Enable Develocity build scans

Author: trask

.github/workflows/build-common.yml

@@ -68,14 +68,20 @@ jobs:
           build
           -PtestJavaVersion=${{ matrix.test-java-version }}
           -Porg.gradle.java.installations.paths=${{ steps.setup-java-test.outputs.path }},${{ steps.setup-java.outputs.path }}
+        env:
+          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
       - name: generate
         # Skip running on macos-latest which doesn't have docker
         if: matrix.os == 'ubuntu-latest'
         run: ./gradlew generateSemanticConventions --console=plain
+        env:
+          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
 
       # Run spotless after generate to format generated code
       - name: spotless
         run: ./gradlew spotlessApply
+        env:
+          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
 
       - name: Check that semconv generation is up to date
         run: |

.github/workflows/build-pull-request.yml

@@ -15,6 +15,8 @@ jobs:
     uses: ./.github/workflows/build-common.yml
     with:
       cache-read-only: true
+    secrets:
+      DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
 
   link-check:
     uses: ./.github/workflows/reusable-link-check.yml

.github/workflows/build.yml

@@ -13,3 +13,5 @@ permissions:
 jobs:
   common:
     uses: ./.github/workflows/build-common.yml
+    secrets:
+      DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}

.github/workflows/codeql.yml

@@ -56,6 +56,8 @@ jobs:
         # --no-daemon is required for codeql to observe the compilation
         # (see https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis#specifying-build-commands)
         run: ./gradlew assemble --no-build-cache --no-daemon
+        env:
+          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
 
       - name: Perform CodeQL analysis
         uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9

.github/workflows/release.yml

@@ -8,6 +8,8 @@ permissions:
 jobs:
   build:
     uses: ./.github/workflows/build-common.yml
+    secrets:
+      DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
 
   release:
     permissions:
@@ -41,6 +43,7 @@ jobs:
           SONATYPE_KEY: ${{ secrets.SONATYPE_KEY }}
           GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
           GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }}
+          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
 
       - name: Set environment variables
         run: |
@@ -173,6 +176,7 @@ jobs:
         env:
           VERSION: ${{ needs.release.outputs.version }}
           PRIOR_VERSION: ${{ needs.release.outputs.prior-version }}
+          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
         run: |
           ./gradlew japicmp -PapiBaseVersion=$PRIOR_VERSION -PapiNewVersion=$VERSION
           ./gradlew --refresh-dependencies japicmp

settings.gradle.kts

@@ -17,11 +17,46 @@ dependencyResolutionManagement {
   }
 }
 
+val develocityServer = "https://develocity.opentelemetry.io"
+val isCI = System.getenv("CI") != null
+val develocityAccessKey = System.getenv("DEVELOCITY_ACCESS_KEY") ?: ""
+
+// if develocity access key is not given and we are in CI, then we publish to scans.gradle.com
+val useScansGradleCom = isCI && develocityAccessKey.isEmpty()
+
 develocity {
+  if (useScansGradleCom) {
+    buildScan {
+      termsOfUseUrl = "https://gradle.com/help/legal-terms-of-use"
+      termsOfUseAgree = "yes"
+    }
+  } else {
+    server = develocityServer
+    buildScan {
+      publishing.onlyIf { it.isAuthenticated }
+    }
+  }
+
   buildScan {
-    publishing.onlyIf { System.getenv("CI") != null }
-    termsOfUseUrl.set("https://gradle.com/help/legal-terms-of-use")
-    termsOfUseAgree.set("yes")
+    uploadInBackground = !isCI
+
+    capture {
+      fileFingerprints = true
+    }
+
+    buildScanPublished {
+      java.io.File("build-scan.txt").printWriter().use { writer ->
+        writer.println(buildScanUri)
+      }
+    }
+  }
+}
+
+if (!useScansGradleCom) {
+  buildCache {
+    remote(develocity.buildCache) {
+      isPush = isCI && develocityAccessKey.isNotEmpty()
+    }
   }
 }