Bump gradle/actions in the github-actions group across 1 directory

Bumps the github-actions group with 1 update in the / directory: [gradle/actions](https://github.com/gradle/actions).


Updates `gradle/actions` from 6.1.0 to 6.2.0
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](https://github.com/gradle/actions/compare/50e97c2cd7a37755bbfafc9c5b7cafaece252f6e...3f131e8634966bd73d06cc69884922b02e6faf92)

---
updated-dependencies:
- dependency-name: gradle/actions
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/ci-check-and-unit-test.yml

@@ -26,7 +26,7 @@ jobs:
         cache-dependency-path: sources/package-lock.json
     - name: Setup Gradle
       # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0
+      uses: gradle/actions/setup-gradle@3f131e8634966bd73d06cc69884922b02e6faf92 # v6.2.0
       env:
         ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
       with:

.github/workflows/ci-init-script-check.yml

@@ -43,7 +43,7 @@ jobs:
     - name: Setup Gradle
       if: steps.changes.outputs.any_changed == 'true' || github.event_name != 'pull_request'
       # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0
+      uses: gradle/actions/setup-gradle@3f131e8634966bd73d06cc69884922b02e6faf92 # v6.2.0
       env:
         ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
     - name: Run integration tests

.github/workflows/ci-validate-wrappers.yml

@@ -12,6 +12,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-      - uses: gradle/actions/wrapper-validation@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0
+      - uses: gradle/actions/wrapper-validation@3f131e8634966bd73d06cc69884922b02e6faf92 # v6.2.0
         with:
           allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

sources/src/actions/dependency-submission/post.ts

@@ -1,6 +1,6 @@
 import * as setupGradle from '../../setup-gradle'
 
-import {CacheConfig, DevelocityConfig, SummaryConfig} from '../../configuration'
+import {CacheConfig, SummaryConfig} from '../../configuration'
 import {handlePostActionError} from '../../errors'
 import {forceExit} from '../../force-exit'
 
@@ -14,7 +14,7 @@ process.on('uncaughtException', e => handlePostActionError(e))
  */
 export async function run(): Promise<void> {
     try {
-        await setupGradle.complete(new CacheConfig(), new DevelocityConfig(), new SummaryConfig())
+        await setupGradle.complete(new CacheConfig(), new SummaryConfig())
     } catch (error) {
         handlePostActionError(error)
     }

sources/src/actions/setup-gradle/post.ts

@@ -1,7 +1,7 @@
 import * as setupGradle from '../../setup-gradle'
 import * as dependencyGraph from '../../dependency-graph'
 
-import {CacheConfig, DependencyGraphConfig, DevelocityConfig, SummaryConfig} from '../../configuration'
+import {CacheConfig, DependencyGraphConfig, SummaryConfig} from '../../configuration'
 import {handlePostActionError} from '../../errors'
 import {emitDeprecationWarnings, restoreDeprecationState} from '../../deprecation-collector'
 import {forceExit} from '../../force-exit'
@@ -19,7 +19,7 @@ export async function run(): Promise<void> {
         restoreDeprecationState()
         emitDeprecationWarnings()
 
-        if (await setupGradle.complete(new CacheConfig(), new DevelocityConfig(), new SummaryConfig())) {
+        if (await setupGradle.complete(new CacheConfig(), new SummaryConfig())) {
             // Only submit the dependency graphs once per job
             await dependencyGraph.complete(new DependencyGraphConfig())
         }

sources/src/cache-service.ts

@@ -8,8 +8,6 @@ export interface CacheOptions {
     strictMatch: boolean
     cleanup: string
     encryptionKey?: string
-    develocityAccessToken?: string
-    develocityServerUrl?: string
     includes: string[]
     excludes: string[]
 }
@@ -29,12 +27,7 @@ export type CacheCleanupStatus =
     | 'disabled-config-cache-hit'
     | 'disabled-readonly'
 
-export type ProjectCacheStatus =
-    | 'not-enabled' // the hidden opt-in env var was not set (rendered as nothing)
-    | 'trial-expired' // past the hard trial expiry
-    | 'trial-not-licensed' // Develocity trial token missing or invalid
-    | 'no-encryption-key' // Cannot store due to missing encryption key
-    | 'enabled' // Trial in effect: will attempt to save project state
+export type ConfigurationCacheStatus = 'not-active' | 'restored' | 'not-restored' | 'restore-incomplete'
 
 export interface CacheEntryReport {
     entryName: string
@@ -56,7 +49,7 @@ export interface CacheEntryReport {
 export interface CacheReport {
     status: CacheStatus
     cleanup?: CacheCleanupStatus
-    projectCache?: ProjectCacheStatus
+    configurationCache?: ConfigurationCacheStatus
     entries: CacheEntryReport[]
 }
 

