From 4b660dc33e9a9851db66b46b5707dea78d20de91 Mon Sep 17 00:00:00 2001
From: daz <daz@gradle.com>
Date: Mon, 15 Jan 2024 18:42:57 -0700
Subject: [PATCH] Add initial composite actions with smoke tests

These actions simply delegate to `gradle/gradle-build-action`

- `setup-gradle`: As `gradle-build-action` without the execution capability.
- `dependency-submission`: Submits a dependency graph for the project.
---
 .github/workflows/dependency-submission.yml |  29 +++++
 .github/workflows/setup-gradle.yml          |  25 ++++
 action.yml                                  |   8 +-
 dependency-submission/action.yml            |  34 ++++++
 setup-gradle/action.yml                     | 124 ++++++++++++++++++++
 5 files changed, 216 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/dependency-submission.yml
 create mode 100644 .github/workflows/setup-gradle.yml
 create mode 100644 dependency-submission/action.yml
 create mode 100644 setup-gradle/action.yml

diff --git a/.github/workflows/dependency-submission.yml b/.github/workflows/dependency-submission.yml
new file mode 100644
index 0000000..62c3a76
--- /dev/null
+++ b/.github/workflows/dependency-submission.yml
@@ -0,0 +1,29 @@
+name: Smoke test dependency-submission
+
+on:
+  workflow_dispatch:
+  push:
+
+permissions:
+  contents: write
+
+env:
+  GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
+
+jobs:
+  test-dependency-submission:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@v4
+    - name: Checkout gradle-build-action for samples
+      uses: actions/checkout@v4
+      with:
+        repository: gradle/gradle-build-action
+        path: gradle-build-action
+    - name: Generate and submit dependencies
+      uses: ./dependency-submission
+      with:
+        build-root-directory: gradle-build-action/.github/workflow-samples/groovy-dsl
+      env:
+        GITHUB_DEPENDENCY_GRAPH_REF: 'refs/tags/v0.0.1' # Use a different ref to avoid updating the real dependency graph for the repository
diff --git a/.github/workflows/setup-gradle.yml b/.github/workflows/setup-gradle.yml
new file mode 100644
index 0000000..4a7ecd2
--- /dev/null
+++ b/.github/workflows/setup-gradle.yml
@@ -0,0 +1,25 @@
+name: Smoke test setup-gradle
+
+on:
+  workflow_dispatch:
+  push:
+
+env:
+  GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
+
+jobs:
+  test-setup-gradle:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@v4
+    - name: Checkout gradle-build-action for samples
+      uses: actions/checkout@v4
+      with:
+        repository: gradle/gradle-build-action
+        path: gradle-build-action
+    - name: Setup Gradle
+      uses: ./setup-gradle
+    - name: Build groovy-dsl project
+      working-directory: gradle-build-action/.github/workflow-samples/groovy-dsl
+      run: ./gradlew assemble
diff --git a/action.yml b/action.yml
index 5483cdb..3bae674 100644
--- a/action.yml
+++ b/action.yml
@@ -4,10 +4,10 @@ description: A collection of actions for building Gradle projects, as well as ge
 runs:
   using: "composite"
   steps:
-  - name: Setup Gradle
-    uses: gradle/gradle-build-action@main
-    with:
-      cache-read-only: true
+  - run: |
+      echo "::error::The path 'gradle/actions' is not a valid action. Please use 'gradle/actions/setup-gradle' or 'gradle/actions/dependency-submission'."
+      exit 1
+    shell: bash
 
