Closed bigdaz closed 8 months ago
In some cases, passing the secret to the gradle-build-action
is actually less convenient than configuring an env var: this is because it's possible to configure an env-var for an entire workflow, whereas the action parameters need to be specified per-job.
Unfortunately, there's no way to make gradle-build-action
to respond directly to the presence of the secret: action executions are sandboxed and can only see values that are explicitly provided.
In fact, I'm not sure there's any case where this is actually more convenient: passing the secret to the gradle-build-action
which then configures the env var (or writes a file) is not more convenient than configuring the env
directly. The env
can be specified at the Workflow, Job or Step level.
In order to publish build scans to a Develocity instance, an access key must be made available for each Gradle build execution. Presently, this means:
env
block to each workflow that sets the access key as an environment variable.The
gradle-build-action
is uninvolved in this process: the env var is read directly by the Gradle Build Tool.Instead, we could make the
gradle-build-action
aware of the DV access key. This would change the requirements to:gradle-build-action
The action would then either:
~/.gradle/enterprise/keys.properties
where it will be read by the DV pluginThe second option may be preferable, since environment variables are not automatically available to composite actions or reusable workflows.