mirror of
https://github.com/gradle/actions.git
synced 2025-11-26 17:09:10 +08:00
Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
31ae3562f6 | ||
|
|
719985db3d | ||
|
|
b53238971c | ||
|
|
5f1c5827bf |
@@ -155,8 +155,8 @@ jobs:
|
||||
id: gradle
|
||||
working-directory: .github/workflow-samples/no-ge
|
||||
run: gradle help
|
||||
- name: Check access key is blank (DEVELOCITY_ACCESS_KEY)
|
||||
run: "[ \"${DEVELOCITY_ACCESS_KEY}\" == \"\" ] || (echo 'DEVELOCITY_ACCESS_KEY has leaked!'; exit 1)"
|
||||
- name: Check access key is not blank (DEVELOCITY_ACCESS_KEY)
|
||||
run: "[ \"${DEVELOCITY_ACCESS_KEY}\" != \"\" ] || (echo 'using DEVELOCITY_ACCESS_KEY!'; exit 1)"
|
||||
- name: Check access key is not blank (GRADLE_ENTERPRISE_ACCESS_KEY)
|
||||
run: "[ \"${GRADLE_ENTERPRISE_ACCESS_KEY}\" != \"\" ] || (echo 'GRADLE_ENTERPRISE_ACCESS_KEY is still supported in v3!'; exit 1)"
|
||||
|
||||
|
||||
64
dist/dependency-submission/main/index.js
vendored
64
dist/dependency-submission/main/index.js
vendored
@@ -145087,12 +145087,9 @@ async function setup(config) {
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_URL', config.getGradlePluginRepositoryUrl());
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_USERNAME', config.getGradlePluginRepositoryUsername());
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_PASSWORD', config.getGradlePluginRepositoryPassword());
|
||||
(0, short_lived_token_1.setupToken)(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry(), getEnv('DEVELOCITY_ENFORCE_URL'), getEnv('DEVELOCITY_URL'));
|
||||
(0, short_lived_token_1.setupToken)(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry());
|
||||
}
|
||||
exports.setup = setup;
|
||||
function getEnv(variableName) {
|
||||
return process.env[variableName];
|
||||
}
|
||||
function maybeExportVariable(variableName, value) {
|
||||
if (!process.env[variableName]) {
|
||||
core.exportVariable(variableName, value);
|
||||
@@ -145141,11 +145138,11 @@ const httpm = __importStar(__nccwpck_require__(15538));
|
||||
const core = __importStar(__nccwpck_require__(42186));
|
||||
const configuration_1 = __nccwpck_require__(15778);
|
||||
const deprecation_collector_1 = __nccwpck_require__(22572);
|
||||
async function setupToken(develocityAccessKey, develocityTokenExpiry, enforceUrl, develocityUrl) {
|
||||
async function setupToken(develocityAccessKey, develocityTokenExpiry) {
|
||||
if (develocityAccessKey) {
|
||||
try {
|
||||
core.debug('Fetching short-lived token...');
|
||||
const tokens = await getToken(enforceUrl, develocityUrl, develocityAccessKey, develocityTokenExpiry);
|
||||
const tokens = await getToken(develocityAccessKey, develocityTokenExpiry);
|
||||
if (tokens != null && !tokens.isEmpty()) {
|
||||
core.debug(`Got token(s), setting the access key env vars`);
|
||||
const token = tokens.raw();
|
||||
@@ -145153,11 +145150,11 @@ async function setupToken(develocityAccessKey, develocityTokenExpiry, enforceUrl
|
||||
exportAccessKeyEnvVars(token);
|
||||
}
|
||||
else {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning();
|
||||
handleMissingAccessToken();
|
||||
}
|
||||
}
|
||||
catch (e) {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning();
|
||||
handleMissingAccessToken();
|
||||
core.warning(`Failed to fetch short-lived token, reason: ${e}`);
|
||||
}
|
||||
}
|
||||
@@ -145167,49 +145164,31 @@ function exportAccessKeyEnvVars(value) {
|
||||
;
|
||||
[configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar, configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key => core.exportVariable(key, value));
|
||||
}
|
||||
function clearAccessKeyEnvVarsWithDeprecationWarning() {
|
||||
function handleMissingAccessToken() {
|
||||
core.warning(`Failed to fetch short-lived token for Develocity`);
|
||||
if (process.env[configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
|
||||
(0, deprecation_collector_1.recordDeprecation)(`The ${configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`);
|
||||
}
|
||||
core.exportVariable(configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar, '');
|
||||
if (process.env[configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar]) {
|
||||
core.warning(`The ${configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`);
|
||||
}
|
||||
}
|
||||
async function getToken(enforceUrl, serverUrl, accessKey, expiry) {
|
||||
async function getToken(accessKey, expiry) {
|
||||
const empty = new Promise(r => r(null));
|
||||
const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey);
|
||||
const shortLivedTokenClient = new ShortLivedTokenClient();
|
||||
async function promiseError(message) {
|
||||
return new Promise((resolve, reject) => reject(new Error(message)));
