Skip to content

BUILD-8714 authenticate Gradle with Repox#67

Merged
julien-carsique-sonarsource merged 1 commit intomasterfrom
feat/jcarsique/BUILD-8714-gradleRepoxAuth
Aug 27, 2025
Merged

BUILD-8714 authenticate Gradle with Repox#67
julien-carsique-sonarsource merged 1 commit intomasterfrom
feat/jcarsique/BUILD-8714-gradleRepoxAuth

Conversation

@julien-carsique-sonarsource
Copy link
Copy Markdown
Contributor

@julien-carsique-sonarsource julien-carsique-sonarsource commented Aug 25, 2025
edited
Loading

BUILD-8714

Authenticate Gradle with Repox, using ARTIFACTORY_ACCESS_TOKEN environment variable.
The repoxAuth.init.gradle.kts file is the same init script which can be used locally by developers.
There is a fallback to the legacy variables for backward compliance.

The build-gradle action sets the following environment variables:

  • ARTIFACTORY_USERNAME: unused; present for eventual backward compliance
  • ARTIFACTORY_ACCESS_TOKEN: token used to authenticate for build
  • ARTIFACTORY_PASSWORD: backward compliance; this is used by some client Gradle projects
  • ARTIFACTORY_DEPLOY_ACCESS_TOKEN: token used to deploy artifacts, this is configured in the client Gradle projects
  • ARTIFACTORY_DEPLOY_PASSWORD: backward compliance; this is used by some client Gradle projects

The Gradle problem reports file is archived when present.
See https://github.com/SonarSource/sonar-dummy-gradle-oss/actions/runs/17240749748/artifacts/3854078587

Fixed SQ URL output for info.

Slightly simplified code and tests.

Tested by SonarSource/sonar-dummy-gradle-oss#275

@julien-carsique-sonarsource julien-carsique-sonarsource force-pushed the feat/jcarsique/BUILD-8714-gradleRepoxAuth branch 4 times, most recently from 8177080 to c6d5085 Compare August 26, 2025 13:46
@julien-carsique-sonarsource julien-carsique-sonarsource mentioned this pull request Aug 26, 2025
Merged
@julien-carsique-sonarsource julien-carsique-sonarsource marked this pull request as ready for review August 26, 2025 15:01
@julien-carsique-sonarsource julien-carsique-sonarsource requested a review from a team August 26, 2025 15:01
matemoln
matemoln reviewed Aug 26, 2025
View reviewed changes
Comment thread build-maven/action.yml Outdated
@julien-carsique-sonarsource julien-carsique-sonarsource force-pushed the feat/jcarsique/BUILD-8714-gradleRepoxAuth branch from c6d5085 to a2fe68d Compare August 27, 2025 08:07
@julien-carsique-sonarsource julien-carsique-sonarsource merged commit 89ce2b2 into master Aug 27, 2025
8 checks passed
@julien-carsique-sonarsource julien-carsique-sonarsource deleted the feat/jcarsique/BUILD-8714-gradleRepoxAuth branch August 27, 2025 08:10
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Aug 27, 2025

🤖 Pull Request summary

Updates GitHub Actions versions and Gradle build authentication configuration.

GitHub Actions version bump: Updated actions/upload-artifact from v4.5.0 to v4.6.2 across migration docs and workflows
Gradle authentication overhaul: Added new Gradle init script for Bearer token authentication with Repox repositories, replacing basic auth
Environment variable standardization: Consolidated Artifactory credentials to use ARTIFACTORY_ACCESS_TOKEN pattern while maintaining backward compatibility
Documentation formatting: Improved README table alignment and consistency across all action documentation sections
Build enhancements: Added problems report artifact upload and improved workflow summary generation in Gradle builds

Review focus: The new Gradle authentication script (repoxAuth.init.gradle.kts) is complex and handles multiple credential sources - verify the token precedence logic and ensure backward compatibility with existing authentication methods.

💬 Please send your feedback

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@matemoln matemoln matemoln approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@julien-carsique-sonarsource @matemoln