sources/src/caching-report.ts

@@ -1,4 +1,4 @@
-import {CacheCleanupStatus, CacheEntryReport, CacheReport, CacheStatus, ProjectCacheStatus} from './cache-service'
+import {CacheCleanupStatus, CacheEntryReport, CacheReport, CacheStatus, ConfigurationCacheStatus} from './cache-service'
 
 const DOCS = 'https://github.com/gradle/actions/blob/main/docs/setup-gradle.md'
 const DISTRIBUTION = 'https://github.com/gradle/actions/blob/main/DISTRIBUTION.md'
@@ -28,12 +28,11 @@ const CLEANUP_COPY: Record<CacheCleanupStatus, string> = {
     'disabled-readonly': `[Cache cleanup](${DOCS}#configuring-cache-cleanup) is always disabled when the cache is read-only.`
 }
 
-const PROJECT_CACHE_COPY: Record<ProjectCacheStatus, string> = {
-    'not-enabled': ``,
-    'trial-expired': `Project state (build-logic and configuration cache) was not cached - the Develocity caching trial has expired.`,
-    'trial-not-licensed': `Project state (build-logic and configuration cache) was not cached - a develocity-access-key and develocity-server-url is required.`,
-    'no-encryption-key': `Project state (build-logic and configuration cache) was not cached - a [cache-encryption-key](${DOCS}#cache-encryption-key) is required.`,
-    enabled: `Caching of project state (build-logic and configuration cache) was enabled.`
+const CONFIG_CACHE_COPY: Record<ConfigurationCacheStatus, string> = {
+    'not-active': `Configuration cache state was not cached — set a [cache-encryption-key](${DOCS}#cache-encryption-key) to enable configuration-cache caching.`,
+    restored: `Configuration cache state was restored from the cache.`,
+    'not-restored': `Configuration cache state was not restored — no cached data was available (e.g. the first run for this cache key).`,
+    'restore-incomplete': `Configuration cache state was not restored — the Gradle User Home was not fully restored.`
 }
 
 /**
@@ -77,9 +76,8 @@ function renderCleanupLine(cleanup?: CacheCleanupStatus): string | undefined {
     return cleanup ? CLEANUP_COPY[cleanup] : undefined
 }
 
-function renderProjectCacheLine(projectCache?: ProjectCacheStatus): string | undefined {
-    // PROJECT_CACHE_COPY['not-enabled'] is '', which the .filter(Boolean) at the call site drops.
-    return projectCache ? PROJECT_CACHE_COPY[projectCache] : undefined
+function renderConfigCacheLine(configurationCache?: ConfigurationCacheStatus): string | undefined {
+    return configurationCache ? CONFIG_CACHE_COPY[configurationCache] : undefined
 }
 
 function renderProviderNote(providerNote?: ProviderNote): string | undefined {
@@ -101,10 +99,10 @@ function renderDetails(report: CacheReport): string {
         : `Entries: ${restored} restored, ${saved} saved - Expand for more details`
 
     const cleanup = report.status === 'enabled' ? renderCleanupLine(report.cleanup) : undefined
-    const projectCache = renderProjectCacheLine(report.projectCache)
+    const configCache = renderConfigCacheLine(report.configurationCache)
     const table = renderEntryTable(report.entries)
     const pre = `<pre>\n${renderEntryDetails(report.entries)}</pre>`
-    const body = [STATUS_COPY[report.status], cleanup, projectCache, table, pre].filter(Boolean).join('\n\n')
+    const body = [STATUS_COPY[report.status], cleanup, configCache, table, pre].filter(Boolean).join('\n\n')
 
     return `<details>
 <summary>${summary}</summary>

sources/src/develocity/short-lived-token.ts

@@ -174,34 +174,3 @@ export class DevelocityAccessCredentials {
         return this.accessKeyRegexp.test(allKeys)
     }
 }
-
-/**
- * Resolve the access key that matches a given Develocity server, for use as the
- * `develocityAccessToken` cache option. Returns `undefined` (fail-closed) when the access key is
- * empty, the server URL is empty/unparseable, or no entry matches the server's host.
- *
- * Parses the `host=value;host=value` form leniently rather than via `DevelocityAccessCredentials`:
- * at save time the value is typically a short-lived token (a JWT whose `.`/`-` characters the strict
- * parser rejects), but it is still a valid access token for that host.
- */
-export function resolveAccessKeyForServer(accessKey: string, serverUrl: string): string | undefined {
-    if (!accessKey || !serverUrl) {
-        return undefined
-    }
-    let host: string
-    try {
-        host = new URL(serverUrl).hostname
-    } catch {
-        host = serverUrl // tolerate a bare hostname (no scheme)
-    }
-    for (const entry of accessKey.split(';')) {
-        const sep = entry.indexOf('=')
-        if (sep < 1) {
-            continue // skip blanks / malformed entries with no `host=` prefix
-        }
-        if (entry.slice(0, sep) === host) {
-            return entry.slice(sep + 1) || undefined
-        }
-    }
-    return undefined
-}