|
||||
}
|
||||
if (develocityAccessKey == null) {
|
||||
return empty;
|
||||
}
|
||||
if (enforceUrl === 'true' || develocityAccessKey.isSingleKey()) {
|
||||
if (!serverUrl) {
|
||||
return promiseError('Develocity Server URL not configured');
|
||||
}
|
||||
const hostname = extractHostname(serverUrl);
|
||||
if (hostname == null) {
|
||||
return promiseError('Could not extract hostname from Develocity server URL');
|
||||
}
|
||||
const hostAccessKey = develocityAccessKey.forHostname(hostname);
|
||||
if (!hostAccessKey) {
|
||||
return promiseError(`Could not find corresponding key for hostname ${hostname}`);
|
||||
}
|
||||
try {
|
||||
const token = await shortLivedTokenClient.fetchToken(serverUrl, hostAccessKey, expiry);
|
||||
return DevelocityAccessCredentials.of([token]);
|
||||
}
|
||||
catch (e) {
|
||||
return new Promise((resolve, reject) => reject(e));
|
||||
}
|
||||
}
|
||||
const tokens = new Array();
|
||||
for (const k of develocityAccessKey.keys) {
|
||||
try {
|
||||
core.info(`Requesting short-lived Develocity access token for ${k.hostname}`);
|
||||
const token = await shortLivedTokenClient.fetchToken(`https://${k.hostname}`, k, expiry);
|
||||
tokens.push(token);
|
||||
}
|
||||
catch (e) {
|
||||
core.info(`Failed to obtain short-lived Develocity access token for ${k.hostname}: ${e}`);
|
||||
}
|
||||
}
|
||||
if (tokens.length > 0) {
|
||||
@@ -145218,18 +145197,9 @@ async function getToken(enforceUrl, serverUrl, accessKey, expiry) {
|
||||
return empty;
|
||||
}
|
||||
exports.getToken = getToken;
|
||||
function extractHostname(serverUrl) {
|
||||
try {
|
||||
const parsedUrl = new URL(serverUrl);
|
||||
return parsedUrl.hostname;
|
||||
}
|
||||
catch (error) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
class ShortLivedTokenClient {
|
||||
constructor() {
|
||||
this.httpc = new httpm.HttpClient('gradle/setup-gradle');
|
||||
this.httpc = new httpm.HttpClient('gradle/actions/setup-gradle');
|
||||
this.maxRetries = 3;
|
||||
this.retryInterval = 1000;
|
||||
}
|
||||
@@ -145285,12 +145255,6 @@ class DevelocityAccessCredentials {
|
||||
isEmpty() {
|
||||
return this.keys.length === 0;
|
||||
}
|
||||
isSingleKey() {
|
||||
return this.keys.length === 1;
|
||||
}
|
||||
forHostname(hostname) {
|
||||
return this.keys.find(hostKey => hostKey.hostname === hostname);
|
||||
}
|
||||
raw() {
|
||||
return this.keys
|
||||
.map(k => `${k.hostname}${DevelocityAccessCredentials.hostDelimiter}${k.key}`)
|
||||
|
||||
2
dist/dependency-submission/main/index.js.map
vendored
2
dist/dependency-submission/main/index.js.map
vendored
File diff suppressed because one or more lines are too long
64
dist/dependency-submission/post/index.js
vendored
64
dist/dependency-submission/post/index.js
vendored
@@ -96244,12 +96244,9 @@ async function setup(config) {
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_URL', config.getGradlePluginRepositoryUrl());
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_USERNAME', config.getGradlePluginRepositoryUsername());
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_PASSWORD', config.getGradlePluginRepositoryPassword());
|
||||
(0, short_lived_token_1.setupToken)(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry(), getEnv('DEVELOCITY_ENFORCE_URL'), getEnv('DEVELOCITY_URL'));
|
||||
(0, short_lived_token_1.setupToken)(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry());
|
||||
}
|
||||
exports.setup = setup;
|
||||
function getEnv(variableName) {
|
||||
return process.env[variableName];
|
||||
}
|
||||
function maybeExportVariable(variableName, value) {
|
||||
if (!process.env[variableName]) {
|
||||
core.exportVariable(variableName, value);
|
||||
@@ -96298,11 +96295,11 @@ const httpm = __importStar(__nccwpck_require__(5538));
|
||||
const core = __importStar(__nccwpck_require__(2186));
|
||||
const configuration_1 = __nccwpck_require__(5778);
|
||||
const deprecation_collector_1 = __nccwpck_require__(2572);
|
||||
async function setupToken(develocityAccessKey, develocityTokenExpiry, enforceUrl, develocityUrl) {
|
||||
async function setupToken(develocityAccessKey, develocityTokenExpiry) {
|
||||
if (develocityAccessKey) {
|
||||
try {
|
||||
core.debug('Fetching short-lived token...');
|
||||
const tokens = await getToken(enforceUrl, develocityUrl, develocityAccessKey, develocityTokenExpiry);
|
||||
const tokens = await getToken(develocityAccessKey, develocityTokenExpiry);
|
||||
if (tokens != null && !tokens.isEmpty()) {
|
||||
core.debug(`Got token(s), setting the access key env vars`);
|
||||
const token = tokens.raw();
|
||||
@@ -96310,11 +96307,11 @@ async function setupToken(develocityAccessKey, develocityTokenExpiry, enforceUrl
