Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[deps]: Update gradle/actions action to v4 #951

Merged
merged 1 commit into from
Aug 13, 2024
Merged

[deps]: Update gradle/actions action to v4 #951

merged 1 commit into from
Aug 13, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Aug 12, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Type Update Change
gradle/actions action major v3.1.0 -> v4.0.0
gradle/actions action major v3.3.2 -> v4.0.0

Release Notes

gradle/actions (gradle/actions)

v4.0.0

Compare Source

Final release of v4.0.0 of the setup-gradle, dependency-submission and wrapper-validation actions provided under gradle/actions.
This release is available under the v4 tag.

Major changes from the v3 release
The arguments parameter has been removed

Using the action to execute Gradle via the arguments parameter was deprecated in v3 and this parameter has been removed.
See here for more details.

Cache cleanup enabled by default

After a number of fixes and improvements, this release enables cache-cleanup by default for all Jobs using the setup-gradle and dependency-submission actions.

Improvements and bugfixes related cache cleanup:

  • By default, cache cleanup is not run if any Gradle build fails (#​71)
  • Cache cleanup is not run after configuration-cache reuse (#​19)

This feature should help to minimize the size of entries written to the GitHub Actions cache, speeding up builds and reducing cache usage.

Wrapper validation enabled by default

In v3, the setup-gradle action was enhanced to support Gradle wrapper validation, removing the need to use a separate workflow
file with the gradle/actions/wrapper-validation action.

With this release, wrapper validation has been significantly improved, and is now enabled by default (#​12):

  • The allow-snapshot-wrappers makes it possible to validate snapshot wrapper jars using setup-gradle.
  • Checksums for nightly and snapshot Gradle versions are now validated (#​281).
  • Valid wrapper checksums are cached in Gradle User Home, reducing the need to retrieve checksum values remotely (#​172).
  • Reduce network calls in wrapper-validation for new Gradle versions: By only fetching wrapper checksums for Gradle versions that were not known when this action was released, this release reduces the likelihood that a network failure could cause failure in wrapper validation (#​171)
  • Improved error message when wrapper-validation finds no wrapper jars (#​284)

Wrapper validation is important for supply-chain integrity. Enabling this feature by default will increase the coverage of wrapper
validation on projects using GitHub Actions.

New input parameters for Dependency Graph generation

Some dependency-graph inputs that could previously only be configured via environment variables now have dedicated action inputs:

Other improvements
  • In Job summary, the action now provides an explanation when cache is set to read-only or disabled (#​255)
  • When setup-gradle requests a specific Gradle version, the action will no longer download and install that version if it is already available on the PATH of the runner (#​270)
  • To attempt to speed up builds, the setup-gradle and dependency-submission actions now attempt to use the D: drive for Gradle User Home if it is available (#​290)
Deprecations and breaking changes
Changelog

Full Changelog: gradle/actions@v3.5.0...v4.0.0

v3.5.0

Compare Source

This release contains a major upgrade to gradle-home-cache-cleanup as well as improvements to dependency-submission.

What's Changed

Full Changelog: gradle/actions@v3.4.2...v3.5.0

v3.4.2

Compare Source

This patch release fixes a race condition that resulted in the DEVELOCITY_ACCESS_KEY variable not being set in the environment.

What's Changed

Full Changelog: gradle/actions@v3.4.1...v3.4.2

v3.4.1

Compare Source

This patch release fixes a bug introduced in v3.4.0, that prevents build scan publication to Develocity.
The bug results in the removal of the DEVELOCITY_ACCESS_KEY variable being removed, so that Gradle cannot authenticate with the Develocity server.

What's Changed

Full Changelog: gradle/actions@v3.4.0...v3.4.1

v3.4.0

Compare Source

This release improves the integration with Gradle Develocity®, as well as updating a number of key dependencies.

  • The new develocity-access-key input parameter allows the action to generate a short-lived access token for subsequent
    communication with Develocity. This reduces the risk of the full (long-lived) access key being compromised,
    either accidentally or by a malicious action.
  • New input parameters are available to configure Develocity injection. Previously Develocity injection could only be
    enabled by setting environment variables.
  • Checksums for Gradle 8.8 are now included, so that no network request is required for wrapper-validation with Gradle 8.8 wrappers.
What's Changed
New Contributors

Full Changelog: gradle/actions@v3.3.2...v3.4.0

v3.3.2

Compare Source

This patch release fixes a bug in both dependency-submission and setup-gradle (#​196 introduced in v3.3.1), which resulted in
"No dependency-graph files found to submit" when using the download-and-submit function.
A number of other minor issues have also been addressed:

What's Changed
  • [dependency-submission] Fix bug finding dependency-graph files with 'download-and-submit' (#​199)
  • [dependency-submission] Use Gradle logger instead of println in dependency graph init script (#​191 from @​aleksandrserbin)
  • [dependency-submission] Retain and log full stacktrace for dependency submission errors (#​192)
  • [setup-gradle] Improve build scan badge readability with long task names (#​200 from @​gabrielfeo)

Full Changelog: gradle/actions@v3.3.1...v3.3.2

v3.3.1

Compare Source

This patch release fixes a bug in setting the report dir for dependency-submission, and updates the plugin versions
applied in Develocity injection.

