Closed mminiri closed 11 months ago
Thanks for the report. The gradle-build-action
doesn't have any explicit support for Workload Identity Federation (and I'd never heard of it before).
If you use the recommended approach of using the action to Setup Gradle, then the gradle-build-action
should have a minimal impact on your build execution. Are you invoking Gradle outside of the gradle-build-action
step, and NOT using the arguments
parameter?
If you are using the arguments
parameter, can you please test using a separate "execute Gradle" step?
So instead of:
# DON'T DO THIS
- name: Setup Gradle and execute Gradle 'build' task
uses: gradle/gradle-build-action@v2
with:
arguments: build
You will have:
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
- name: Execute Gradle build
run: ./gradlew build
Hi, it is not working that way either.
Found a working solution when maven artifacts are stored in the Google Artifact Registry instead of GCS Busket.
Thank you.
@mminiri Thanks, and glad you got it working.
I really don't understand how the Setup Gradle
step would cause the build to fail, since it's just adding some init-scripts
and enabling caching. I guess you're happy because you have things working, but it would be interesting to know the underlying cause is.
One thing you could try, if interested, is to disable caching in the "Setup Gradle" step.
Our setup:
Build is working on a private runner
Problem: Outside of gradle/gradle-build-action@v2, our code can fetch objects from Google Cloud Storage buckets, but inside that action, we get:
`* What went wrong: Execution failed for task ':compileJava'.
Looks like it doesn't see Google credentials from runner where it can access GCS.
Does this action support the Workload Identity Federation?