actions/gradle
1
0
Fork 0
mirror of https://github.com/gradle/actions.git synced 2026-04-19 18:12:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,185 Commits 7 Branches 116 Tags
1c809615505fae9768e2610dc6dbecdc3a796443
Commit Graph

476 Commits

Author SHA1 Message Date
daz ec4681f7f5 Test provision of rc and milestone versions 2025-01-23 12:09:21 -07:00
Daz DeBoer 3bfa1140fc Update to CCUDGP 2.1 (#524) 
This change primarily impacts test projects and documentation. The only
material impact is that CCUD 2.1 will now be auto-applied when
publishing Build Scans automatically with `build-scan-publish: true`.
(Develocity injection does not hard-code any CCUD version)
 2025-01-21 21:34:02 -07:00
daz 245c8a24de Save dependency-graph file as workflow artifact 
Diagnosing unexpected dependencies in the GitHub Dependency Graph can
be difficult. In order to aid with diagnosis, the `dependency-submission`
action will  now save each dependency-graph file as a workflow artifact.

If this is undesirable, the prior behaviour can be restored by explicitly setting
`dependency-graph: generate-and-submit`.

Fixes #519
 2025-01-21 14:34:49 -07:00
daz 74628b9f13 Fix npm for update-dist 2025-01-21 09:55:18 -07:00
daz e6f332ecb1 Publish build scans for CI builds 2025-01-20 09:56:42 -07:00
dependabot[bot] bccddaec22 Bump the github-actions group across 3 directories with 7 updates 
Bumps the github-actions group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [gradle/actions](https://github.com/gradle/actions) | `4.2.1` | `4.2.2` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `45.0.5` | `45.0.6` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.9` | `3.28.1` |
| [actions/setup-java](https://github.com/actions/setup-java) | `4.5.0` | `4.6.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `4.6.0` |
| [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) | `5.0.1` | `5.1.0` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.5` | `7.0.6` |

Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/upload-artifact](https://github.com/actions/upload-artifact).
Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/setup-java](https://github.com/actions/setup-java).


Updates `gradle/actions` from 4.2.1 to 4.2.2
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](https://github.com/gradle/actions/compare/cc4fc85e6b35bafd578d5ffbc76a5518407e1af0...0bdd871935719febd78681f197cd39af5b6e16a6)

Updates `tj-actions/changed-files` from 45.0.5 to 45.0.6
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/bab30c2299617f6615ec02a68b9a40d10bd21366...d6e91a2266cdb9d62096cebf1e8546899c6aa18f)

Updates `github/codeql-action` from 3.27.9 to 3.28.1
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/df409f7d9260372bd5f19e5b04e83cb3c43714ae...b6a472f63d85b9c78a3ac5e89422239fc15e9b3c)

Updates `actions/setup-java` from 4.5.0 to 4.6.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/8df1039502a15bceb9433410b1a100fbe190c53b...7a6d8a8234af8eb26422e24e3006232cccaa061b)

Updates `actions/upload-artifact` from 4.4.3 to 4.6.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08)

Updates `stefanzweifel/git-auto-commit-action` from 5.0.1 to 5.1.0
- [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases)
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/8621497c8c39c72f3e2a999a26b4ca1b5058a842...e348103e9026cc0eee72ae06630dbe30c8bf7a79)

Updates `peter-evans/create-pull-request` from 7.0.5 to 7.0.6
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/5e914681df9dc83aa4e4905692ca88beb2f9e91f...67ccf781d68cd99b580ae25a5c18a1cc84ffff1f)

Updates `actions/upload-artifact` from 4.4.3 to 4.6.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08)

Updates `actions/setup-java` from 4.5.0 to 4.6.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/8df1039502a15bceb9433410b1a100fbe190c53b...7a6d8a8234af8eb26422e24e3006232cccaa061b)

---
updated-dependencies:
- dependency-name: gradle/actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: stefanzweifel/git-auto-commit-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-14 13:31:38 -07:00
github-actions[bot] 04f1562da5 Bump Gradle Wrappers (#499) 
# Combined PRs ➡️📦⬅️

