search

spring-projects / spring-security

Spring Security
http://spring.io/projects/spring-security
Apache License 2.0
8.55k stars 5.79k forks source link

Restore Build Scan Capability #15120

Closed jzheaux closed 1 month ago

jzheaux commented 1 month ago

For the 5.8.x branch, using the --scan attribute does not work per the following from Gradle:

Gradle versions older than 8.4 do not recognize the Develocity plugin as the replacement for deprecated Gradle Enterprise and Build Scan plugins. When --scan argument is used, Gradle attempts to apply its version of the plugin which may conflict with the Develocity plugin explicitly applied to your project. If the plugin applied by Gradle wins, the new functionality provided by the Develocity plugin will not be available.

As such, --scan needs to be removed for the moment and likely replaced with a recommendation like the following:

develocity {
    buildScan {
        if (System.getenv("IS_A_PULL_REQUEST")) {
            publishing.onlyIf { true }
            server = "https://scans.gradle.com"
        }
    }
}
jzheaux commented 1 month ago

The above did not quite work since the Spring Gradle Enterprise Conventions plugin needs to set the server value and the Develocity plugin does not allow it to be overridden.

jzheaux commented 1 month ago

Another way to do this is to only apply the Spring Gradle Enterprise Conventions plugin when enterprise credentials are present:

if (System.getenv("DEVELOCITY_ACCESS_KEY")) {
    apply plugin: "io.spring.ge.conventions"
}

This works because the DEVELOCITY_ACCESS_KEY credential is not available to PRs. GIven that, it can't exercise the Conventions feature set anyway.

jzheaux commented 1 month ago

Closed in ca67634