|
||||
exportAccessKeyEnvVars(token);
|
||||
}
|
||||
else {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning();
|
||||
handleMissingAccessToken();
|
||||
}
|
||||
}
|
||||
catch (e) {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning();
|
||||
handleMissingAccessToken();
|
||||
core.warning(`Failed to fetch short-lived token, reason: ${e}`);
|
||||
}
|
||||
}
|
||||
@@ -96324,49 +96321,31 @@ function exportAccessKeyEnvVars(value) {
|
||||
;
|
||||
[configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar, configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key => core.exportVariable(key, value));
|
||||
}
|
||||
function clearAccessKeyEnvVarsWithDeprecationWarning() {
|
||||
function handleMissingAccessToken() {
|
||||
core.warning(`Failed to fetch short-lived token for Develocity`);
|
||||
if (process.env[configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
|
||||
(0, deprecation_collector_1.recordDeprecation)(`The ${configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`);
|
||||
}
|
||||
core.exportVariable(configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar, '');
|
||||
if (process.env[configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar]) {
|
||||
core.warning(`The ${configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`);
|
||||
}
|
||||
}
|
||||
async function getToken(enforceUrl, serverUrl, accessKey, expiry) {
|
||||
async function getToken(accessKey, expiry) {
|
||||
const empty = new Promise(r => r(null));
|
||||
const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey);
|
||||
const shortLivedTokenClient = new ShortLivedTokenClient();
|
||||
async function promiseError(message) {
|
||||
return new Promise((resolve, reject) => reject(new Error(message)));
|
||||
}
|
||||
if (develocityAccessKey == null) {
|
||||
return empty;
|
||||
}
|
||||
if (enforceUrl === 'true' || develocityAccessKey.isSingleKey()) {
|
||||
if (!serverUrl) {
|
||||
return promiseError('Develocity Server URL not configured');
|
||||
}
|
||||
const hostname = extractHostname(serverUrl);
|
||||
if (hostname == null) {
|
||||
return promiseError('Could not extract hostname from Develocity server URL');
|
||||
}
|
||||
const hostAccessKey = develocityAccessKey.forHostname(hostname);
|
||||
if (!hostAccessKey) {
|
||||
return promiseError(`Could not find corresponding key for hostname ${hostname}`);
|
||||
}
|
||||
try {
|
||||
const token = await shortLivedTokenClient.fetchToken(serverUrl, hostAccessKey, expiry);
|
||||
return DevelocityAccessCredentials.of([token]);
|
||||
}
|
||||
catch (e) {
|
||||
return new Promise((resolve, reject) => reject(e));
|
||||
}
|
||||
}
|
||||
const tokens = new Array();
|
||||
for (const k of develocityAccessKey.keys) {
|
||||
try {
|
||||
core.info(`Requesting short-lived Develocity access token for ${k.hostname}`);
|
||||
const token = await shortLivedTokenClient.fetchToken(`https://${k.hostname}`, k, expiry);
|
||||
tokens.push(token);
|
||||
}
|
||||
catch (e) {
|
||||
core.info(`Failed to obtain short-lived Develocity access token for ${k.hostname}: ${e}`);
|
||||
}
|
||||
}
|
||||
if (tokens.length > 0) {
|
||||
@@ -96375,18 +96354,9 @@ async function getToken(enforceUrl, serverUrl, accessKey, expiry) {
|
||||
return empty;
|
||||
}
|
||||
exports.getToken = getToken;
|
||||
function extractHostname(serverUrl) {
|
||||
try {
|
||||
const parsedUrl = new URL(serverUrl);
|
||||
return parsedUrl.hostname;
|
||||
}
|
||||
catch (error) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
class ShortLivedTokenClient {
|
||||
constructor() {
|
||||
this.httpc = new httpm.HttpClient('gradle/setup-gradle');
|
||||
this.httpc = new httpm.HttpClient('gradle/actions/setup-gradle');
|
||||
this.maxRetries = 3;
|
||||
this.retryInterval = 1000;
|
||||
}
|
||||
@@ -96442,12 +96412,6 @@ class DevelocityAccessCredentials {
|
||||
isEmpty() {
|
||||
return this.keys.length === 0;
|
||||
}
|
||||
isSingleKey() {
|
||||
return this.keys.length === 1;
|
||||
}
|
||||
forHostname(hostname) {
|
||||
return this.keys.find(hostKey => hostKey.hostname === hostname);
|
||||
}
|
||||
raw() {
|
||||
return this.keys
|
||||
.map(k => `${k.hostname}${DevelocityAccessCredentials.hostDelimiter}${k.key}`)
|
||||
|
||||
2
dist/dependency-submission/post/index.js.map
vendored
2
dist/dependency-submission/post/index.js.map
vendored
File diff suppressed because one or more lines are too long
64
dist/setup-gradle/main/index.js
vendored
64
dist/setup-gradle/main/index.js
vendored
@@ -145015,12 +145015,9 @@ async function setup(config) {
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_URL', config.getGradlePluginRepositoryUrl());