 The following pull requests have been successfully combined on this
PR:
- Closes #498 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/.github/workflow-samples/kotlin-dsl
- Closes #497 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/.github/workflow-samples/java-toolchain
- Closes #496 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/.github/workflow-samples/groovy-dsl
- Closes #495 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/.github/workflow-samples/gradle-plugin
- Closes #494 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/sources/test/init-scripts

> This PR was created by the
[`github/combine-prs`](https://github.com/github/combine-prs) action

---------

Signed-off-by: bot-githubaction <bot-githubaction@gradle.com>
Co-authored-by: bot-githubaction <bot-githubaction@gradle.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: daz <daz@gradle.com>
 2024-12-20 18:23:34 -07:00
Daz DeBoer 0bdd871935 Pin version in ci-combine-bot-prs.yml 2024-12-17 18:26:12 -07:00
dependabot[bot] bc78598590 Bump github/codeql-action in the github-actions group across 1 directory 
Bumps the github-actions group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action).


Updates `github/codeql-action` from 3.27.7 to 3.27.9
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/babb554ede22fd5605947329c4d04d8e7a0b8155...df409f7d9260372bd5f19e5b04e83cb3c43714ae)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-17 11:46:27 -07:00
bot-githubaction eda5a3331f Bump references to Develocity Gradle plugin from 3.18.2 to 3.19 2024-12-13 09:02:59 -07:00
daz 69215f1c52 Restrict permissions for combine-prs job 2024-12-11 12:31:33 -07:00
Daz DeBoer 06e95bfb12 Merge branch 'main' into dependabot/github_actions/github-actions-e9dd73a904 2024-12-11 10:17:04 -07:00
Daz DeBoer 6089ee95bf Update to Gradle 8.11.1 (#477) 2024-12-11 10:16:28 -07:00
Daz DeBoer b80eee1bc3 Remove schedule for combine-prs until it's working properley 2024-12-11 10:05:44 -07:00
daz 51109c9e9e Update to Gradle 8.11.1 2024-12-11 10:04:45 -07:00
daz 686515ed83 Fix combine PRs workflow 2024-12-11 09:47:11 -07:00
daz ce25fde741 Add workflow to combine wrapperbot PRs 2024-12-11 09:07:09 -07:00
dependabot[bot] 1c71d2134f Bump the github-actions group across 1 directory with 2 updates 
Bumps the github-actions group with 2 updates in the / directory: [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `tj-actions/changed-files` from 45.0.4 to 45.0.5
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/4edd678ac3f81e2dc578756871e4d00c19191daf...bab30c2299617f6615ec02a68b9a40d10bd21366)

Updates `github/codeql-action` from 3.27.4 to 3.27.7
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/ea9e4e37992a54ee68a9622e985e60c8e8f12d9f...babb554ede22fd5605947329c4d04d8e7a0b8155)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-11 14:52:10 +00:00
dependabot[bot] 4ba34e96c5 Bump gradle/actions from 4.2.0 to 4.2.1 in the github-actions group 
Bumps the github-actions group with 1 update: [gradle/actions](https://github.com/gradle/actions).


Updates `gradle/actions` from 4.2.0 to 4.2.1
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](https://github.com/gradle/actions/compare/473878a77f1b98e2b5ac4af93489d1656a80a5ed...cc4fc85e6b35bafd578d5ffbc76a5518407e1af0)

---
updated-dependencies:
- dependency-name: gradle/actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-19 09:53:32 -07:00
dependabot[bot] e6a814661a Bump the github-actions group with 3 updates 
Bumps the github-actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action) and [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/checkout` from 4.1.7 to 4.2.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4.1.7...11bd71901bbe5b1630ceea73d27597364c9af683)

Updates `github/codeql-action` from 3.26.6 to 3.27.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3.26.6...ea9e4e37992a54ee68a9622e985e60c8e8f12d9f)

