Closed bigdaz closed 5 months ago
I added some documentation and removed the "optional" flag from 'dependency-submission'.
Could you also add some explanation in a comment as to the change to running gradlew instead of running gradle-build-action ?
I presume this is targeted at new users of GitHub + Gradle, so I don't think it makes sense to document this as a change. It's natural for folks to run some sort of "setup" step followed by calling the build tool directly: having gradle-build-action
do the execution was an anomaly IMHO.
I did add a section showing what is required in the usual case that a user doesn't have the Gradle wrapper configured for their project. It looks a bit verbose, but it's complete.
This PR updates the existing
gradle.yml
andgradle-publish.yml
starter workflows for recent updates togradle/gradle-build-action
.gradle/gradle-build-action
withgradle/actions/setup-gradle
gradle/actions/dependency-submission
(flagged as optional)v3.0.0
of Gradle actionsactions/checkout
andactions/setup-java
Pre-requisites
Please note that at this time we are only accepting new starter workflows for Code Scanning. Updates to existing starter workflows are fine.
Tasks
For all workflows, the workflow:
.yml
file with the language or platform as its filename, in lower, kebab-cased format (for example,docker-image.yml
). Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET").GITHUB_TOKEN
so that the workflow runs successfully.For CI workflows, the workflow:
ci
directory.ci/properties/*.properties.json
file (for example,ci/properties/docker-publish.properties.json
).push
tobranches: [ $default-branch ]
andpull_request
tobranches: [ $default-branch ]
.release
withtypes: [ created ]
.docker-publish.yml
).For Code Scanning workflows, the workflow:
code-scanning
directory.code-scanning/properties/*.properties.json
file (for example,code-scanning/properties/codeql.properties.json
), with properties set as follows:name
: Name of the Code Scanning integration.creator
: Name of the organization/user producing the Code Scanning integration.description
: Short description of the Code Scanning integration.categories
: Array of languages supported by the Code Scanning integration.iconName
: Name of the SVG logo representing the Code Scanning integration. This SVG logo must be present in theicons
directory.push
tobranches: [ $default-branch, $protected-branches ]
andpull_request
tobranches: [ $default-branch ]
. We also recommend aschedule
trigger ofcron: $cron-weekly
(for example,codeql.yml
).Some general notes:
actions
organization, or