 branding:
   icon: 'box'
diff --git a/dependency-submission/action.yml b/dependency-submission/action.yml
new file mode 100644
index 0000000..365937d
--- /dev/null
+++ b/dependency-submission/action.yml
@@ -0,0 +1,34 @@
+name: Gradle Dependency Submission
+description: Generates a dependency graph for a Gradle project and submits it via the Dependency Submission API
+
+inputs:
+  gradle-version:
+    description: |
+      Gradle version to use. If specified, this Gradle version will be downloaded, added to the PATH and used for invoking Gradle.
+      If not provided, it is assumed that the project uses the Gradle Wrapper.
+    required: false
+  build-root-directory:
+    description: Path to the root directory of the build. Default is the root of the GitHub workspace.
+    required: false
+  cache-encryption-key:
+    description: |
+      A base64 encoded AES key used to encrypt the configuration-cache data. The key is exported as 'GRADLE_ENCRYPTION_KEY' for later steps. 
+      A suitable key can be generated with `openssl rand -base64 16`.
+      Configuration-cache data will not be saved/restored without an encryption key being provided.
+    required: false
+
+runs:
+  using: "composite"
+  steps:
+    - uses: gradle/gradle-build-action@main
+      with:
+        dependency-graph: generate-and-submit
+        dependency-graph-continue-on-failure: false
+        gradle-version: ${{ inputs.gradle-version }}
+        build-root-directory: ${{ inputs.build-root-directory }}
+        cache-encryption-key: ${{ inputs.cache-encryption-key }}
+        arguments: |
+          --no-configure-on-demand
+          --dependency-verification=off
+          --stacktrace
+          :ForceDependencyResolutionPlugin_resolveAllDependencies
diff --git a/setup-gradle/action.yml b/setup-gradle/action.yml
new file mode 100644
index 0000000..696400f
--- /dev/null
+++ b/setup-gradle/action.yml
@@ -0,0 +1,124 @@
+name: Setup Gradle environment
+description: Configures the local environment for Gradle execution, downloading and installing a specified Gradle version if required.
+
+inputs:
+  gradle-version:
+    description: Gradle version to use. If specified, this Gradle version will be downloaded, added to the PATH and used for invoking Gradle.
+    required: false
+
+  cache-disabled:
+    description: When 'true', all caching is disabled. No entries will be written to or read from the cache.
+    required: false
+    default: false
+
+  cache-read-only:
+    description: |
+      When 'true', existing entries will be read from the cache but no entries will be written.
+      By default this value is 'false' for workflows on the GitHub default branch and 'true' for workflows on other branches.
+    required: false
+    default: ${{ github.event.repository != null && github.ref_name != github.event.repository.default_branch }}
+
+  cache-write-only:
+    description: |
+      When 'true', entries will not be restored from the cache but will be saved at the end of the Job. 
+      Setting this to 'true' implies cache-read-only will be 'false'.
+    required: false
+    default: false
+
+  cache-overwrite-existing:
+    description: When 'true', a pre-existing Gradle User Home will not prevent the cache from being restored.
+    required: false
+    default: false
+
+  cache-encryption-key:
+    description: |
+      A base64 encoded AES key used to encrypt the configuration-cache data. The key is exported as 'GRADLE_ENCRYPTION_KEY' for later steps. 
+      A suitable key can be generated with `openssl rand -base64 16`.
+      Configuration-cache data will not be saved/restored without an encryption key being provided.
+    required: false
+
+  gradle-home-cache-includes:
+    description: Paths within Gradle User Home to cache.
+    required: false
+    default: |
+        caches
+        notifications
+
+  gradle-home-cache-excludes:
+    description: Paths within Gradle User Home to exclude from cache.
+    required: false
+  # e.g. Use the following setting to prevent the local build cache from being saved/restored
+  #      gradle-home-cache-excludes: |
+  #           caches/build-cache-1
+
+  gradle-home-cache-cleanup:
+    description: When 'true', the action will attempt to remove any stale/unused entries from the Gradle User Home prior to saving to the GitHub Actions cache.
+    required: false
+    default: false
+
+  add-job-summary:
+    description: Specifies when a Job Summary should be inluded in the action results. Valid values are 'never', 'always' (default), and 'on-failure'.
+    required: false
+    default: 'always'
+
+  add-job-summary-as-pr-comment:
+    description: Specifies when each Job Summary should be added as a PR comment. Valid values are 'never' (default), 'always', and 'on-failure'. No action will be taken if the workflow was not triggered from a pull request.
+    required: false
+    default: 'never'
+
+  dependency-graph:
+    description: Specifies if a GitHub dependency snapshot should be generated for each Gradle build, and if so, how. Valid values are 'disabled' (default), 'generate', 'generate-and-submit', 'generate-and-upload' and 'download-and-submit'.
+    required: false
+    default: 'disabled'
+
+  dependency-graph-continue-on-failure:
+    description: When 'false' a failure to generate or submit a dependency graph will fail the Step or Job. When 'true' a warning will be emitted but no failure will result.
+    required: false
+    default: true
+
+  artifact-retention-days:
+    description: Specifies the number of days to retain any artifacts generated by the action. If not set, the default retention settings for the repository will apply.
+    required: false
+
+  # EXPERIMENTAL & INTERNAL ACTION INPUTS
+  # The following action properties allow fine-grained tweaking of the action caching behaviour.
+  # These properties are experimental and not (yet) designed for production use, and may change without notice in a subsequent release of `gradle-build-action`.
+  # Use at your own risk!
+  workflow-job-context:
+    description: Used to uniquely identify the current job invocation. Defaults to the matrix values for this job; this should not be overridden by users (INTERNAL).
+    required: false
+    default: ${{ toJSON(matrix) }}
+
+  github-token:
+    description: The GitHub token used to authenticate when submitting via the Dependency Submission API.
+    default: ${{ github.token }}
+    required: false
+
+outputs:
+  build-scan-url:
+    description: Link to the Build Scan® generated by a Gradle build. Note that this output applies to a Step executing Gradle, not to the `gradle-build-action` Step itself.
+  dependency-graph-file:
+    description: Path to the GitHub Dependency Graph snapshot file generated by a Gradle build. Note that this output applies to a Step executing Gradle, not to the `gradle-build-action` Step itself.
+  gradle-version:
+    description: Version of Gradle that was setup by the action
+
+runs:
+  using: "composite"
+  steps:
+    - uses: gradle/gradle-build-action@main
+      with:
+        gradle-version: ${{ inputs.gradle-version }}
+        cache-disabled: ${{ inputs.cache-disabled }}
+        cache-read-only: ${{ inputs.cache-read-only }}
+        cache-write-only: ${{ inputs.cache-write-only }}
+        cache-overwrite-existing:  ${{ inputs.cache-overwrite-existing }}
+        cache-encryption-key: ${{ inputs.cache-encryption-key }}
+        gradle-home-cache-includes: ${{ inputs.gradle-home-cache-includes }}
+        gradle-home-cache-excludes: ${{ inputs.gradle-home-cache-excludes }}
+        add-job-summary: ${{ inputs.add-job-summary }}
+        add-job-summary-as-pr-comment: ${{ inputs.add-job-summary-as-pr-comment }}
+        dependency-graph: ${{ inputs.dependency-graph }}
+        dependency-graph-continue-on-failure: ${{ inputs.dependency-graph-continue-on-failure }}
+        artifact-retention-days: ${{ inputs.artifact-retention-days }}
+        workflow-job-context: ${{ inputs.workflow-job-context }}
+        github-token: ${{ inputs.github-token }}