From e3c4846f3b39313eedcaca73b134514409fad5ff Mon Sep 17 00:00:00 2001 From: Trask Stalnaker Date: Tue, 21 Oct 2025 11:03:01 -0700 Subject: [PATCH] Enable Develocity build scans --- .github/repository-settings.md | 4 ++ .github/workflows/benchmark-tags.yml | 2 + .github/workflows/benchmark.yml | 2 + .github/workflows/build.yml | 4 ++ .github/workflows/codeql.yml | 2 + .github/workflows/javadoc-crawler.yml | 2 + .../owasp-dependency-check-daily.yml | 1 + .github/workflows/release.yml | 3 ++ settings.gradle.kts | 50 +++++++++++++++++-- 9 files changed, 67 insertions(+), 3 deletions(-) diff --git a/.github/repository-settings.md b/.github/repository-settings.md index 4c5c526a467..aa75f94070a 100644 --- a/.github/repository-settings.md +++ b/.github/repository-settings.md @@ -8,6 +8,10 @@ private admin repo. - `GPG_PASSWORD` - stored in OpenTelemetry-Java 1Password - `GPG_PRIVATE_KEY` - stored in OpenTelemetry-Java 1Password +- `DEVELOCITY_ACCESS_KEY` - stored in OpenTelemetry-Java 1Password + - Generated at https://develocity.opentelemetry.io > My settings > Access keys + - Format of env var is `develocity.opentelemetry.io=`, + see [docs](https://docs.gradle.com/enterprise/gradle-plugin/#via_environment_variable) - `NVD_API_KEY` - stored in OpenTelemetry-Java 1Password - Generated at https://nvd.nist.gov/developers/request-an-api-key - Key is associated with [@trask](https://github.com/trask)'s gmail address diff --git a/.github/workflows/benchmark-tags.yml b/.github/workflows/benchmark-tags.yml index cec8d0a3f50..45bdde09133 100644 --- a/.github/workflows/benchmark-tags.yml +++ b/.github/workflows/benchmark-tags.yml @@ -37,6 +37,8 @@ jobs: uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 - name: Run jmh run: ./gradlew jmhJar + env: + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: Run Benchmark run: | diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index 0c0dd4cb972..83aed52b814 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -39,6 +39,8 @@ jobs: uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 - name: Run jmh run: ./gradlew jmhJar + env: + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: Run Benchmark run: | diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 874ca06d7c1..f41d2f08a79 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -80,6 +80,7 @@ jobs: env: # JMH-based tests run only if this environment variable is set to true RUN_JMH_BASED_TESTS: ${{ matrix.jmh-based-tests }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: Check for diff # The jApiCmp diff compares current to latest, which isn't appropriate for release branches @@ -159,6 +160,7 @@ jobs: SONATYPE_KEY: ${{ secrets.SONATYPE_KEY }} GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} build-graal: name: Build GraalVM @@ -184,6 +186,8 @@ jobs: java --version native-image --version ./gradlew nativeTest + env: + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} required-status-check: # markdown-link-check is not required so pull requests are not blocked if external links break diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 27fcddb9747..f613bcc9b34 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -58,6 +58,8 @@ jobs: # --no-daemon is required for codeql to observe the compilation # (see https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis#specifying-build-commands) run: ./gradlew assemble --no-build-cache --no-daemon + env: + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: Perform CodeQL analysis uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9 diff --git a/.github/workflows/javadoc-crawler.yml b/.github/workflows/javadoc-crawler.yml index dfaddb9b327..714e148a9b5 100644 --- a/.github/workflows/javadoc-crawler.yml +++ b/.github/workflows/javadoc-crawler.yml @@ -24,3 +24,5 @@ jobs: - name: Run crawler run: ./gradlew :javadoc-crawler:crawl + env: + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} diff --git a/.github/workflows/owasp-dependency-check-daily.yml b/.github/workflows/owasp-dependency-check-daily.yml index 0e19eb5e108..1b7ec72adab 100644 --- a/.github/workflows/owasp-dependency-check-daily.yml +++ b/.github/workflows/owasp-dependency-check-daily.yml @@ -28,6 +28,7 @@ jobs: run: ./gradlew dependencyCheckAnalyze env: NVD_API_KEY: ${{ secrets.NVD_API_KEY }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: Upload report if: always() diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8cb9199b6ba..10fdb23d3eb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,6 +37,7 @@ jobs: SONATYPE_KEY: ${{ secrets.SONATYPE_KEY }} GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: Set environment variables run: | @@ -191,6 +192,7 @@ jobs: env: VERSION: ${{ needs.release.outputs.version }} PRIOR_VERSION: ${{ needs.release.outputs.prior-version }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} run: | ./gradlew japicmp -PapiBaseVersion=$PRIOR_VERSION -PapiNewVersion=$VERSION ./gradlew --refresh-dependencies japicmp @@ -199,6 +201,7 @@ jobs: - name: Update versions in README.md env: VERSION: ${{ needs.release.outputs.version }} + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} run: | ./gradlew updateVersionInDocs -Prelease.version=$VERSION git add README.md diff --git a/settings.gradle.kts b/settings.gradle.kts index 95193cc856d..ce27fa3a52e 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -71,10 +71,54 @@ include(":sdk-extensions:jaeger-remote-sampler") include(":testing-internal") include(":animal-sniffer-signature") +val develocityServer = "https://develocity.opentelemetry.io" +val isCI = System.getenv("CI") != null +val develocityAccessKey = System.getenv("DEVELOCITY_ACCESS_KEY") ?: "" + +// if develocity access key is not given and we are in CI, then we publish to scans.gradle.com +val useScansGradleCom = isCI && develocityAccessKey.isEmpty() + develocity { + if (useScansGradleCom) { + buildScan { + termsOfUseUrl = "https://gradle.com/help/legal-terms-of-use" + termsOfUseAgree = "yes" + } + } else { + server = develocityServer + buildScan { + publishing.onlyIf { it.isAuthenticated } + + gradle.startParameter.projectProperties["testJavaVersion"]?.let { tag(it) } + gradle.startParameter.projectProperties["testJavaVM"]?.let { tag(it) } + gradle.startParameter.projectProperties["smokeTestSuite"]?.let { + value("Smoke test suite", it) + } + } + } + buildScan { - publishing.onlyIf { System.getenv("CI") != null } - termsOfUseUrl.set("https://gradle.com/help/legal-terms-of-use") - termsOfUseAgree.set("yes") + uploadInBackground = !isCI + + capture { + fileFingerprints = true + } + + if (!gradle.startParameter.taskNames.contains("listTestsInPartition") && + !gradle.startParameter.taskNames.contains(":test-report:reportFlakyTests")) { + buildScanPublished { + File("build-scan.txt").printWriter().use { writer -> + writer.println(buildScanUri) + } + } + } + } +} + +if (!useScansGradleCom) { + buildCache { + remote(develocity.buildCache) { + isPush = isCI && develocityAccessKey.isNotEmpty() + } } }