From 76f5cdbf5e917d30ca68b333acd9188fa2afa881 Mon Sep 17 00:00:00 2001 From: Jonathan Leitschuh Date: Mon, 3 Feb 2020 15:37:36 -0500 Subject: [PATCH] Add external contribution details to README --- README.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/README.md b/README.md index bb78c9f..87cd9c9 100644 --- a/README.md +++ b/README.md @@ -40,12 +40,16 @@ The goal is to prevent homoglyph attacks which may be very difficult to spot in ## Usage +### Add to an existing Workflow + Simply add this action to your workflow **after** having checked out your source tree and **before** running any Gradle build: ```yaml uses: gradle/wrapper-validation-action@v1 ``` +### Add a new dedicated Workflow + Here's a sample complete workflow you can add to your repositories: **`.github/workflows/gradle-wrapper-validation.yml`** @@ -62,6 +66,26 @@ jobs: - uses: gradle/wrapper-validation-action@v1 ``` +## Contributing to an external GitHub Repository + +Since [GitHub Actions](https://github.com/features/actions) +are completely free for open source projects and are automatically enabled on almost all projects, +adding this check to a project's build is as simple as contributing a PR. +Enabling the check requires no overhead on behalf of the project maintainer beyond merging the action. + +You can add this action to your favorite Gradle based project without checking out their source locally via the +GitHub Web UI thanks to the 'Create new file' button. + +![GitHub 'Create new file' Button bar picture](https://user-images.githubusercontent.com/1323708/73676469-6c023c00-4682-11ea-8c0a-5a1e2d29b17f.png) + +Simply add a new file named `.github/workflows/gradle-wrapper-validation.yml` with the contents mentioned above. + +We recommend the message commit contents of: + - Title: `Official Gradle Wrapper Validation Action` + - Body (at minimum): `See: https://github.com/gradle/wrapper-validation-action` + +From there, you can easily follow the rest of the prompts to create a Pull Request against the project. + ## Reporting Failures If this GitHub action fails because a `gradle-wrapper.jar` doesn't match one of our published SHA-256 checksums,