Improve dependency graph failure handling (#1036)

One goal for the original dependency-graph support was to minimize it's
impact on existing workflows, by operating transparently and not
impacting the build outcome. This meant that any failures in
dependency-graph generation or submission were logged as warnings, but
did not cause the workflow to fail.

However, in some cases the primary purpose of a workflow is to generate
and submit a dependency graph: in these cases it is desirable to have
the workflow fail when this process breaks.

This PR introduces a new `dependency-graph-continue-on-failure`
parameter, which when `false` will enable the latter behaviour. It also
adds test coverage for different failures in dependency graph generation
and submission.

Fixes #1034 
Fixes #997
This commit is contained in:
Daz DeBoer 2024-01-13 15:32:28 +01:00 committed by GitHub
commit 7099569988
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 302 additions and 25 deletions

View file

@ -36,6 +36,11 @@ jobs:
with: with:
cache-key-prefix: ${{github.run_number}}- cache-key-prefix: ${{github.run_number}}-
dependency-graph-failures:
uses: ./.github/workflows/integ-test-dependency-graph-failures.yml
with:
cache-key-prefix: ${{github.run_number}}-
execution-with-caching: execution-with-caching:
uses: ./.github/workflows/integ-test-execution-with-caching.yml uses: ./.github/workflows/integ-test-execution-with-caching.yml
with: with:

View file

@ -59,6 +59,13 @@ jobs:
runner-os: '["ubuntu-latest"]' runner-os: '["ubuntu-latest"]'
download-dist: true download-dist: true
dependency-graph-failures:
needs: build-distribution
uses: ./.github/workflows/integ-test-dependency-graph-failures.yml
with:
runner-os: '["ubuntu-latest"]'
download-dist: true
execution-with-caching: execution-with-caching:
needs: build-distribution needs: build-distribution
uses: ./.github/workflows/integ-test-execution-with-caching.yml uses: ./.github/workflows/integ-test-execution-with-caching.yml

View file

@ -0,0 +1,103 @@
name: Test dependency graph
on:
workflow_call:
inputs:
cache-key-prefix:
type: string
runner-os:
type: string
default: '["ubuntu-latest"]'
download-dist:
type: boolean
default: false
env:
DOWNLOAD_DIST: ${{ inputs.download-dist }}
GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: dependency-graph-${{ inputs.cache-key-prefix }}
GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
jobs:
unsupported-gradle-version-warning:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Download distribution if required
uses: ./.github/actions/download-dist
- name: Setup Gradle for dependency-graph generate
uses: ./
with:
gradle-version: 7.0.1
dependency-graph: generate
dependency-graph-continue-on-failure: true
- name: Run with unsupported Gradle version
working-directory: .github/workflow-samples/groovy-dsl
run: |
if gradle help | grep -q 'warning::Dependency Graph is not supported for Gradle 7.0.1. No dependency snapshot will be generated.';
then
echo "Got the expected warning"
else
echo "Did not get the expected warning"
exit 1
fi
unsupported-gradle-version-failure:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Download distribution if required
uses: ./.github/actions/download-dist
- name: Setup Gradle for dependency-graph generate
uses: ./
with:
gradle-version: 7.0.1
dependency-graph: generate
dependency-graph-continue-on-failure: false
- name: Run with unsupported Gradle version
working-directory: .github/workflow-samples/groovy-dsl
run: |
if gradle help; then
echo "Expected build to fail with Gradle 7.0.1"
exit 1
fi
insufficient-permissions-warning:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Download distribution if required
uses: ./.github/actions/download-dist
- name: Setup Gradle for dependency-graph generate
uses: ./
with:
dependency-graph: generate-and-submit
dependency-graph-continue-on-failure: true
- name: Run with insufficient permissions
working-directory: .github/workflow-samples/groovy-dsl
run: ./gradlew help
# This test is primarily for demonstration: it's unclear how to check for warnings emitted in the post-action
SHOULD_FAIL-insufficient-permissions-failure:
runs-on: ubuntu-latest
permissions:
contents: read
continue-on-error: true
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Download distribution if required
uses: ./.github/actions/download-dist
- name: Setup Gradle for dependency-graph generate
uses: ./
with:
dependency-graph: generate-and-submit
dependency-graph-continue-on-failure: false
- name: Run with insufficient permissions
working-directory: .github/workflow-samples/groovy-dsl
run: ./gradlew help
# This test is primarily for demonstration: it's unclear how to check for a failure in the post-action

