From ac775a3a588a29cc5fe51ff7bc2e63cee27cd57d Mon Sep 17 00:00:00 2001 From: micronaut-build Date: Wed, 8 Jan 2025 05:06:18 +0000 Subject: [PATCH 1/2] Update common files --- .github/renovate.json | 22 +++++++++++++++------- .github/workflows/gradle.yml | 9 ++++++++- gradle/wrapper/gradle-wrapper.properties | 2 +- gradlew | 3 +-- 4 files changed, 25 insertions(+), 11 deletions(-) diff --git a/.github/renovate.json b/.github/renovate.json index 09c2a598..99eeec10 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1,24 +1,32 @@ { "extends": [ - "config:base" + "config:recommended" + ], + "addLabels": [ + "type: dependency-upgrade" ], - "addLabels": ["type: dependency-upgrade"], "schedule": [ - "after 10pm every day" + "after 10pm" ], "prHourlyLimit": 1, "prConcurrentLimit": 20, "timezone": "Europe/Prague", "packageRules": [ { - "matchPackagePatterns": ["actions.*"], "dependencyDashboardApproval": true, - "matchUpdateTypes": ["patch"], + "matchUpdateTypes": [ + "patch" + ], "matchCurrentVersion": "!/^0/", - "automerge": true + "automerge": true, + "matchPackageNames": [ + "/actions.*/" + ] }, { - "matchUpdateTypes": ["patch"], + "matchUpdateTypes": [ + "patch" + ], "matchCurrentVersion": "!/^0/", "automerge": true } diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index 22e563ad..aab934a7 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -30,6 +30,8 @@ jobs: PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}" SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + OSS_INDEX_USERNAME: ${{ secrets.OSS_INDEX_USERNAME }} + OSS_INDEX_PASSWORD: ${{ secrets.OSS_INDEX_PASSWORD }} steps: # https://github.com/actions/virtual-environments/issues/709 - name: "🗑 Free disk space" @@ -58,6 +60,11 @@ jobs: run: | [ -f ./setup.sh ] && ./setup.sh || [ ! -f ./setup.sh ] + - name: "🚔 Sonatype Scan" + id: sonatypescan + run: | + ./gradlew ossIndexAudit --no-parallel + - name: "🛠 Build with Gradle" id: gradle run: | @@ -78,7 +85,7 @@ jobs: - name: "📜 Upload binary compatibility check results" if: matrix.java == '17' - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: binary-compatibility-reports path: "**/build/reports/binary-compatibility-*.html" diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index df97d72b..cea7a793 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.12-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/gradlew b/gradlew index f5feea6d..f3b75f3b 100755 --- a/gradlew +++ b/gradlew @@ -86,8 +86,7 @@ done # shellcheck disable=SC2034 APP_BASE_NAME=${0##*/} # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) -APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s -' "$PWD" ) || exit +APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD=maximum From 150ea36f57620a06b99830031e3eab92b76bdd58 Mon Sep 17 00:00:00 2001 From: Sergio del Amo Date: Wed, 8 Jan 2025 13:31:52 +0100 Subject: [PATCH 2/2] sonatype --- buildSrc/build.gradle | 1 + .../io.micronaut.build.internal.acme-module.gradle | 10 ++++++++++ gradle/libs.versions.toml | 3 ++- 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle index 21e3c454..2fdd54a0 100644 --- a/buildSrc/build.gradle +++ b/buildSrc/build.gradle @@ -9,4 +9,5 @@ repositories { dependencies { implementation libs.gradle.micronaut + implementation(libs.sonatype.scan) } diff --git a/buildSrc/src/main/groovy/io.micronaut.build.internal.acme-module.gradle b/buildSrc/src/main/groovy/io.micronaut.build.internal.acme-module.gradle index 1f594871..5b982203 100644 --- a/buildSrc/src/main/groovy/io.micronaut.build.internal.acme-module.gradle +++ b/buildSrc/src/main/groovy/io.micronaut.build.internal.acme-module.gradle @@ -1,4 +1,14 @@ plugins { id "io.micronaut.build.internal.module" id "io.micronaut.build.internal.acme-base" + id("org.sonatype.gradle.plugins.scan") +} +String ossIndexUsername = System.getenv("OSS_INDEX_USERNAME") ?: project.properties["ossIndexUsername"] +String ossIndexPassword = System.getenv("OSS_INDEX_PASSWORD") ?: project.properties["ossIndexPassword"] +boolean sonatypePluginConfigured = ossIndexUsername != null && ossIndexPassword != null +if (sonatypePluginConfigured) { + ossIndexAudit { + username = ossIndexUsername + password = ossIndexPassword + } } diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index c1b02925..481d6faa 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -12,7 +12,7 @@ micronaut-serde = "2.12.0" micronaut-test-resources="2.6.2" micronaut-validation = "4.8.0" micronaut-gradle-plugin = "4.4.4" - +sonatype-scan = "3.0.0" [libraries] # Core micronaut-core = { module = 'io.micronaut:micronaut-core-bom', version.ref = 'micronaut' } @@ -29,3 +29,4 @@ netty-tcnative-boringssl-static = { module = 'io.netty:netty-tcnative-boringssl- groovy-json = { module = 'org.apache.groovy:groovy-json' } groovy-dateutil = { module = 'org.apache.groovy:groovy-dateutil' } gradle-micronaut = { module = "io.micronaut.gradle:micronaut-gradle-plugin", version.ref = "micronaut-gradle-plugin" } +sonatype-scan = { module = "org.sonatype.gradle.plugins:scan-gradle-plugin", version.ref = "sonatype-scan" }