Skip to content

CI/Build: Add Gradle Build Scans #475

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
snazy wants to merge 1 commit into from
Closed

CI/Build: Add Gradle Build Scans #475

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/workflows/gradle.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,10 @@ jobs:
permissions:
contents: read

env:
# https://docs.gradle.com/develocity/gradle-plugin/current/#via_environment_variable
DEVELOCITY_ACCESS_KEY: ${{secrets.GE_ACCESS_TOKEN}}

steps:
- uses: actions/checkout@v4
- name: Set up JDK 21
Expand Down
67 changes: 67 additions & 0 deletions settings.gradle.kts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,3 +73,70 @@ dependencyResolutionManagement {
}

gradle.beforeProject { version = baseVersion }

plugins { id("com.gradle.develocity") version ("3.18.2") }

// Use Apache's Gradle Enterprise instance only in CI and only if the access-key is present
// See
// https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=263426153#ProjectOnboardingInstructionsforDevelocity-GitHubActions
// https://docs.gradle.com/develocity/gradle-plugin/current/#via_environment_variable
val hasDevelocityAccessKey =
System.getenv("DEVELOCITY_ACCESS_KEY") != null &&
System.getenv("DEVELOCITY_ACCESS_KEY").isNotBlank()
val isCI = System.getenv("CI") != null

if (isCI) {
logger.lifecycle(
"Running build in CI ${if (hasDevelocityAccessKey) "with" else "without"} Develocity access"
)
}

// Publish a build-scan automatically in CI, else only on demand.
develocity {
if (isCI) {
if (hasDevelocityAccessKey) {
// The GE instance for Apache rejects unauthenticated build scan uploads, so we publish those
// to Gradle's public one. This means, that CI runs without secrets, aka all PR CI runs, get
// the build scans published at Gradle's infra, while other CI runs publish to Apache's infra.
server = "https://ge.apache.org"
}
buildScan {
termsOfUseUrl = "https://gradle.com/terms-of-service"
termsOfUseAgree = "yes"
// Add some potentially interesting information from the environment
listOf(
"GITHUB_ACTION_REPOSITORY",
"GITHUB_ACTOR",
"GITHUB_BASE_REF",
"GITHUB_HEAD_REF",
"GITHUB_JOB",
"GITHUB_REF",
"GITHUB_REPOSITORY",
"GITHUB_RUN_ID",
"GITHUB_RUN_NUMBER",
"GITHUB_SHA",
"GITHUB_WORKFLOW"
)
.forEach { e ->
val v = System.getenv(e)
if (v != null) {
value(e, v)
}
}
val ghUrl = System.getenv("GITHUB_SERVER_URL")
if (ghUrl != null) {
val ghRepo = System.getenv("GITHUB_REPOSITORY")
val ghRunId = System.getenv("GITHUB_RUN_ID")
link("Summary", "$ghUrl/$ghRepo/actions/runs/$ghRunId")
link("PRs", "$ghUrl/$ghRepo/pulls")
}
obfuscation { ipAddresses { addresses -> addresses.map { _ -> "0.0.0.0" } } }
}
} else {
val isBuildScan = gradle.startParameter.isBuildScan
buildScan {
publishing { onlyIf { isBuildScan } }
obfuscation { ipAddresses { addresses -> addresses.map { _ -> "0.0.0.0" } } }
}
}
}
Loading