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_USERNAME', config.getGradlePluginRepositoryUsername());
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_PASSWORD', config.getGradlePluginRepositoryPassword());
|
||||
(0, short_lived_token_1.setupToken)(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry(), getEnv('DEVELOCITY_ENFORCE_URL'), getEnv('DEVELOCITY_URL'));
|
||||
(0, short_lived_token_1.setupToken)(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry());
|
||||
}
|
||||
exports.setup = setup;
|
||||
function getEnv(variableName) {
|
||||
return process.env[variableName];
|
||||
}
|
||||
function maybeExportVariable(variableName, value) {
|
||||
if (!process.env[variableName]) {
|
||||
core.exportVariable(variableName, value);
|
||||
@@ -145069,11 +145066,11 @@ const httpm = __importStar(__nccwpck_require__(15538));
|
||||
const core = __importStar(__nccwpck_require__(42186));
|
||||
const configuration_1 = __nccwpck_require__(15778);
|
||||
const deprecation_collector_1 = __nccwpck_require__(22572);
|
||||
async function setupToken(develocityAccessKey, develocityTokenExpiry, enforceUrl, develocityUrl) {
|
||||
async function setupToken(develocityAccessKey, develocityTokenExpiry) {
|
||||
if (develocityAccessKey) {
|
||||
try {
|
||||
core.debug('Fetching short-lived token...');
|
||||
const tokens = await getToken(enforceUrl, develocityUrl, develocityAccessKey, develocityTokenExpiry);
|
||||
const tokens = await getToken(develocityAccessKey, develocityTokenExpiry);
|
||||
if (tokens != null && !tokens.isEmpty()) {
|
||||
core.debug(`Got token(s), setting the access key env vars`);
|
||||
const token = tokens.raw();
|
||||
@@ -145081,11 +145078,11 @@ async function setupToken(develocityAccessKey, develocityTokenExpiry, enforceUrl
|
||||
exportAccessKeyEnvVars(token);
|
||||
}
|
||||
else {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning();
|
||||
handleMissingAccessToken();
|
||||
}
|
||||
}
|
||||
catch (e) {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning();
|
||||
handleMissingAccessToken();
|
||||
core.warning(`Failed to fetch short-lived token, reason: ${e}`);
|
||||
}
|
||||
}
|
||||
@@ -145095,49 +145092,31 @@ function exportAccessKeyEnvVars(value) {
|
||||
;
|
||||
[configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar, configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key => core.exportVariable(key, value));
|
||||
}
|
||||
function clearAccessKeyEnvVarsWithDeprecationWarning() {
|
||||
function handleMissingAccessToken() {
|
||||
core.warning(`Failed to fetch short-lived token for Develocity`);
|
||||
if (process.env[configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
|
||||
(0, deprecation_collector_1.recordDeprecation)(`The ${configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`);
|
||||
}
|
||||
core.exportVariable(configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar, '');
|
||||
if (process.env[configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar]) {
|
||||
core.warning(`The ${configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`);
|
||||
}
|
||||
}
|
||||
async function getToken(enforceUrl, serverUrl, accessKey, expiry) {
|
||||
async function getToken(accessKey, expiry) {
|
||||
const empty = new Promise(r => r(null));
|
||||
const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey);
|
||||
const shortLivedTokenClient = new ShortLivedTokenClient();
|
||||
async function promiseError(message) {
|
||||
return new Promise((resolve, reject) => reject(new Error(message)));
|
||||
}
|
||||
if (develocityAccessKey == null) {
|
||||
return empty;
|
||||
}
|
||||
if (enforceUrl === 'true' || develocityAccessKey.isSingleKey()) {
|
||||
if (!serverUrl) {
|
||||
return promiseError('Develocity Server URL not configured');
|
||||
}
|
||||
const hostname = extractHostname(serverUrl);
|
||||
if (hostname == null) {
|
||||
return promiseError('Could not extract hostname from Develocity server URL');
|
||||
}
|
||||
const hostAccessKey = develocityAccessKey.forHostname(hostname);
|
||||
if (!hostAccessKey) {
|
||||
return promiseError(`Could not find corresponding key for hostname ${hostname}`);
|
||||
}
|
||||
try {
|
||||
const token = await shortLivedTokenClient.fetchToken(serverUrl, hostAccessKey, expiry);
|
||||
return DevelocityAccessCredentials.of([token]);
|
||||
}
|
||||
catch (e) {
|
||||
return new Promise((resolve, reject) => reject(e));
|
||||
}
|
||||
}
|
||||
const tokens = new Array();
|
||||
for (const k of develocityAccessKey.keys) {
|
||||
try {
|
||||
core.info(`Requesting short-lived Develocity access token for ${k.hostname}`);
|
||||
const token = await shortLivedTokenClient.fetchToken(`https://${k.hostname}`, k, expiry);