View file

@ -512,6 +512,22 @@ Depending on [repository settings](https://docs.github.com/en/actions/security-g
> for a PR submitted from a forked repository. > for a PR submitted from a forked repository.
> For a configuration that supports this setup, see [Dependency Graphs for pull request workflows](#dependency-graphs-for-pull-request-workflows). > For a configuration that supports this setup, see [Dependency Graphs for pull request workflows](#dependency-graphs-for-pull-request-workflows).
### Making dependency graph failures cause Job failures
By default, if a failure is encountered when generating or submitting the dependency graph, the action will log the failure as a warning and continue.
This allows your workflow to be resilient to dependency graph failures, in case dependency graph production is a side-effect rather than the primary purpose of a workflow.
If instead you have a workflow that has a primary purpose to generate and submit a dependency graph, then it makes sense for this workflow to fail if the dependency
graph cannot be generated or submitted. You can enable this behaviour with the `dependency-graph-continue-on-failure` parameter, which defaults to `true`.
```yaml
# Ensure that the workflow Job will fail if the dependency graph cannot be submitted
- uses: gradle/gradle-build-action@v3
with:
dependency-graph: generate-and-submit
dependency-graph-continue-on-failure: false
```
### Using a custom plugin repository ### Using a custom plugin repository
By default, the action downloads the `github-dependency-graph-gradle-plugin` from the Gradle Plugin Portal (https://plugins.gradle.org). If your GitHub Actions environment does not have access to this URL, you can specify a custom plugin repository to use. By default, the action downloads the `github-dependency-graph-gradle-plugin` from the Gradle Plugin Portal (https://plugins.gradle.org). If your GitHub Actions environment does not have access to this URL, you can specify a custom plugin repository to use.

View file

@ -73,6 +73,11 @@ inputs:
required: false required: false
default: 'disabled' default: 'disabled'
dependency-graph-continue-on-failure:
description: When 'false' a failure to generate or submit a dependency graph will fail the Step or Job. When 'true' a warning will be emitted but no failure will result.
required: false
default: true
artifact-retention-days: artifact-retention-days:
description: Specifies the number of days to retain any artifacts generated by the action. If not set, the default retention settings for the repository will apply. description: Specifies the number of days to retain any artifacts generated by the action. If not set, the default retention settings for the repository will apply.
required: false required: false

