'
const GRADLE_USER_HOME = 'GRADLE_USER_HOME'
const CACHE_LISTENER = 'CACHE_LISTENER'
export async function setup(
cacheConfig: CacheConfig,
buildScanConfig: BuildScanConfig,
wrapperValidationConfig: WrapperValidationConfig
): Promise<boolean> {
const userHome = await determineUserHome()
const gradleUserHome = await determineGradleUserHome()
// Bypass setup on all but first action step in workflow.
if (process.env[GRADLE_SETUP_VAR]) {
core.info('Gradle setup only performed on first gradle/actions step in workflow.')
return false
}
// Record setup complete: visible to all subsequent actions and prevents duplicate setup
core.exportVariable(GRADLE_SETUP_VAR, true)
// Record setup complete: visible in post-action, to control action completion
core.saveState(GRADLE_SETUP_VAR, true)
// Save the User Home and Gradle User Home for use in the post-action step.
core.saveState(USER_HOME, userHome)
core.saveState(GRADLE_USER_HOME, gradleUserHome)
const cacheListener = new CacheListener()
await caches.restore(userHome, gradleUserHome, cacheListener, cacheConfig)
core.saveState(CACHE_LISTENER, cacheListener.stringify())
await wrapperValidator.validateWrappers(wrapperValidationConfig, getWorkspaceDirectory(), gradleUserHome)
await buildScan.setup(buildScanConfig)
return true
}
export async function complete(cacheConfig: CacheConfig, summaryConfig: SummaryConfig): Promise<boolean> {
if (!core.getState(GRADLE_SETUP_VAR)) {
core.info('Gradle setup post-action only performed for first gradle/actions step in workflow.')
return false
}
core.info('In post-action step')
const buildResults = loadBuildResults()
const userHome = core.getState(USER_HOME)
const gradleUserHome = core.getState(GRADLE_USER_HOME)
const cacheListener: CacheListener = CacheListener.rehydrate(core.getState(CACHE_LISTENER))
const daemonController = new DaemonController(buildResults)
await caches.save(userHome, gradleUserHome, cacheListener, daemonController, buildResults, cacheConfig)
const cachingReport = generateCachingReport(cacheListener)
await jobSummary.generateJobSummary(buildResults, cachingReport, summaryConfig)
markBuildResultsProcessed()
core.info('Completed post-action step')
return true
}
async function determineGradleUserHome(): Promise<string> {
const customGradleUserHome = process.env['GRADLE_USER_HOME']
if (customGradleUserHome) {
const rootDir = getWorkspaceDirectory()
return path.resolve(rootDir, customGradleUserHome)
}
const defaultGradleUserHome = path.resolve(await determineUserHome(), '.gradle')
// Use the default Gradle User Home if it already exists
if (fs.existsSync(defaultGradleUserHome)) {
core.info(`Gradle User Home already exists at ${defaultGradleUserHome}`)
core.exportVariable('GRADLE_USER_HOME', defaultGradleUserHome)
return defaultGradleUserHome
}
// Switch Gradle User Home to faster 'D:' drive if possible
if (os.platform() === 'win32' && defaultGradleUserHome.startsWith('C:\\') && fs.existsSync('D:\\a\\')) {
const fasterGradleUserHome = 'D:\\a\\.gradle'
core.info(`Setting GRADLE_USER_HOME to ${fasterGradleUserHome} to leverage (potentially) faster drive.`)
core.exportVariable('GRADLE_USER_HOME', fasterGradleUserHome)
return fasterGradleUserHome
}
core.exportVariable('GRADLE_USER_HOME', defaultGradleUserHome)
return defaultGradleUserHome
}
/**
* Different values can be returned by os.homedir() in Javascript and System.getProperty('user.home') in Java.
* In order to determine the correct Gradle User Home, we ask Java for the user home instead of using os.homedir().
*/
async function determineUserHome(): Promise<string> {
const output = await exec.getExecOutput('java', ['-XshowSettings:properties', '-version'], {silent: true})
const regex = /user\.home = (\S*)/i
const found = output.stderr.match(regex)
if (found == null || found.length <= 1) {
core.info('Could not determine user.home from java -version output. Using os.homedir().')
return os.homedir()
}
const userHome = found[1]
core.debug(`Determined user.home from java -version output: '${userHome}'`)
return userHome
}

26
sources/src/wrapper-validation/cache.ts Normal file
View File

@@ -0,0 +1,26 @@
import fs from 'fs'
import path from 'path'
import {ACTION_METADATA_DIR} from '../configuration'
export class ChecksumCache {
private readonly cacheFile: string
constructor(gradleUserHome: string) {
this.cacheFile = path.resolve(gradleUserHome, ACTION_METADATA_DIR, 'valid-wrappers.json')
}
load(): string[] {
// Load previously validated checksums saved in Gradle User Home
if (fs.existsSync(this.cacheFile)) {
return JSON.parse(fs.readFileSync(this.cacheFile, 'utf-8'))
}
return []
}
save(checksums: string[]): void {
const uniqueChecksums = [...new Set(checksums)]
// Save validated checksums to Gradle User Home
fs.mkdirSync(path.dirname(this.cacheFile), {recursive: true})
fs.writeFileSync(this.cacheFile, JSON.stringify(uniqueChecksums))
}
}