|
||||
tokens.push(token);
|
||||
}
|
||||
catch (e) {
|
||||
core.info(`Failed to obtain short-lived Develocity access token for ${k.hostname}: ${e}`);
|
||||
}
|
||||
}
|
||||
if (tokens.length > 0) {
|
||||
@@ -145146,18 +145125,9 @@ async function getToken(enforceUrl, serverUrl, accessKey, expiry) {
|
||||
return empty;
|
||||
}
|
||||
exports.getToken = getToken;
|
||||
function extractHostname(serverUrl) {
|
||||
try {
|
||||
const parsedUrl = new URL(serverUrl);
|
||||
return parsedUrl.hostname;
|
||||
}
|
||||
catch (error) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
class ShortLivedTokenClient {
|
||||
constructor() {
|
||||
this.httpc = new httpm.HttpClient('gradle/setup-gradle');
|
||||
this.httpc = new httpm.HttpClient('gradle/actions/setup-gradle');
|
||||
this.maxRetries = 3;
|
||||
this.retryInterval = 1000;
|
||||
}
|
||||
@@ -145213,12 +145183,6 @@ class DevelocityAccessCredentials {
|
||||
isEmpty() {
|
||||
return this.keys.length === 0;
|
||||
}
|
||||
isSingleKey() {
|
||||
return this.keys.length === 1;
|
||||
}
|
||||
forHostname(hostname) {
|
||||
return this.keys.find(hostKey => hostKey.hostname === hostname);
|
||||
}
|
||||
raw() {
|
||||
return this.keys
|
||||
.map(k => `${k.hostname}${DevelocityAccessCredentials.hostDelimiter}${k.key}`)
|
||||
|
||||
2
dist/setup-gradle/main/index.js.map
vendored
2
dist/setup-gradle/main/index.js.map
vendored
File diff suppressed because one or more lines are too long
64
dist/setup-gradle/post/index.js
vendored
64
dist/setup-gradle/post/index.js
vendored
@@ -142468,12 +142468,9 @@ async function setup(config) {
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_URL', config.getGradlePluginRepositoryUrl());
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_USERNAME', config.getGradlePluginRepositoryUsername());
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_PASSWORD', config.getGradlePluginRepositoryPassword());
|
||||
(0, short_lived_token_1.setupToken)(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry(), getEnv('DEVELOCITY_ENFORCE_URL'), getEnv('DEVELOCITY_URL'));
|
||||
(0, short_lived_token_1.setupToken)(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry());
|
||||
}
|
||||
exports.setup = setup;
|
||||
function getEnv(variableName) {
|
||||
return process.env[variableName];
|
||||
}
|
||||
function maybeExportVariable(variableName, value) {
|
||||
if (!process.env[variableName]) {
|
||||
core.exportVariable(variableName, value);
|
||||
@@ -142522,11 +142519,11 @@ const httpm = __importStar(__nccwpck_require__(15538));
|
||||
const core = __importStar(__nccwpck_require__(42186));
|
||||
const configuration_1 = __nccwpck_require__(15778);
|
||||
const deprecation_collector_1 = __nccwpck_require__(22572);
|
||||
async function setupToken(develocityAccessKey, develocityTokenExpiry, enforceUrl, develocityUrl) {
|
||||
async function setupToken(develocityAccessKey, develocityTokenExpiry) {
|
||||
if (develocityAccessKey) {
|
||||
try {
|
||||
core.debug('Fetching short-lived token...');
|
||||
const tokens = await getToken(enforceUrl, develocityUrl, develocityAccessKey, develocityTokenExpiry);
|
||||
const tokens = await getToken(develocityAccessKey, develocityTokenExpiry);
|
||||
if (tokens != null && !tokens.isEmpty()) {
|
||||
core.debug(`Got token(s), setting the access key env vars`);
|
||||
const token = tokens.raw();
|
||||
@@ -142534,11 +142531,11 @@ async function setupToken(develocityAccessKey, develocityTokenExpiry, enforceUrl
|
||||
exportAccessKeyEnvVars(token);
|
||||
}
|
||||
else {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning();
|
||||
handleMissingAccessToken();
|
||||
}
|
||||
}
|
||||
catch (e) {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning();
|
||||
handleMissingAccessToken();
|
||||
core.warning(`Failed to fetch short-lived token, reason: ${e}`);
|
||||
}
|
||||
}
|
||||
@@ -142548,49 +142545,31 @@ function exportAccessKeyEnvVars(value) {
|
||||
;
|
||||
[configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar, configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key => core.exportVariable(key, value));
|
||||
}
|
||||
function clearAccessKeyEnvVarsWithDeprecationWarning() {
|
||||
function handleMissingAccessToken() {
|
||||
core.warning(`Failed to fetch short-lived token for Develocity`);
|
||||
if (process.env[configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
|
||||
(0, deprecation_collector_1.recordDeprecation)(`The ${configuration_1.BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`);
|
||||
}
|
||||
core.exportVariable(configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar, '');
|
||||