48
dist/main/index.js vendored
View file

@ -139971,6 +139971,7 @@ const request_error_1 = __nccwpck_require__(10537);
const path = __importStar(__nccwpck_require__(71017)); const path = __importStar(__nccwpck_require__(71017));
const fs_1 = __importDefault(__nccwpck_require__(57147)); const fs_1 = __importDefault(__nccwpck_require__(57147));
const layout = __importStar(__nccwpck_require__(28182)); const layout = __importStar(__nccwpck_require__(28182));
const errors_1 = __nccwpck_require__(36976);
const input_params_1 = __nccwpck_require__(23885); const input_params_1 = __nccwpck_require__(23885);
const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_'; const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_';
function setup(option) { function setup(option) {
@ -139984,6 +139985,7 @@ function setup(option) {
} }
core.info('Enabling dependency graph generation'); core.info('Enabling dependency graph generation');
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true'); core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true');
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', (0, input_params_1.getDependencyGraphContinueOnFailure)());
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', getJobCorrelator()); core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', getJobCorrelator());
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId); core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId);
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref); core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref);
@ -140009,7 +140011,7 @@ function complete(option) {
} }
} }
catch (e) { catch (e) {
core.warning(`Failed to ${option} dependency graph. Will continue. ${String(e)}`); warnOrFail(option, e);
} }
}); });
} }
@ -140040,7 +140042,7 @@ function downloadAndSubmitDependencyGraphs() {
yield submitDependencyGraphs(yield downloadDependencyGraphs()); yield submitDependencyGraphs(yield downloadDependencyGraphs());
} }
catch (e) { catch (e) {
core.warning(`Download and submit dependency graph failed. Will continue. ${String(e)}`); warnOrFail(input_params_1.DependencyGraphOption.DownloadAndSubmit, e);
} }
}); });
} }
@ -140052,7 +140054,7 @@ function submitDependencyGraphs(dependencyGraphFiles) {
} }
catch (error) { catch (error) {
if (error instanceof request_error_1.RequestError) { if (error instanceof request_error_1.RequestError) {
core.warning(buildWarningMessage(jsonFile, error)); throw new Error(translateErrorMessage(jsonFile, error));
} }
else { else {
throw error; throw error;
@ -140061,9 +140063,9 @@ function submitDependencyGraphs(dependencyGraphFiles) {
} }
}); });
} }
function buildWarningMessage(jsonFile, error) { function translateErrorMessage(jsonFile, error) {
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile); const relativeJsonFile = getRelativePathFromWorkspace(jsonFile);
const mainWarning = `Failed to submit dependency graph ${relativeJsonFile}.\n${String(error)}`; const mainWarning = `Dependency submission failed for ${relativeJsonFile}.\n${String(error)}`;
if (error.message === 'Resource not accessible by integration') { if (error.message === 'Resource not accessible by integration') {
return `${mainWarning} return `${mainWarning}
Please ensure that the 'contents: write' permission is available for the workflow job. Please ensure that the 'contents: write' permission is available for the workflow job.
@ -140118,6 +140120,12 @@ function findDependencyGraphFiles(dir) {
return graphFiles; return graphFiles;
}); });
} }
function warnOrFail(option, error) {
if (!(0, input_params_1.getDependencyGraphContinueOnFailure)()) {
throw new errors_1.PostActionJobFailure(error);
}
core.warning(`Failed to ${option} dependency graph. Will continue.\n${String(error)}`);
}
function getOctokit() { function getOctokit() {
return github.getOctokit(getGithubToken()); return github.getOctokit(getGithubToken());
} }
@ -140169,6 +140177,30 @@ function sanitize(value) {
} }
/***/ }),
/***/ 36976:
/***/ ((__unused_webpack_module, exports) => {
"use strict";
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.PostActionJobFailure = void 0;
class PostActionJobFailure extends Error {
constructor(error) {
if (error instanceof Error) {
super(error.message);
this.name = error.name;
this.stack = error.stack;
}
else {
super(String(error));
}
}
}
exports.PostActionJobFailure = PostActionJobFailure;
/***/ }), /***/ }),
/***/ 23584: /***/ 23584:
@ -140332,7 +140364,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result; return result;
}; };
Object.defineProperty(exports, "__esModule", ({ value: true })); Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.JobSummaryOption = exports.DependencyGraphOption = exports.parseNumericInput = exports.getArtifactRetentionDays = exports.getDependencyGraphOption = exports.getPRCommentOption = exports.getJobSummaryOption = exports.isJobSummaryEnabled = exports.getGithubToken = exports.getJobMatrix = exports.getArguments = exports.getGradleVersion = exports.getBuildRootDirectory = exports.getCacheExcludes = exports.getCacheIncludes = exports.getCacheEncryptionKey = exports.isCacheCleanupEnabled = exports.isCacheDebuggingEnabled = exports.isCacheStrictMatch = exports.isCacheOverwriteExisting = exports.isCacheWriteOnly = exports.isCacheReadOnly = exports.isCacheDisabled = void 0; exports.JobSummaryOption = exports.DependencyGraphOption = exports.parseNumericInput = exports.getArtifactRetentionDays = exports.getDependencyGraphContinueOnFailure = exports.getDependencyGraphOption = exports.getPRCommentOption = exports.getJobSummaryOption = exports.isJobSummaryEnabled = exports.getGithubToken = exports.getJobMatrix = exports.getArguments = exports.getGradleVersion = exports.getBuildRootDirectory = exports.getCacheExcludes = exports.getCacheIncludes = exports.getCacheEncryptionKey = exports.isCacheCleanupEnabled = exports.isCacheDebuggingEnabled = exports.isCacheStrictMatch = exports.isCacheOverwriteExisting = exports.isCacheWriteOnly = exports.isCacheReadOnly = exports.isCacheDisabled = void 0;
const core = __importStar(__nccwpck_require__(42186)); const core = __importStar(__nccwpck_require__(42186));
const string_argv_1 = __nccwpck_require__(19663); const string_argv_1 = __nccwpck_require__(19663);
function isCacheDisabled() { function isCacheDisabled() {
@ -140437,6 +140469,10 @@ function getDependencyGraphOption() {
throw TypeError(`The value '${val}' is not valid for 'dependency-graph'. Valid values are: [disabled, generate, generate-and-submit, generate-and-upload, download-and-submit]. The default value is 'disabled'.`); throw TypeError(`The value '${val}' is not valid for 'dependency-graph'. Valid values are: [disabled, generate, generate-and-submit, generate-and-upload, download-and-submit]. The default value is 'disabled'.`);
} }
exports.getDependencyGraphOption = getDependencyGraphOption; exports.getDependencyGraphOption = getDependencyGraphOption;
function getDependencyGraphContinueOnFailure() {
return getBooleanInput('dependency-graph-continue-on-failure', true);
}
exports.getDependencyGraphContinueOnFailure = getDependencyGraphContinueOnFailure;
function getArtifactRetentionDays() { function getArtifactRetentionDays() {
const val = core.getInput('artifact-retention-days'); const val = core.getInput('artifact-retention-days');
return parseNumericInput('artifact-retention-days', val, 0); return parseNumericInput('artifact-retention-days', val, 0);