sources/src/setup-gradle.ts

@@ -5,7 +5,6 @@ import * as path from 'path'
 import * as os from 'os'
 import * as jobSummary from './job-summary'
 import * as buildScan from './develocity/build-scan'
-import {resolveAccessKeyForServer} from './develocity/short-lived-token'
 
 import {loadBuildResults, markBuildResultsProcessed} from './build-results'
 import {getCacheService, getProviderNote} from './cache-service-loader'
@@ -46,7 +45,7 @@ export async function setup(
     initializeGradleUserHome(userHome, gradleUserHome, cacheConfig.getCacheEncryptionKey())
 
     const cacheService = await getCacheService(cacheConfig)
-    await cacheService.restore(gradleUserHome, cacheOptionsFrom(cacheConfig, develocityConfig))
+    await cacheService.restore(gradleUserHome, cacheOptionsFrom(cacheConfig))
 
     await wrapperValidator.validateWrappers(wrapperValidationConfig, getWorkspaceDirectory(), gradleUserHome)
 
@@ -55,11 +54,7 @@ export async function setup(
     return true
 }
 
-export async function complete(
-    cacheConfig: CacheConfig,
-    develocityConfig: DevelocityConfig,
-    summaryConfig: SummaryConfig
-): Promise<boolean> {
+export async function complete(cacheConfig: CacheConfig, summaryConfig: SummaryConfig): Promise<boolean> {
     if (!core.getState(GRADLE_SETUP_VAR)) {
         core.info('Gradle setup post-action only performed for first gradle/actions step in workflow.')
         return false
@@ -70,11 +65,7 @@ export async function complete(
 
     const gradleUserHome = core.getState(GRADLE_USER_HOME)
     const cacheService = await getCacheService(cacheConfig)
-    const cacheReport = await cacheService.save(
-        gradleUserHome,
-        buildResults,
-        cacheOptionsFrom(cacheConfig, develocityConfig)
-    )
+    const cacheReport = await cacheService.save(gradleUserHome, buildResults, cacheOptionsFrom(cacheConfig))
     await jobSummary.generateJobSummary(buildResults, cacheReport, getProviderNote(cacheConfig), summaryConfig)
 
     markBuildResultsProcessed()
@@ -84,12 +75,7 @@ export async function complete(
     return true
 }
 
-function cacheOptionsFrom(config: CacheConfig, develocityConfig: DevelocityConfig): CacheOptions {
-    const develocityServerUrl = develocityConfig?.getDevelocityUrl() || undefined
-    const develocityAccessToken =
-        develocityConfig && develocityServerUrl
-            ? resolveAccessKeyForServer(develocityConfig.getDevelocityAccessKey(), develocityServerUrl)
-            : undefined
+function cacheOptionsFrom(config: CacheConfig): CacheOptions {
     return {
         disabled: config.isCacheDisabled(),
         readOnly: config.isCacheReadOnly(),
@@ -98,8 +84,6 @@ function cacheOptionsFrom(config: CacheConfig, develocityConfig: DevelocityConfi
         strictMatch: config.isCacheStrictMatch(),
         cleanup: config.getCacheCleanupOption(),
         encryptionKey: config.getCacheEncryptionKey() || undefined,
-        develocityAccessToken,
-        develocityServerUrl,
         includes: config.getCacheIncludes(),
         excludes: config.getCacheExcludes()
     }

sources/test/jest/caching-report.test.ts

@@ -79,39 +79,37 @@ describe('renderCachingReport', () => {
         expect(md).toContain('<summary>Entries: 1 restored, 0 saved - Expand for more details</summary>')
     })
 
-    it('renders the project-cache status line inside the details', () => {
+    it('renders the configuration-cache status line inside the details', () => {
         const report: CacheReport = {
             status: 'enabled',
             cleanup: 'enabled',
-            projectCache: 'enabled',
+            configurationCache: 'restored',
             entries: [entry()]
         }
         const md = renderCachingReport(report, ENHANCED)
 
         const detailsBody = md.slice(md.indexOf('</summary>'))
-        expect(detailsBody).toContain(
-            'Caching of project state (build-logic and configuration cache) was enabled.'
-        )
+        expect(detailsBody).toContain('Configuration cache state was restored from the cache.')
     })
 