if (process.env[configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar]) {
|
||||
core.warning(`The ${configuration_1.BuildScanConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`);
|
||||
}
|
||||
}
|
||||
async function getToken(enforceUrl, serverUrl, accessKey, expiry) {
|
||||
async function getToken(accessKey, expiry) {
|
||||
const empty = new Promise(r => r(null));
|
||||
const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey);
|
||||
const shortLivedTokenClient = new ShortLivedTokenClient();
|
||||
async function promiseError(message) {
|
||||
return new Promise((resolve, reject) => reject(new Error(message)));
|
||||
}
|
||||
if (develocityAccessKey == null) {
|
||||
return empty;
|
||||
}
|
||||
if (enforceUrl === 'true' || develocityAccessKey.isSingleKey()) {
|
||||
if (!serverUrl) {
|
||||
return promiseError('Develocity Server URL not configured');
|
||||
}
|
||||
const hostname = extractHostname(serverUrl);
|
||||
if (hostname == null) {
|
||||
return promiseError('Could not extract hostname from Develocity server URL');
|
||||
}
|
||||
const hostAccessKey = develocityAccessKey.forHostname(hostname);
|
||||
if (!hostAccessKey) {
|
||||
return promiseError(`Could not find corresponding key for hostname ${hostname}`);
|
||||
}
|
||||
try {
|
||||
const token = await shortLivedTokenClient.fetchToken(serverUrl, hostAccessKey, expiry);
|
||||
return DevelocityAccessCredentials.of([token]);
|
||||
}
|
||||
catch (e) {
|
||||
return new Promise((resolve, reject) => reject(e));
|
||||
}
|
||||
}
|
||||
const tokens = new Array();
|
||||
for (const k of develocityAccessKey.keys) {
|
||||
try {
|
||||
core.info(`Requesting short-lived Develocity access token for ${k.hostname}`);
|
||||
const token = await shortLivedTokenClient.fetchToken(`https://${k.hostname}`, k, expiry);
|
||||
tokens.push(token);
|
||||
}
|
||||
catch (e) {
|
||||
core.info(`Failed to obtain short-lived Develocity access token for ${k.hostname}: ${e}`);
|
||||
}
|
||||
}
|
||||
if (tokens.length > 0) {
|
||||
@@ -142599,18 +142578,9 @@ async function getToken(enforceUrl, serverUrl, accessKey, expiry) {
|
||||
return empty;
|
||||
}
|
||||
exports.getToken = getToken;
|
||||
function extractHostname(serverUrl) {
|
||||
try {
|
||||
const parsedUrl = new URL(serverUrl);
|
||||
return parsedUrl.hostname;
|
||||
}
|
||||
catch (error) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
class ShortLivedTokenClient {
|
||||
constructor() {
|
||||
this.httpc = new httpm.HttpClient('gradle/setup-gradle');
|
||||
this.httpc = new httpm.HttpClient('gradle/actions/setup-gradle');
|
||||
this.maxRetries = 3;
|
||||
this.retryInterval = 1000;
|
||||
}
|
||||
@@ -142666,12 +142636,6 @@ class DevelocityAccessCredentials {
|
||||
isEmpty() {
|
||||
return this.keys.length === 0;
|
||||
}
|
||||
isSingleKey() {
|
||||
return this.keys.length === 1;
|
||||
}
|
||||
forHostname(hostname) {
|
||||
return this.keys.find(hostKey => hostKey.hostname === hostname);
|
||||
}
|
||||
raw() {
|
||||
return this.keys
|
||||
.map(k => `${k.hostname}${DevelocityAccessCredentials.hostDelimiter}${k.key}`)
|
||||
|
||||
2
dist/setup-gradle/post/index.js.map
vendored
2
dist/setup-gradle/post/index.js.map
vendored
File diff suppressed because one or more lines are too long
@@ -23,16 +23,7 @@ export async function setup(config: BuildScanConfig): Promise<void> {
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_USERNAME', config.getGradlePluginRepositoryUsername())
|
||||
maybeExportVariableNotEmpty('GRADLE_PLUGIN_REPOSITORY_PASSWORD', config.getGradlePluginRepositoryPassword())
|
||||
|
||||
setupToken(
|
||||
config.getDevelocityAccessKey(),
|
||||
config.getDevelocityTokenExpiry(),
|
||||
getEnv('DEVELOCITY_ENFORCE_URL'),
|
||||
getEnv('DEVELOCITY_URL')
|
||||
)
|
||||
}
|
||||
|
||||
function getEnv(variableName: string): string | undefined {
|
||||
return process.env[variableName]
|
||||
setupToken(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry())
|
||||
}
|
||||
|
||||
function maybeExportVariable(variableName: string, value: unknown): void {
|
||||
|
||||
@@ -3,27 +3,21 @@ import * as core from '@actions/core'
|
||||
import {BuildScanConfig} from '../configuration'
|
||||
import {recordDeprecation} from '../deprecation-collector'
|
||||
|
||||
export async function setupToken(
|
||||
develocityAccessKey: string,
|
||||
develocityTokenExpiry: string,
|
||||
enforceUrl: string | undefined,
|
||||
develocityUrl: string | undefined
|
||||
): Promise<void> {
|
||||
export async function setupToken(develocityAccessKey: string, develocityTokenExpiry: string): Promise<void> {
|
||||
if (develocityAccessKey) {
|
||||
try {
|
||||
core.debug('Fetching short-lived token...')