File diff suppressed because one or more lines are too long

53
dist/post/index.js vendored
View file

@ -137424,6 +137424,7 @@ const request_error_1 = __nccwpck_require__(10537);
const path = __importStar(__nccwpck_require__(71017)); const path = __importStar(__nccwpck_require__(71017));
const fs_1 = __importDefault(__nccwpck_require__(57147)); const fs_1 = __importDefault(__nccwpck_require__(57147));
const layout = __importStar(__nccwpck_require__(28182)); const layout = __importStar(__nccwpck_require__(28182));
const errors_1 = __nccwpck_require__(36976);
const input_params_1 = __nccwpck_require__(23885); const input_params_1 = __nccwpck_require__(23885);
const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_'; const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_';
function setup(option) { function setup(option) {
@ -137437,6 +137438,7 @@ function setup(option) {
} }
core.info('Enabling dependency graph generation'); core.info('Enabling dependency graph generation');
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true'); core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true');
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', (0, input_params_1.getDependencyGraphContinueOnFailure)());
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', getJobCorrelator()); core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', getJobCorrelator());
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId); core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId);
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref); core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref);
@ -137462,7 +137464,7 @@ function complete(option) {
} }
} }
catch (e) { catch (e) {
core.warning(`Failed to ${option} dependency graph. Will continue. ${String(e)}`); warnOrFail(option, e);
} }
}); });
} }
@ -137493,7 +137495,7 @@ function downloadAndSubmitDependencyGraphs() {
yield submitDependencyGraphs(yield downloadDependencyGraphs()); yield submitDependencyGraphs(yield downloadDependencyGraphs());
} }
catch (e) { catch (e) {
core.warning(`Download and submit dependency graph failed. Will continue. ${String(e)}`); warnOrFail(input_params_1.DependencyGraphOption.DownloadAndSubmit, e);
} }
}); });
} }
@ -137505,7 +137507,7 @@ function submitDependencyGraphs(dependencyGraphFiles) {
} }
catch (error) { catch (error) {
if (error instanceof request_error_1.RequestError) { if (error instanceof request_error_1.RequestError) {
core.warning(buildWarningMessage(jsonFile, error)); throw new Error(translateErrorMessage(jsonFile, error));
} }
else { else {
throw error; throw error;
@ -137514,9 +137516,9 @@ function submitDependencyGraphs(dependencyGraphFiles) {
} }
}); });
} }
function buildWarningMessage(jsonFile, error) { function translateErrorMessage(jsonFile, error) {
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile); const relativeJsonFile = getRelativePathFromWorkspace(jsonFile);
const mainWarning = `Failed to submit dependency graph ${relativeJsonFile}.\n${String(error)}`; const mainWarning = `Dependency submission failed for ${relativeJsonFile}.\n${String(error)}`;
if (error.message === 'Resource not accessible by integration') { if (error.message === 'Resource not accessible by integration') {
return `${mainWarning} return `${mainWarning}
Please ensure that the 'contents: write' permission is available for the workflow job. Please ensure that the 'contents: write' permission is available for the workflow job.
@ -137571,6 +137573,12 @@ function findDependencyGraphFiles(dir) {
return graphFiles; return graphFiles;
}); });
} }
function warnOrFail(option, error) {
if (!(0, input_params_1.getDependencyGraphContinueOnFailure)()) {
throw new errors_1.PostActionJobFailure(error);
}
core.warning(`Failed to ${option} dependency graph. Will continue.\n${String(error)}`);
}
function getOctokit() { function getOctokit() {
return github.getOctokit(getGithubToken()); return github.getOctokit(getGithubToken());
} }
@ -137622,6 +137630,30 @@ function sanitize(value) {
} }
/***/ }),
/***/ 36976:
/***/ ((__unused_webpack_module, exports) => {
"use strict";
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.PostActionJobFailure = void 0;