What's Changed
  • Bump Develocity and CCUD plugin versions (#​185)
  • Support custom DEPENDENCY_GRAPH_REPORT_DIR variable for dependency-submission (#​188)

Full Changelog: gradle/actions@v3.3.0...v3.3.1

v3.3.0

Compare Source

This release includes a new action, and improvements to the existing actions.

Highlights include:

[!IMPORTANT]
The caching protocol version has changed in this release, so cache entries written with previous versions of the action will not be reused. This means that jobs will effectively start with an empty cache after switching to this release.

Changelog
NEW action gradle/actions/wrapper-validation
  • [NEW] Add replacement for wrapper-validation-action (#​160)
Improvements to gradle/actions/setup-gradle
  • [NEW] Cache paths have been updated for Gradle 8.6+ (#​45, #​163)
  • [NEW] setup-gradle action can now perform wrapper-validation automatically (#​161, #​162)
  • [FIX] Make cache-keys more consistent (#​131).
  • [FIX] Avoid listing old build results in Job Summary on self-hosted runner (#​127)
  • [FIX] Deprecation warnings are emitted when using deprecated inputs (#​108)
  • [FIX] Generate correct toolchains.xml file on ARM runners (#​89)
Improvements to gradle/actions/depenency-submission
  • [NEW] Action is now implemented directly in TypeScript, and does not delegate to setup-gradle (#​116)
  • [NEW] Allow dependency resolution task name to be specified (#​125)
  • [NEW] Dependency-graph is submitted immediately with dependency-submission action (#​123)
  • [FIX] setup-gradle and dependency-submission can be used in the same Job (#​36)

Full Changelog: gradle/actions@v3.2.1...v3.3.0

Actions Summary

Release includes v3.3.0 of the following, available under the v3 version tag:

[!NOTE]
The gradle/actions/setup-gradle action supersedes gradle/gradle-build-action.
The gradle/actions/wrapper-validation action supersedes gradle/wrapper-validation-action.

v3.2.1

Compare Source

The recent update to use com.develocity.gradle plugin resulted in many deprecation warnings being triggered by the init-scripts bundled with this action. This patch release updates these init-scripts to avoid these deprecation warnings.

What's Changed

Full Changelog: gradle/actions@v3.2.0...v3.2.1

v3.2.0

Compare Source

Changelog
General improvements
  • [NEW] Support authentication for plugin repositories (#​31)
  • [FIX] Improve rendering of build results table with long values (#​35)
Improvements to Dependency Submission
  • [FIX] Do not attempt to resolve dependency configurations that are excluded via env var (#​107)
Improvements to Develocity injection
  • [NEW] Use com.develocity.gradle plugin version 3.17 by default
  • [NEW] Can configure capture of file-fingerprint (#​58)
  • [FIX] Reduce log-level of messages emitted by Develocity injection (#​60)
Note

Release includes v3.2.0 of gradle/actions/setup-gradle and gradle/actions/dependency-submission.
Available under the v3 version tag.

The gradle/actions/setup-gradle action supersedes gradle/gradle-build-action.
The gradle/[email protected] version will be released in parallel, and will delegate to this release of gradle/actions/setup-gradle.

Full Changelog: gradle/actions@v3.1.0...v3.2.0

Configuration

📅 Schedule: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner August 12, 2024 09:38
@bitwarden-bot bitwarden-bot changed the title [deps]: Update gradle/actions action to v4 [PM-10782] [deps]: Update gradle/actions action to v4 Aug 12, 2024
@bitwarden-bot
Copy link

Internal tracking:

@codecov Codecov
Copy link

codecov bot commented Aug 12, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 58.45%. Comparing base (8d89eea) to head (789a6d3).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #951   +/-   ##
=======================================
  Coverage   58.45%   58.45%           
=======================================
  Files         194      194           
  Lines       13358    13358           
=======================================
  Hits         7808     7808           
  Misses       5550     5550

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@renovate renovate bot changed the title [PM-10782] [deps]: Update gradle/actions action to v4 [deps]: Update gradle/actions action to v4 Aug 12, 2024
@vgrassia vgrassia merged commit 3ba55c1 into main Aug 13, 2024
105 of 111 checks passed
@vgrassia vgrassia deleted the renovate/gradle-actions-4.x branch August 13, 2024 17:31
@Hinton Hinton mentioned this pull request Aug 15, 2024
Merged
Hinton added a commit that referenced this pull request Aug 15, 2024
@Hinton
Fix gradle deprecation (#960)
8e9e8f1 
## 🎟️ Tracking

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

## 📔 Objective

<!-- Describe what the purpose of this PR is, for example what bug
you're fixing or new feature you're adding. -->

Build android is broken after the breaking changes introduced in #951.
This PR follows the recommended changes and splits setup gradle into two
steps.

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vgrassia vgrassia vgrassia approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bitwarden-bot @vgrassia