96
sources/src/wrapper-validation/checksums.ts Normal file
View File

@@ -0,0 +1,96 @@
import * as httpm from 'typed-rest-client/HttpClient'
import * as cheerio from 'cheerio'
import fileWrapperChecksums from './wrapper-checksums.json'
const httpc = new httpm.HttpClient('gradle/wrapper-validation-action', undefined, {allowRetries: true, maxRetries: 3})
export class WrapperChecksums {
checksums = new Map<string, Set<string>>()
versions = new Set<string>()
add(version: string, checksum: string): void {
if (this.checksums.has(checksum)) {
this.checksums.get(checksum)!.add(version)
} else {
this.checksums.set(checksum, new Set([version]))
}
this.versions.add(version)
}
}
function loadKnownChecksums(): WrapperChecksums {
const checksums = new WrapperChecksums()
for (const entry of fileWrapperChecksums) {
checksums.add(entry.version, entry.checksum)
}
return checksums
}
/**
* Known checksums from previously published Wrapper versions.
*
* Maps from the checksum to the names of the Gradle versions whose wrapper has this checksum.
*/
export const KNOWN_CHECKSUMS = loadKnownChecksums()
export async function fetchUnknownChecksums(
allowSnapshots: boolean,
knownChecksums: WrapperChecksums
): Promise<Set<string>> {
const all = await httpGetJsonArray('https://services.gradle.org/versions/all')
const withChecksum = all.filter(
entry => typeof entry === 'object' && entry != null && entry.hasOwnProperty('wrapperChecksumUrl')
)
const allowed = withChecksum.filter(
// eslint-disable-next-line @typescript-eslint/no-explicit-any
(entry: any) => allowSnapshots || !entry.snapshot
)
const notKnown = allowed.filter(
// eslint-disable-next-line @typescript-eslint/no-explicit-any
(entry: any) => !knownChecksums.versions.has(entry.version)
)
const checksumUrls = notKnown.map(
// eslint-disable-next-line @typescript-eslint/no-explicit-any
(entry: any) => entry.wrapperChecksumUrl as string
)
if (allowSnapshots) {
await addDistributionSnapshotChecksums(checksumUrls)
}
const checksums = await Promise.all(
checksumUrls.map(async (url: string) => {
// console.log(`Fetching checksum from ${url}`)
return httpGetText(url)
})
)
return new Set(checksums)
}
async function httpGetJsonArray(url: string): Promise<unknown[]> {
return JSON.parse(await httpGetText(url))
}
async function httpGetText(url: string): Promise<string> {
const response = await httpc.get(url)
return await response.readBody()
}
// Public for testing
export async function addDistributionSnapshotChecksums(checksumUrls: string[]): Promise<void> {
// Load the index page of the distribution snapshot repository
const indexPage = await httpGetText('https://services.gradle.org/distributions-snapshots/')
// // Extract all wrapper checksum from the index page. These end in -wrapper.jar.sha256
// // Load the HTML into cheerio
const $ = cheerio.load(indexPage)
// // Find all links ending with '-wrapper.jar.sha256'
const wrapperChecksumLinks = $('a[href$="-wrapper.jar.sha256"]')
// build the absolute URL for each wrapper checksum
wrapperChecksumLinks.each((index, element) => {
const url = $(element).attr('href')
checksumUrls.push(`https://services.gradle.org${url}`)
})
}

27
sources/src/wrapper-validation/find.ts Normal file
View File

@@ -0,0 +1,27 @@
import * as util from 'util'
import * as path from 'path'
import * as fs from 'fs'
import unhomoglyph from 'unhomoglyph'
const readdir = util.promisify(fs.readdir)
export async function findWrapperJars(baseDir: string): Promise<string[]> {
const files = await recursivelyListFiles(baseDir)
return files
.filter(file => unhomoglyph(file).endsWith('gradle-wrapper.jar'))
.map(wrapperJar => path.relative(baseDir, wrapperJar))
.sort((a, b) => a.localeCompare(b))
}
async function recursivelyListFiles(baseDir: string): Promise<string[]> {
const childrenNames = await readdir(baseDir)
const childrenPaths = await Promise.all(
childrenNames.map(async childName => {
const childPath = path.resolve(baseDir, childName)
return fs.lstatSync(childPath).isDirectory()
? recursivelyListFiles(childPath)
: new Promise(resolve => resolve([childPath]))
})
)
return Array.prototype.concat(...childrenPaths)
}