class PostActionJobFailure extends Error {
constructor(error) {
if (error instanceof Error) {
super(error.message);
this.name = error.name;
this.stack = error.stack;
}
else {
super(String(error));
}
}
}
exports.PostActionJobFailure = PostActionJobFailure;
/***/ }), /***/ }),
/***/ 23885: /***/ 23885:
@ -137653,7 +137685,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result; return result;
}; };
Object.defineProperty(exports, "__esModule", ({ value: true })); Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.JobSummaryOption = exports.DependencyGraphOption = exports.parseNumericInput = exports.getArtifactRetentionDays = exports.getDependencyGraphOption = exports.getPRCommentOption = exports.getJobSummaryOption = exports.isJobSummaryEnabled = exports.getGithubToken = exports.getJobMatrix = exports.getArguments = exports.getGradleVersion = exports.getBuildRootDirectory = exports.getCacheExcludes = exports.getCacheIncludes = exports.getCacheEncryptionKey = exports.isCacheCleanupEnabled = exports.isCacheDebuggingEnabled = exports.isCacheStrictMatch = exports.isCacheOverwriteExisting = exports.isCacheWriteOnly = exports.isCacheReadOnly = exports.isCacheDisabled = void 0; exports.JobSummaryOption = exports.DependencyGraphOption = exports.parseNumericInput = exports.getArtifactRetentionDays = exports.getDependencyGraphContinueOnFailure = exports.getDependencyGraphOption = exports.getPRCommentOption = exports.getJobSummaryOption = exports.isJobSummaryEnabled = exports.getGithubToken = exports.getJobMatrix = exports.getArguments = exports.getGradleVersion = exports.getBuildRootDirectory = exports.getCacheExcludes = exports.getCacheIncludes = exports.getCacheEncryptionKey = exports.isCacheCleanupEnabled = exports.isCacheDebuggingEnabled = exports.isCacheStrictMatch = exports.isCacheOverwriteExisting = exports.isCacheWriteOnly = exports.isCacheReadOnly = exports.isCacheDisabled = void 0;
const core = __importStar(__nccwpck_require__(42186)); const core = __importStar(__nccwpck_require__(42186));
const string_argv_1 = __nccwpck_require__(19663); const string_argv_1 = __nccwpck_require__(19663);
function isCacheDisabled() { function isCacheDisabled() {
@ -137758,6 +137790,10 @@ function getDependencyGraphOption() {
throw TypeError(`The value '${val}' is not valid for 'dependency-graph'. Valid values are: [disabled, generate, generate-and-submit, generate-and-upload, download-and-submit]. The default value is 'disabled'.`); throw TypeError(`The value '${val}' is not valid for 'dependency-graph'. Valid values are: [disabled, generate, generate-and-submit, generate-and-upload, download-and-submit]. The default value is 'disabled'.`);
} }
exports.getDependencyGraphOption = getDependencyGraphOption; exports.getDependencyGraphOption = getDependencyGraphOption;
function getDependencyGraphContinueOnFailure() {
return getBooleanInput('dependency-graph-continue-on-failure', true);
}
exports.getDependencyGraphContinueOnFailure = getDependencyGraphContinueOnFailure;
function getArtifactRetentionDays() { function getArtifactRetentionDays() {
const val = core.getInput('artifact-retention-days'); const val = core.getInput('artifact-retention-days');
return parseNumericInput('artifact-retention-days', val, 0); return parseNumericInput('artifact-retention-days', val, 0);
@ -138021,6 +138057,7 @@ Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.run = void 0; exports.run = void 0;
const core = __importStar(__nccwpck_require__(42186)); const core = __importStar(__nccwpck_require__(42186));
const setupGradle = __importStar(__nccwpck_require__(18652)); const setupGradle = __importStar(__nccwpck_require__(18652));
const errors_1 = __nccwpck_require__(36976);
process.on('uncaughtException', e => handleFailure(e)); process.on('uncaughtException', e => handleFailure(e));
function run() { function run() {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
@ -138028,6 +138065,10 @@ function run() {
yield setupGradle.complete(); yield setupGradle.complete();
} }
catch (error) { catch (error) {
if (error instanceof errors_1.PostActionJobFailure) {
core.setFailed(String(error));
return;
}
handleFailure(error); handleFailure(error);
} }
}); });

