gradle / wrapper-upgrade-gradle-plugin Goto Github PK
View Code? Open in Web Editor NEWGradle plugin that detects and updates Gradle and Maven wrappers to the latest Gradle and Maven version.
License: Apache License 2.0
Gradle plugin that detects and updates Gradle and Maven wrappers to the latest Gradle and Maven version.
License: Apache License 2.0
Given:
The first PR stay open and will not automatically closed (and the branch deleted).
I guess it would be nice if this is supported 🙃
I would love to see a Github Action for upgrading Gradle Wrapper which is official maintained by Gradle. (like your wrapper-validation-action)
That would make the update process more efficient. :)
Is it possible to somehow make the plugin delete the created branch when the PR gets merged? I have a suspicion that it can only be achieved with a GitHub App.
I've tried this out for updating wrappers in the junit5-samples repo via a separate repo:
https://github.com/junit-team/wrapper-upgrade
However, I'm getting the following error:
https://ge.junit.org/s/ldkbyuhdhqska/console-log
I noticed that this plugin will always running the wrapper
tasks, regarding of if there is an upgrade available.
However, the plugin nows already if there is an upgrade available.
Here it checks for the current release. If there is no upgrade available, it just returns *the * version (that is, usedBuildToolVersion
).
Then it will only use that version to run the wrapper
task. Whether if it is the same version or not.
I guess it makes sense to avoid this. It is an unnecessary waste of resources.
Especially since you also recommend running this periodically in the readme:
wrapper-upgrade-gradle-plugin/README.md
Line 97 in e60ef6b
In case there is no higher version than the current version, just skip the task execution and thats it 🤷
This is also in the readme:
wrapperUpgrade {
gradle {
register("some-gradle-project") {
repo.set("my-org/some-gradle-project")
baseBranch.set("release")
}
register("some-samples-gradle-project") {
repo.set("my-org/some-samples-gradle-project")
dir.set("samples")
}
}
}
But register
will not work. It seems the plugin is too late to catch it.
However, create
will work.
I'm not sure if this needs to be fixed in the plugin itself or in the readme 🤔
I also ask myself, why does this not matter in the Groovy version 🙃
When a project uses a version of Gradle that's newer than the latest stable release, e.g. a release candidate, the plugin currently sends a PR. For example: junit-team/junit5#3359
Instead, it should only update the wrapper if the version used by the project is older than the version it's attempting to upgrade to.
It is good practice to always signoff commits, especially in update bots like this. Dependabot already does it and it would be awesome to add this feature here also. Something like this but replaced with the actual name and email:
...
Signed-off-by: dependabot[bot] <[email protected]>
Note: There is a GitHub bot called DCO that checks PRs to see if the commits are correctly signed-off, that is what made me aware of this
See for example this PR:
#188
It checks only the DCO but don't execute other tests.
This is because the PR were created by an GH Action using the build in secrets.GITHUB_TOKEN
.
See
I guess it make sense that also the bump wrapper PRs run all of the existing tests.
To do this, one option is to provide another secret (from another user) and invite them to this repository as a collaborator with write access. Then using this secret inside the action.
The user will then create the pull requests, instead of the "GitHub Action Bot".
You might want to use your bot-githubaction user for that? 😁
Today, I see PRs such as this one:
gradle/common-custom-user-data-maven-extension#223
The title of this PR, `Bump Maven Wrapper from 3.9.6 to 3.9.6 #223, is confusing since the version numbers are the same. It requires me to perform a deeper investigation to see that the Maven wrapper is updating rather than the Maven version.
It would be nice if instead the generated PR could be clear about what was updated.
Currently, when more than one Wrapper upgrade is performed for the same repository, there will be an equal number of PRs created for that repository.
It would be nice if the plugin would batch all upgrades for the same repository and only create a single PR per repository.
Good work on this plugin! I'm just taking it for a spin...
When I setup the plugin in a project.
plugins {
id 'base'
id 'org.gradle.wrapper-upgrade' version '0.10.1'
}
wrapperUpgrade {
gradle {
'spring-boot-api-example' {
repo = 'tkgregory/spring-boot-api-example'
baseBranch = 'master'
}
}
}
And run on Ubuntu:
WRAPPER_UPGRADE_GIT_TOKEN=<my-secret-here> ./gradlew clean upgradeGradleWrapperAll --info --stacktrace
I get this error:
Starting process 'command 'git''. Working directory: /mnt/c/workspace/gradle-wrapper-update-example/build/git-clones/spring-boot-api-example Command: git push --quiet -u origin wrapperbot/spring-boot-api-example/gradle-wrapper-7.4.2
Successfully started process 'command 'git''
fatal: could not read Username for 'https://github.com/tkgregory/spring-boot-api-example.git': No such device or address
When I run git push
myself from the directory and enter username/token combo it works as expected. I think the error is because Git doesn't know the username.
Should there be a way to specify username as well as token? 🤔
We should use the description
field of the plugin declaration to specify release notes. Currently, it is always a static string.
The description
field is shown on the plugin portal for each published version. Setting the description
field to release notes means they can be seen directly in the plugin portal, rather than only on GitHub. This makes release notes and changes much more discoverable for users wanting to update.
An example of this can be seen on the plugin portal page for com.gradle.plugin-publish
: https://plugins.gradle.org/plugin/com.gradle.plugin-publish
The Readme states:
create a pull request on Github, it requires a Github access token, passed with WRAPPER_UPGRADE_GIT_TOKEN environment variable.
As users don't want to give the token more permissions as needed it make sense to document which exact permissions are needed for the PAT (personal access token)
It would be very helpful to be able to specify labels, reviewers and assignees for the pull request that gets created by the gradle plugin.
Hello togehter 👋
in your readme you have the section "Task configuration":
IMHO this is a bit of missleading. As consumers don't get in touch with any task here, right?
Instead, they setup the plugin extension.
So it would be rather Extension configuration
.
But I think this is also not good.
I thought more into the direction of Configure the plugin
or just Configuration
...
What do you think? 🤔
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.