Plugin repository URL is configurable

The repository URL used to resolve the `github-dependency-graph-gradle-plugin` is now configurable, allowing a user to specify an internal proxy if the public portal is not available. Specify a custom plugin repository using the `GRADLE_PLUGIN_REPOSITORY_URL` env var, or the `gradle.plugin-repository.url` System property. Fixes #933
gradle · Dec 12, 2023 · 8cbcb99 · 8cbcb99
1 parent a71aff6
commit 8cbcb99
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -578,6 +578,27 @@ The `contents: write` permission is not required to generate the dependency grap
 > for a PR submitted from a forked repository.
 > For a configuration that supports this setup, see [Dependency Graphs for pull request workflows](#dependency-graphs-for-pull-request-workflows).
 
+### Using a custom plugin repository
+
+By default, the action downloads the `github-dependency-graph-gradle-plugin` from the Gradle Plugin Portal (https://plugins.gradle.org). If your GitHub Actions environment does not have access to this URL, you can specify a custom plugin repository to use. 
+Do so by setting the `GRADLE_PLUGIN_REPOSITORY_URL` environment variable with your Gradle invocation.
+
+```yaml
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Setup Gradle to generate and submit dependency graphs
+      uses: gradle/gradle-build-action@v2
+      with:
+        dependency-graph: generate-and-submit
+    - name: Run a build, resolving the 'dependency-graph' plugin from the plugin portal proxy
+      run: ./gradlew build
+      env:
+        GRADLE_PLUGIN_REPOSITORY_URL: "https://gradle-plugins-proxy.mycorp.com"
+```
+
 ### Integrating the `dependency-review-action`
 
 The GitHub [dependency-review-action](https://github.com/actions/dependency-review-action) helps you 
@@ -826,6 +847,8 @@ To reduce storage costs for these artifacts, you can set the `artifact-retention
         artifact-retention-days: 1
 ```
 
+
+
 # Gradle Enterprise plugin injection
 
 The `gradle-build-action` provides support for injecting and configuring the Gradle Enterprise Gradle plugin into any Gradle build, without any modification to the project sources.

diff --git a/...urces/init-scripts/gradle-build-action.github-dependency-graph-gradle-plugin-apply.groovy b/...urces/init-scripts/gradle-build-action.github-dependency-graph-gradle-plugin-apply.groovy
@@ -1,6 +1,12 @@
 buildscript {
+  def getInputParam = { String name ->
+      def envVarName = name.toUpperCase().replace('.', '_').replace('-', '_')
+      return System.getProperty(name) ?: System.getenv(envVarName)
+  }
+  def pluginRepositoryUrl = getInputParam('gradle.plugin-repository.url') ?: 'https://plugins.gradle.org/m2'
+
   repositories {
-    maven { url "https://plugins.gradle.org/m2/" }
+    maven { url pluginRepositoryUrl }
   }
   dependencies {
     classpath "org.gradle:github-dependency-graph-gradle-plugin:1.0.0"