File diff suppressed because one or more lines are too long

View file

@ -10,7 +10,13 @@ import * as path from 'path'
import fs from 'fs' import fs from 'fs'
import * as layout from './repository-layout' import * as layout from './repository-layout'
import {DependencyGraphOption, getJobMatrix, getArtifactRetentionDays} from './input-params' import {PostActionJobFailure} from './errors'
import {
DependencyGraphOption,
getDependencyGraphContinueOnFailure,
getJobMatrix,
getArtifactRetentionDays
} from './input-params'
const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_' const DEPENDENCY_GRAPH_PREFIX = 'dependency-graph_'
@ -26,6 +32,7 @@ export async function setup(option: DependencyGraphOption): Promise<void> {
core.info('Enabling dependency graph generation') core.info('Enabling dependency graph generation')
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true') core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true')
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', getDependencyGraphContinueOnFailure())
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', getJobCorrelator()) core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', getJobCorrelator())
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId) core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId)
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref) core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref)
@ -51,7 +58,7 @@ export async function complete(option: DependencyGraphOption): Promise<void> {
await uploadDependencyGraphs(await findGeneratedDependencyGraphFiles()) await uploadDependencyGraphs(await findGeneratedDependencyGraphFiles())
} }
} catch (e) { } catch (e) {
core.warning(`Failed to ${option} dependency graph. Will continue. ${String(e)}`) warnOrFail(option, e)
} }
} }
@ -78,7 +85,7 @@ async function downloadAndSubmitDependencyGraphs(): Promise<void> {
try { try {
await submitDependencyGraphs(await downloadDependencyGraphs()) await submitDependencyGraphs(await downloadDependencyGraphs())
} catch (e) { } catch (e) {
core.warning(`Download and submit dependency graph failed. Will continue. ${String(e)}`) warnOrFail(DependencyGraphOption.DownloadAndSubmit, e)
} }
} }
@ -88,7 +95,7 @@ async function submitDependencyGraphs(dependencyGraphFiles: string[]): Promise<v
await submitDependencyGraphFile(jsonFile) await submitDependencyGraphFile(jsonFile)
} catch (error) { } catch (error) {
if (error instanceof RequestError) { if (error instanceof RequestError) {
core.warning(buildWarningMessage(jsonFile, error)) throw new Error(translateErrorMessage(jsonFile, error))
} else { } else {
throw error throw error
} }
@ -96,9 +103,9 @@ async function submitDependencyGraphs(dependencyGraphFiles: string[]): Promise<v
} }
} }
function buildWarningMessage(jsonFile: string, error: RequestError): string { function translateErrorMessage(jsonFile: string, error: RequestError): string {
const relativeJsonFile = getRelativePathFromWorkspace(jsonFile) const relativeJsonFile = getRelativePathFromWorkspace(jsonFile)
const mainWarning = `Failed to submit dependency graph ${relativeJsonFile}.\n${String(error)}` const mainWarning = `Dependency submission failed for ${relativeJsonFile}.\n${String(error)}`
if (error.message === 'Resource not accessible by integration') { if (error.message === 'Resource not accessible by integration') {
return `${mainWarning} return `${mainWarning}
Please ensure that the 'contents: write' permission is available for the workflow job. Please ensure that the 'contents: write' permission is available for the workflow job.
@ -160,6 +167,14 @@ async function findDependencyGraphFiles(dir: string): Promise<string[]> {
return graphFiles return graphFiles
} }
function warnOrFail(option: String, error: unknown): void {
if (!getDependencyGraphContinueOnFailure()) {
throw new PostActionJobFailure(error)
}
core.warning(`Failed to ${option} dependency graph. Will continue.\n${String(error)}`)
}
function getOctokit(): InstanceType<typeof GitHub> { function getOctokit(): InstanceType<typeof GitHub> {
return github.getOctokit(getGithubToken()) return github.getOctokit(getGithubToken())
} }