18
sources/src/wrapper-validation/hash.ts Normal file
View File

@@ -0,0 +1,18 @@
import * as crypto from 'crypto'
import * as fs from 'fs'
export async function sha256File(path: string): Promise<string> {
return new Promise((resolve, reject) => {
const hash = crypto.createHash('sha256')
const stream = fs.createReadStream(path)
stream.on('data', data => hash.update(data))
stream.on('end', () => {
stream.destroy()
resolve(hash.digest('hex'))
})
stream.on('error', error => {
stream.destroy()
reject(error)
})
})
}

92
sources/src/wrapper-validation/validate.ts Normal file
View File

@@ -0,0 +1,92 @@
import * as find from './find'
import * as checksums from './checksums'
import * as hash from './hash'
import {resolve} from 'path'
export async function findInvalidWrapperJars(
gitRepoRoot: string,
allowSnapshots: boolean,
allowedChecksums: string[],
previouslyValidatedChecksums: string[] = [],
knownValidChecksums: checksums.WrapperChecksums = checksums.KNOWN_CHECKSUMS
): Promise<ValidationResult> {
const wrapperJars = await find.findWrapperJars(gitRepoRoot)
const result = new ValidationResult([], [])
if (wrapperJars.length > 0) {
const notYetValidatedWrappers = []
for (const wrapperJar of wrapperJars) {
const sha = await hash.sha256File(resolve(gitRepoRoot, wrapperJar))
if (
allowedChecksums.includes(sha) ||
previouslyValidatedChecksums.includes(sha) ||
knownValidChecksums.checksums.has(sha)
) {
result.valid.push(new WrapperJar(wrapperJar, sha))
} else {
notYetValidatedWrappers.push(new WrapperJar(wrapperJar, sha))
}
}
// Otherwise fall back to fetching checksums from Gradle API and compare against them
if (notYetValidatedWrappers.length > 0) {
result.fetchedChecksums = true
const fetchedValidChecksums = await checksums.fetchUnknownChecksums(allowSnapshots, knownValidChecksums)
for (const wrapperJar of notYetValidatedWrappers) {
if (!fetchedValidChecksums.has(wrapperJar.checksum)) {
result.invalid.push(wrapperJar)
} else {
result.valid.push(wrapperJar)
}
}
}
}
return result
}
export class ValidationResult {
valid: WrapperJar[]
invalid: WrapperJar[]
fetchedChecksums = false
constructor(valid: WrapperJar[], invalid: WrapperJar[]) {
this.valid = valid
this.invalid = invalid
}
isValid(): boolean {
return this.invalid.length === 0
}
toDisplayString(): string {
let displayString = ''
if (this.invalid.length > 0) {
displayString += `✗ Found unknown Gradle Wrapper JAR files:\n${ValidationResult.toDisplayList(
this.invalid
)}`
}
if (this.valid.length > 0) {
if (displayString.length > 0) displayString += '\n'
displayString += `✓ Found known Gradle Wrapper JAR files:\n${ValidationResult.toDisplayList(this.valid)}`
}
return displayString
}
private static toDisplayList(wrapperJars: WrapperJar[]): string {
return ` ${wrapperJars.map(wj => wj.toDisplayString()).join(`\n `)}`
}
}
export class WrapperJar {
path: string
checksum: string
constructor(path: string, checksum: string) {
this.path = path
this.checksum = checksum
}
toDisplayString(): string {
return `${this.checksum} ${this.path}`
}
}

1046
sources/src/wrapper-validation/wrapper-checksums.json Normal file
View File

File diff suppressed because it is too large Load Diff

40
sources/src/wrapper-validation/wrapper-validator.ts Normal file
View File

@@ -0,0 +1,40 @@
import * as core from '@actions/core'
import {WrapperValidationConfig} from '../configuration'
import {ChecksumCache} from './cache'
import {findInvalidWrapperJars} from './validate'
import {JobFailure} from '../errors'
export async function validateWrappers(
config: WrapperValidationConfig,
workspaceRoot: string,
gradleUserHome: string
): Promise<void> {
if (!config.doValidateWrappers()) {
return // Wrapper validation is disabled
}
const checksumCache = new ChecksumCache(gradleUserHome)
const allowedChecksums = process.env['ALLOWED_GRADLE_WRAPPER_CHECKSUMS']?.split(',') || []
const previouslyValidatedChecksums = checksumCache.load()
const result = await findInvalidWrapperJars(
workspaceRoot,
config.allowSnapshotWrappers(),
allowedChecksums,
previouslyValidatedChecksums
)
if (result.isValid()) {
await core.group('All Gradle Wrapper jars are valid', async () => {
core.debug(`Loaded previously validated checksums from cache: ${previouslyValidatedChecksums.join(', ')}`)
core.info(result.toDisplayString())
})
} else {
core.info(result.toDisplayString())
throw new JobFailure(
`At least one Gradle Wrapper Jar failed validation!\n See https://github.com/gradle/actions/blob/main/docs/wrapper-validation.md#validation-failures\n${result.toDisplayString()}`
)
}
checksumCache.save(result.valid.map(wrapper => wrapper.checksum))
}