|
||||
const tokens = await getToken(enforceUrl, develocityUrl, develocityAccessKey, develocityTokenExpiry)
|
||||
const tokens = await getToken(develocityAccessKey, develocityTokenExpiry)
|
||||
if (tokens != null && !tokens.isEmpty()) {
|
||||
core.debug(`Got token(s), setting the access key env vars`)
|
||||
const token = tokens.raw()
|
||||
core.setSecret(token)
|
||||
exportAccessKeyEnvVars(token)
|
||||
} else {
|
||||
// In case of not being able to generate a token we set the env variable to empty to avoid leaks
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning()
|
||||
handleMissingAccessToken()
|
||||
}
|
||||
} catch (e) {
|
||||
clearAccessKeyEnvVarsWithDeprecationWarning()
|
||||
handleMissingAccessToken()
|
||||
core.warning(`Failed to fetch short-lived token, reason: ${e}`)
|
||||
}
|
||||
}
|
||||
@@ -35,58 +29,35 @@ function exportAccessKeyEnvVars(value: string): void {
|
||||
)
|
||||
}
|
||||
|
||||
function clearAccessKeyEnvVarsWithDeprecationWarning(): void {
|
||||
function handleMissingAccessToken(): void {
|
||||
core.warning(`Failed to fetch short-lived token for Develocity`)
|
||||
|
||||
if (process.env[BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
|
||||
// We do not clear the GRADLE_ENTERPRISE_ACCESS_KEY env var in v3, to let the users upgrade to DV 2024.1
|
||||
recordDeprecation(`The ${BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`)
|
||||
}
|
||||
core.exportVariable(BuildScanConfig.DevelocityAccessKeyEnvVar, '')
|
||||
if (process.env[BuildScanConfig.DevelocityAccessKeyEnvVar]) {
|
||||
core.warning(`The ${BuildScanConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`)
|
||||
}
|
||||
}
|
||||
|
||||
export async function getToken(
|
||||
enforceUrl: string | undefined,
|
||||
serverUrl: string | undefined,
|
||||
accessKey: string,
|
||||
expiry: string
|
||||
): Promise<DevelocityAccessCredentials | null> {
|
||||
export async function getToken(accessKey: string, expiry: string): Promise<DevelocityAccessCredentials | null> {
|
||||
const empty: Promise<DevelocityAccessCredentials | null> = new Promise(r => r(null))
|
||||
const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey)
|
||||
const shortLivedTokenClient = new ShortLivedTokenClient()
|
||||
|
||||
async function promiseError(message: string): Promise<DevelocityAccessCredentials | null> {
|
||||
return new Promise((resolve, reject) => reject(new Error(message)))
|
||||
}
|
||||
|
||||
if (develocityAccessKey == null) {
|
||||
return empty
|
||||
}
|
||||
if (enforceUrl === 'true' || develocityAccessKey.isSingleKey()) {
|
||||
if (!serverUrl) {
|
||||
return promiseError('Develocity Server URL not configured')
|
||||
}
|
||||
const hostname = extractHostname(serverUrl)
|
||||
if (hostname == null) {
|
||||
return promiseError('Could not extract hostname from Develocity server URL')
|
||||
}
|
||||
const hostAccessKey = develocityAccessKey.forHostname(hostname)
|
||||
if (!hostAccessKey) {
|
||||
return promiseError(`Could not find corresponding key for hostname ${hostname}`)
|
||||
}
|
||||
try {
|
||||
const token = await shortLivedTokenClient.fetchToken(serverUrl, hostAccessKey, expiry)
|
||||
return DevelocityAccessCredentials.of([token])
|
||||
} catch (e) {
|
||||
return new Promise((resolve, reject) => reject(e))
|
||||
}
|
||||
}
|
||||
|
||||
const tokens = new Array<HostnameAccessKey>()
|
||||
for (const k of develocityAccessKey.keys) {
|
||||
try {
|
||||
core.info(`Requesting short-lived Develocity access token for ${k.hostname}`)
|
||||
const token = await shortLivedTokenClient.fetchToken(`https://${k.hostname}`, k, expiry)
|
||||
tokens.push(token)
|
||||
} catch (e) {
|
||||
// Ignoring failed token, TODO: log this ?
|
||||
// Ignore failure to obtain token
|
||||
core.info(`Failed to obtain short-lived Develocity access token for ${k.hostname}: ${e}`)
|
||||
}
|
||||
}
|
||||
if (tokens.length > 0) {
|
||||
@@ -95,17 +66,8 @@ export async function getToken(
|
||||
return empty
|
||||
}
|
||||
|
||||
function extractHostname(serverUrl: string): string | null {
|
||||
try {
|
||||
const parsedUrl = new URL(serverUrl)
|
||||
return parsedUrl.hostname
|
||||
} catch (error) {
|
||||
return null
|
||||
}
|
||||
}
|
||||
|
||||
class ShortLivedTokenClient {
|
||||
httpc = new httpm.HttpClient('gradle/setup-gradle')
|
||||
httpc = new httpm.HttpClient('gradle/actions/setup-gradle')
|
||||
maxRetries = 3
|
||||
retryInterval = 1000
|
||||
|
||||
@@ -186,14 +148,6 @@ export class DevelocityAccessCredentials {
|
||||
return this.keys.length === 0
|
||||
}
|
||||
|
||||
isSingleKey(): boolean {
|
||||
return this.keys.length === 1
|
||||
}
|
||||
|
||||
forHostname(hostname: string): HostnameAccessKey | undefined {
|
||||
return this.keys.find(hostKey => hostKey.hostname === hostname)
|
||||
}
|
||||
|
||||
raw(): string {
|
||||
return this.keys
|
||||
.map(k => `${k.hostname}${DevelocityAccessCredentials.hostDelimiter}${k.key}`)
|
||||
|
||||
@@ -37,75 +37,40 @@ describe('short lived tokens', () => {
|
||||
message: 'connect ECONNREFUSED 127.0.0.1:3333',