11
src/errors.ts Normal file
View file

@ -0,0 +1,11 @@
export class PostActionJobFailure extends Error {
constructor(error: unknown) {
if (error instanceof Error) {
super(error.message)
this.name = error.name
this.stack = error.stack
} else {
super(String(error))
}
}
}

View file

@ -107,6 +107,10 @@ export function getDependencyGraphOption(): DependencyGraphOption {
) )
} }
export function getDependencyGraphContinueOnFailure(): boolean {
return getBooleanInput('dependency-graph-continue-on-failure', true)
}
export function getArtifactRetentionDays(): number { export function getArtifactRetentionDays(): number {
const val = core.getInput('artifact-retention-days') const val = core.getInput('artifact-retention-days')
return parseNumericInput('artifact-retention-days', val, 0) return parseNumericInput('artifact-retention-days', val, 0)

View file

@ -1,5 +1,6 @@
import * as core from '@actions/core' import * as core from '@actions/core'
import * as setupGradle from './setup-gradle' import * as setupGradle from './setup-gradle'
import {PostActionJobFailure} from './errors'
// Catch and log any unhandled exceptions. These exceptions can leak out of the uploadChunk method in // Catch and log any unhandled exceptions. These exceptions can leak out of the uploadChunk method in
// @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to // @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to
@ -13,6 +14,11 @@ export async function run(): Promise<void> {
try { try {
await setupGradle.complete() await setupGradle.complete()
} catch (error) { } catch (error) {
if (error instanceof PostActionJobFailure) {
core.setFailed(String(error))
return
}
handleFailure(error) handleFailure(error)
} }
} }

View file

@ -9,7 +9,7 @@ buildscript {
maven { url pluginRepositoryUrl } maven { url pluginRepositoryUrl }
} }
dependencies { dependencies {
classpath "org.gradle:github-dependency-graph-gradle-plugin:1.1.0" classpath "org.gradle:github-dependency-graph-gradle-plugin:1.1.1"
} }
} }
apply plugin: org.gradle.github.GitHubDependencyGraphPlugin apply plugin: org.gradle.github.GitHubDependencyGraphPlugin

View file

@ -6,8 +6,13 @@ if (getVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED') != "true") {
} }
// Do not run for unsupported versions of Gradle // Do not run for unsupported versions of Gradle
if (GradleVersion.current().baseVersion < GradleVersion.version("5.0")) { def gradleVersion = GradleVersion.current().baseVersion
println "::warning::Dependency Graph is not supported for Gradle versions < 5.0. No dependency snapshot will be generated." if (gradleVersion < GradleVersion.version("5.2") ||
(gradleVersion >= GradleVersion.version("7.0") && gradleVersion < GradleVersion.version("7.1"))) {
if (getVariable('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE') != "true") {
throw new GradleException("Dependency Graph is not supported for ${gradleVersion}. No dependency snapshot will be generated.")
}
println "::warning::Dependency Graph is not supported for ${gradleVersion}. No dependency snapshot will be generated."
return return
} }

View file

@ -24,6 +24,7 @@ class BaseInitScriptTest extends Specification {
static final TestGradleVersion GRADLE_5_X = new TestGradleVersion(GradleVersion.version('5.6.4'), 8, 12) static final TestGradleVersion GRADLE_5_X = new TestGradleVersion(GradleVersion.version('5.6.4'), 8, 12)
static final TestGradleVersion GRADLE_6_NO_BUILD_SERVICE = new TestGradleVersion(GradleVersion.version('6.5.1'), 8, 14) static final TestGradleVersion GRADLE_6_NO_BUILD_SERVICE = new TestGradleVersion(GradleVersion.version('6.5.1'), 8, 14)
static final TestGradleVersion GRADLE_6_X = new TestGradleVersion(GradleVersion.version('6.9.4'), 8, 15) static final TestGradleVersion GRADLE_6_X = new TestGradleVersion(GradleVersion.version('6.9.4'), 8, 15)
static final TestGradleVersion GRADLE_7_1 = new TestGradleVersion(GradleVersion.version('7.6.2'), 8, 19)
static final TestGradleVersion GRADLE_7_X = new TestGradleVersion(GradleVersion.version('7.6.2'), 8, 19) static final TestGradleVersion GRADLE_7_X = new TestGradleVersion(GradleVersion.version('7.6.2'), 8, 19)
static final TestGradleVersion GRADLE_8_0 = new TestGradleVersion(GradleVersion.version('8.0.2'), 8, 19) static final TestGradleVersion GRADLE_8_0 = new TestGradleVersion(GradleVersion.version('8.0.2'), 8, 19)
static final TestGradleVersion GRADLE_8_X = new TestGradleVersion(GradleVersion.version('8.5'), 8, 19) static final TestGradleVersion GRADLE_8_X = new TestGradleVersion(GradleVersion.version('8.5'), 8, 19)

