Support custom init.gradle and/or gradle.properties

[bnorm]

What would you like Renovate to be able to do?

Renovate needs a way to supply encrypted credentials to Gradle scripts.

Some of my projects store credentials in the global ~/.gradle/gradle.properties file to avoid leaking them into version control. These properties are then read in the the Gradle scripts to access artifact repositories and resolve artifacts. Without them, the build scripts fail and Renovate is not able to resolve the artifact versions and determine if updates are required.

Did you already have any implementation ideas?

It is currently possible to add an npmrc file so I thought it a natural enhancement for Gradle support to allow specifying either an init.gradle and/or a gradle.properties file. These could then be encrypted if they needed to include credentails.

Are there any workarounds or alternative ideas you've tried to avoid needing this feature?

Not that I am aware of but if suggestions are made, I would be happy to test them.

Is this a feature you'd be interested in implementing yourself?

I've dabbled very little with TypeScript, but if pointed at the npmrc config implementation and where it would need to be copied, I might be able to come up with an implementation.

[rarkins]

Is there any way to supply these properties using environment variables or CLI commands instead? Writing files is our least favorite way of doing things.

[bnorm]

Yes, Gradle also has -Pname=value as the command line alternative to a gradle.properties file. Environment variables are handled differently by Gradle so some changes would need to be made to my build scripts but is doable. Command line properties would be preferred.

[rarkins]

BTW are you using the hosted app, or self-hosted? I'm assuming hosted but want to check.

Our Gradle manager implementation is unique within Renovate because it (unfortunately) runs Gradle and fully resolves dependencies during the extract phase, rather than doing a light parse of the package manager files. We'd probably need to supply credentials during both the Gradle extract phase as well as the Maven version lookup phase.

What type of host is the credentials for? e.g. is it a private maven registry/repository?

[bnorm]

Your assumption is correct, using the hosted app.

The credentials are for a private maven repository. I already have them in a hostRules entry so Renovate can access the repository but they need to be provided anytime Gradle is run since it is the only repository we use for resolving artifacts.

[monperrus]

Reading in the doc that "Renovate (b) automatically detect during the manager extract phase which custom registries are in use." and here @rarkins writes "Our Gradle manager implementation is unique within Renovate because it (unfortunately) runs Gradle and fully resolves dependencies during the extract phase, rather than doing a light parse of the package manager files".

However, for our project Spoon, the additional registry is not detected.

repositories {
    mavenCentral()
    maven { url 'https://raw.github.com/SpoonLabs/spoon-dependencies/master' }
}

Ref: https://github.com/INRIA/spoon/blob/1d8f45b239cfa9c8420384db8137cfb6bb071ff3/spoon-dataflow/build.gradle#LL19C18-L19C76

Consequently, we get a dependency lookup warning "Renovate failed to look up the following dependencies: Failed to look up maven package com.microsoft:z3."

Why is the additional registry not detected? Is that a bug?

[rarkins]

The Gradle manager is now a parser. @Churro can you tell at a glance what's going wrong here?

[Churro]

Repo extraction works correctly here but when renovate looks for com.microsoft:z3:4.8.4, it tries to retrieve maven-metadata.xml, which doesn't exist. The z3 repo only contains maven-metadata-local.xml, which according to maven docs is supposed to be used with local repos, while this one is obviously remote. So, I'd suggest adding a maven-metadata.xml to the repo and try again.

The "real" gradle doesn't have this issue, as it doesn't try to list releases and just fetches z3-4.8.4.pom directly.

@monperrus, not sure if you're aware but the trailing comma in your renovate.json renders the config invalid.

[monperrus]

Thanks a lot @Churro

So, I'd suggest adding a maven-metadata.xml to the repo and try again

Done, see SpoonLabs/spoon-dependencies@4b8a7af

if you're aware but the trailing comma in your renovate.json renders the config invalid.

Oh, thanks, see INRIA/spoon#5203

It would be great to have a big warning in the dependency dashboard issue when renovate.json is invalid.

[viceice]

if you're aware but the trailing comma in your renovate.json renders the config invalid.

Oh, thanks, see INRIA/spoon#5203

It would be great to have a big warning in the dependency dashboard issue when renovate.json is invalid.

it's probably valid because renovate is parsing all JSON config files as JSON5. 🤗