Updates `actions/upload-artifact` from 4.4.0 to 4.4.3
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/50769540e7f4bd5e21e526ee35c689e35e0d6874...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-18 10:35:58 -07:00
daz 9ab6ee6757 Bump to version 2.0.2 of CCUDGP 2024-11-15 14:10:13 -07:00
daz f4845d289c Use npm clean-install 2024-11-14 16:36:23 -07:00
Daz DeBoer 5f21a9bb99 Bump Gradle from 8.10.2 to 8.11 (#443) 
Co-authored-by: bot-githubaction <bot-githubaction@gradle.com>
 2024-11-14 13:48:42 -07:00
Daz DeBoer 52ee405746 Run CodeQL on all commits 2024-11-14 13:44:22 -07:00
daz b6bc8c2f17 Pin gradle/actions versions 2024-11-14 13:05:02 -07:00
daz b12c3a65f2 Pin version of 3rd party actions 2024-11-14 12:35:29 -07:00
daz d191577859 Pin actions/setup-node@v4 2024-11-14 12:23:02 -07:00
daz e726a12472 Pin actions/setup-java@v4 2024-11-14 12:21:03 -07:00
daz d30cc9ecf2 Pin actions/checkout@v4 2024-11-14 12:19:48 -07:00
daz d0efa7b0e7 Avoid duplicate actions/setup-java 2024-11-14 12:12:54 -07:00
daz 8422a6a674 Avoid running workflow on forks 2024-11-14 11:44:20 -07:00
daz 19ff74e0a6 Revert "Disable uploading OSSF scorecard to GitHub Security" 
This reverts commit 1e2142185e.
 2024-11-14 11:31:03 -07:00
bot-githubaction 084b95f65a Bump references to Develocity Gradle plugin from 3.18.1 to 3.18.2 2024-11-14 09:26:53 -07:00
Daz DeBoer 1e2142185e Disable uploading OSSF scorecard to GitHub Security 2024-11-13 19:11:45 -07:00
Daz DeBoer 07e0f1c008 Limit token permissions in GitHub workflows (#440) 
See
https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#token-permissions
 2024-11-13 19:01:45 -07:00
daz af45dcfe3c Add wrapper-validation workflow 
Although we run `setup-gradle` with all/most wrapper files, this global
workflow will ensure that all wrapper files in the repo are valid.
(This should help with the OSSF scorecard)
 2024-11-13 18:46:57 -07:00
daz d8b3a9fb11 Rename OSSF scorecard workflow 2024-11-13 18:46:51 -07:00
nitrocode 5ac3e361a2 ci: add scorecard 2024-11-13 16:37:41 -07:00
daz f22ac61fd1 Use Gradle 8.11 as the minimum version for cache-cleanup 
The cache-cleanup API has changed, so the init-script that worked with
Gradle 8.9 no longer works with 8.11.
We now provision and use Gradle 8.11 for cache cleanup.

This provides a band-aid fix for #417 but that issue will still impact
any build configured to run with Gradle > 8.11
 2024-11-11 20:54:29 -07:00
daz 61e4a25782 Control version of Gradle in PATH for unit tests 2024-10-07 12:24:47 +10:00
bot-githubaction 5fe9264c08 Bump references to Develocity Gradle plugin from 3.18 to 3.18.1 2024-09-12 19:55:39 -06:00
dependabot[bot] 478782dbb4 Bump peter-evans/create-pull-request in the github-actions group 
Bumps the github-actions group with 1 update: [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `peter-evans/create-pull-request` from 6 to 7
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v6...v7)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-12 19:55:39 -06:00
daz 9291ac6ca5 Add example of job summary with cache-read-only 2024-08-29 09:54:55 -06:00
dependabot[bot] c3c8a18b22 Bump tj-actions/changed-files from 44 to 45 in the github-actions group 
Bumps the github-actions group with 1 update: [tj-actions/changed-files](https://github.com/tj-actions/changed-files).


Updates `tj-actions/changed-files` from 44 to 45
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v44...v45)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 21:18:49 -06:00
Daz DeBoer 4b7cc6e174 Differentiate Gradle 8.1 from 8.10 when checking version (#358) 
Fixes #359
 2024-08-26 14:47:28 -06:00
daz e598a32529 Quote version 8.10 in integ test 2024-08-26 12:47:06 -06:00
daz a8a2fd2323 Update to Gradle 8.10 2024-08-26 11:07:48 -06:00
bot-githubaction 089bfb1063 Bump references to Develocity Gradle plugin from 3.17.6 to 3.18 2024-08-26 10:53:40 -06:00
daz b51fcf4d6c Only allow 1 integ-test at a time 2024-08-12 10:33:22 -06:00
daz 64869b1757 Attempt to reduce contention in integ-test-full 2024-08-07 09:04:49 -06:00