View file

@ -1,11 +1,16 @@
package com.gradle.gradlebuildaction package com.gradle.gradlebuildaction
import org.gradle.util.GradleVersion
import static org.junit.Assume.assumeTrue import static org.junit.Assume.assumeTrue
class TestDependencyGraph extends BaseInitScriptTest { class TestDependencyGraph extends BaseInitScriptTest {
def initScript = 'gradle-build-action.github-dependency-graph.init.gradle' def initScript = 'gradle-build-action.github-dependency-graph.init.gradle'
static final List<TestGradleVersion> NO_DEPENDENCY_GRAPH_VERSIONS = [GRADLE_3_X, GRADLE_4_X] static final TestGradleVersion GRADLE_5_1 = new TestGradleVersion(GradleVersion.version('5.1.1'), 8, 12)
static final TestGradleVersion GRADLE_7_0 = new TestGradleVersion(GradleVersion.version('7.0.1'), 8, 12)
static final List<TestGradleVersion> NO_DEPENDENCY_GRAPH_VERSIONS = [GRADLE_3_X, GRADLE_4_X, GRADLE_5_1, GRADLE_7_0]
static final List<TestGradleVersion> DEPENDENCY_GRAPH_VERSIONS = ALL_VERSIONS - NO_DEPENDENCY_GRAPH_VERSIONS static final List<TestGradleVersion> DEPENDENCY_GRAPH_VERSIONS = ALL_VERSIONS - NO_DEPENDENCY_GRAPH_VERSIONS
def "does not produce dependency graph when not enabled"() { def "does not produce dependency graph when not enabled"() {
@ -56,7 +61,23 @@ class TestDependencyGraph extends BaseInitScriptTest {
then: then:
assert !reportsDir.exists() assert !reportsDir.exists()
assert result.output.contains("::warning::Dependency Graph is not supported") assert result.output.contains("::warning::Dependency Graph is not supported for ${testGradleVersion}")
where:
testGradleVersion << NO_DEPENDENCY_GRAPH_VERSIONS
}
def "fails build when enabled for older Gradle versions if continue-on-failure is false"() {
assumeTrue testGradleVersion.compatibleWithCurrentJvm
when:
def vars = envVars
vars.put('GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE', 'false')
def result = runAndFail(['help'], initScript, testGradleVersion.gradleVersion, [], vars)
then:
assert !reportsDir.exists()
assert result.output.contains("Dependency Graph is not supported for ${testGradleVersion}")
where: where:
testGradleVersion << NO_DEPENDENCY_GRAPH_VERSIONS testGradleVersion << NO_DEPENDENCY_GRAPH_VERSIONS
@ -109,6 +130,7 @@ class TestDependencyGraph extends BaseInitScriptTest {
def getEnvVars() { def getEnvVars() {
return [ return [
GITHUB_DEPENDENCY_GRAPH_ENABLED: "true", GITHUB_DEPENDENCY_GRAPH_ENABLED: "true",
GITHUB_DEPENDENCY_GRAPH_CONTINUE_ON_FAILURE: "true",
GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR: "CORRELATOR", GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR: "CORRELATOR",
GITHUB_DEPENDENCY_GRAPH_JOB_ID: "1", GITHUB_DEPENDENCY_GRAPH_JOB_ID: "1",
GITHUB_DEPENDENCY_GRAPH_REF: "main", GITHUB_DEPENDENCY_GRAPH_REF: "main",