|
||||
code: 'ECONNREFUSED'
|
||||
})
|
||||
try {
|
||||
await getToken('true', 'http://localhost:3333', 'localhost=xyz;host1=key1', '')
|
||||
expect('should have thrown').toBeUndefined()
|
||||
} catch (e) {
|
||||
// @ts-ignore
|
||||
expect(e.code).toBe('ECONNREFUSED')
|
||||
}
|
||||
await expect(getToken('localhost=key0', ''))
|
||||
.resolves
|
||||
.toBeNull()
|
||||
})
|
||||
|
||||
it('get short lived token fails when request fails', async () => {
|
||||
it('get short lived token is null when request fails', async () => {
|
||||
nock('http://dev:3333')
|
||||
.post('/api/auth/token')
|
||||
.times(3)
|
||||
.reply(500, 'Internal error')
|
||||
expect.assertions(1)
|
||||
await expect(getToken('true', 'http://dev:3333', 'dev=xyz;host1=key1', ''))
|
||||
.rejects
|
||||
.toThrow('Develocity short lived token request failed http://dev:3333 with status code 500')
|
||||
})
|
||||
|
||||
it('get short lived token fails when server url is not set', async () => {
|
||||
expect.assertions(1)
|
||||
await expect(getToken('true', undefined, 'localhost=xyz;host1=key1', ''))
|
||||
.rejects
|
||||
.toThrow('Develocity Server URL not configured')
|
||||
})
|
||||
|
||||
it('get short lived token returns null when access key is empty', async () => {
|
||||
expect.assertions(1)
|
||||
await expect(getToken('true', 'http://dev:3333', '', ''))
|
||||
await expect(getToken('dev=xyz', ''))
|
||||
.resolves
|
||||
.toBeNull()
|
||||
})
|
||||
|
||||
it('get short lived token fails when host cannot be extracted from server url', async () => {
|
||||
it('get short lived token returns null when access key is empty', async () => {
|
||||
expect.assertions(1)
|
||||
await expect(getToken('true', 'not_a_url', 'localhost=xyz;host1=key1', ''))
|
||||
.rejects
|
||||
.toThrow('Could not extract hostname from Develocity server URL')
|
||||
await expect(getToken('', ''))
|
||||
.resolves
|
||||
.toBeNull()
|
||||
})
|
||||
|
||||
it('get short lived token fails when access key does not contain corresponding host', async () => {
|
||||
expect.assertions(1)
|
||||
await expect(getToken('true', 'http://dev', 'host1=xyz;host2=key2', ''))
|
||||
.rejects
|
||||
.toThrow('Could not find corresponding key for hostname dev')
|
||||
})
|
||||
|
||||
it('get short lived token succeeds when enforce url is true', async () => {
|
||||
it('get short lived token succeeds when single key is set', async () => {
|
||||
nock('https://dev')
|
||||
.post('/api/auth/token')
|
||||
.reply(200, 'token')
|
||||
expect.assertions(1)
|
||||
await expect(getToken('true', 'https://dev', 'dev=key1;host1=key2', ''))
|
||||
await expect(getToken('dev=key1', ''))
|
||||
.resolves
|
||||
.toEqual({"keys": [{"hostname": "dev", "key": "token"}]})
|
||||
})
|
||||
|
||||
it('get short lived token succeeds when enforce url is false and single key is set', async () => {
|
||||
nock('https://dev')
|
||||
.post('/api/auth/token')
|
||||
.reply(200, 'token')
|
||||
expect.assertions(1)
|
||||
await expect(getToken('false', 'https://dev', 'dev=key1', ''))
|
||||
.resolves
|
||||
.toEqual({"keys": [{"hostname": "dev", "key": "token"}]})
|
||||
})
|
||||
|
||||
it('get short lived token succeeds when enforce url is false and multiple keys are set', async () => {
|
||||
it('get short lived token succeeds when multiple keys are set', async () => {
|
||||
nock('https://dev')
|
||||
.post('/api/auth/token')
|
||||
.reply(200, 'token1')
|
||||
@@ -113,12 +78,12 @@ describe('short lived tokens', () => {
|
||||
.post('/api/auth/token')
|
||||
.reply(200, 'token2')
|
||||
expect.assertions(1)
|
||||
await expect(getToken('false', 'https://dev', 'dev=key1;prod=key2', ''))
|
||||
await expect(getToken('dev=key1;prod=key2', ''))
|
||||
.resolves
|
||||
.toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]})
|
||||
})
|
||||
|
||||
it('get short lived token succeeds when enforce url is false and multiple keys are set and one is failing', async () => {
|
||||
it('get short lived token succeeds when multiple keys are set and one is failing', async () => {
|
||||
nock('https://dev')
|
||||
.post('/api/auth/token')
|
||||
.reply(200, 'token1')
|
||||
@@ -130,8 +95,23 @@ describe('short lived tokens', () => {
|
||||
.post('/api/auth/token')
|
||||
.reply(200, 'token2')
|
||||
expect.assertions(1)
|
||||
await expect(getToken('false', 'https://dev', 'dev=key1;bogus=key0;prod=key2', ''))
|
||||
await expect(getToken('dev=key1;bogus=key0;prod=key2', ''))
|
||||
.resolves
|
||||
.toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]})
|
||||
})
|
||||
|
||||
it('get short lived token is null when multiple keys are set and all are failing', async () => {
|
||||
nock('https://dev')
|
||||
.post('/api/auth/token')
|
||||
.times(3)
|
||||
.reply(500, 'Internal Error')
|
||||
nock('https://bogus')
|
||||
.post('/api/auth/token')
|
||||
.times(3)
|
||||
.reply(500, 'Internal Error')
|
||||
expect.assertions(1)
|
||||
await expect(getToken('dev=key1;bogus=key0', ''))
|
||||
.resolves
|
||||
.toBeNull()
|
||||
})
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user