-    it('renders nothing for the not-enabled project-cache status', () => {
+    it('explains an inactive configuration cache with a link to the encryption key docs', () => {
         const report: CacheReport = {
             status: 'enabled',
             cleanup: 'enabled',
-            projectCache: 'not-enabled',
+            configurationCache: 'not-active',
             entries: [entry()]
         }
         const md = renderCachingReport(report, ENHANCED)
 
-        expect(md).not.toContain('Project state')
-        expect(md).not.toContain('build-logic')
+        expect(md).toContain('Configuration cache state was not cached')
+        expect(md).toContain('#cache-encryption-key')
     })
 
-    it('omits the project-cache line when the status is absent', () => {
+    it('omits the configuration-cache line when the status is absent', () => {
         const report: CacheReport = {status: 'enabled', cleanup: 'enabled', entries: [entry()]}
         const md = renderCachingReport(report, ENHANCED)
 
-        expect(md).not.toContain('Project state')
+        expect(md).not.toContain('Configuration cache state')
     })
 
     it('renders a compact disabled report with no note and no details', () => {

sources/test/jest/short-lived-token.test.ts

@@ -1,7 +1,7 @@
 import nock from "nock";
 import {describe, expect, it} from '@jest/globals'
 
-import {DevelocityAccessCredentials, getToken, resolveAccessKeyForServer} from "../../src/develocity/short-lived-token";
+import {DevelocityAccessCredentials, getToken} from "../../src/develocity/short-lived-token";
 
 describe('short lived tokens', () => {
     it('parse valid access key should return an object', async () => {
@@ -134,42 +134,3 @@ describe('short lived tokens with retry', () => {
             .toBeNull()
     })
 })
-
-describe('resolveAccessKeyForServer', () => {
-    it('returns the key matching the server host from a full URL', () => {
-        expect(resolveAccessKeyForServer('ge.example.com=key1;other=key2', 'https://ge.example.com')).toBe('key1')
-    })
-
-    it('matches on hostname, ignoring scheme, port and path', () => {
-        expect(resolveAccessKeyForServer('ge.example.com=key1', 'https://ge.example.com:8443/path')).toBe('key1')
-    })
-
-    it('tolerates a bare hostname with no scheme', () => {
-        expect(resolveAccessKeyForServer('ge.example.com=key1', 'ge.example.com')).toBe('key1')
-    })
-
-    it('selects the matching key when multiple are present', () => {
-        expect(resolveAccessKeyForServer('dev=key1;ge.example.com=key2', 'https://ge.example.com')).toBe('key2')
-    })
-
-    it('accepts a short-lived token value (JWT with dots and dashes)', () => {
-        const token = 'eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ4In0.sig-na_ture'
-        expect(resolveAccessKeyForServer(`ge.example.com=${token}`, 'https://ge.example.com')).toBe(token)
-    })
-
-    it('returns undefined when no key matches the server host', () => {
-        expect(resolveAccessKeyForServer('ge.example.com=key1', 'https://other.example.com')).toBeUndefined()
-    })
-
-    it('returns undefined for an empty server URL', () => {
-        expect(resolveAccessKeyForServer('ge.example.com=key1', '')).toBeUndefined()
-    })
-
-    it('returns undefined for an empty access key', () => {
-        expect(resolveAccessKeyForServer('', 'https://ge.example.com')).toBeUndefined()
-    })
-
-    it('returns undefined for a malformed access key', () => {
-        expect(resolveAccessKeyForServer('not-a-valid-access-key', 'https://ge.example.com')).toBeUndefined()
-    })
-})

sources/vendor/gradle-actions-caching/index.d.ts

@@ -37,8 +37,6 @@ export declare interface CacheOptions {
     strictMatch: boolean;
     cleanup: 'always' | 'on-success' | 'never';
     encryptionKey?: string;
-    develocityAccessToken?: string;
-    develocityServerUrl?: string;
     includes: string[];
     excludes: string[];
 }
@@ -47,22 +45,12 @@ export declare interface CacheOptions {
 export declare interface CacheReport {
     status: CacheStatus;
     cleanup?: CacheCleanupStatus;
-    projectCache?: ProjectCacheStatus;
     entries: CacheEntryReport[];
 }
 
 /** @public */
 export declare type CacheStatus = 'enabled' | 'read-only' | 'write-only' | 'disabled' | 'disabled-existing-home' | 'not-available';
 
-/**
- * Status of project-entry caching (build-logic artifacts + configuration-cache data) for a run.
- * The first three are set on restore (always ungated); the rest are set on save and reflect the
- * two-tier gate (opt-in + Develocity trial, then encryption key + Gradle version). Still beta.
- *
- * @public
- */
-declare type ProjectCacheStatus = 'not-enabled' | 'trial-expired' | 'trial-not-licensed' | 'no-encryption-key' | 'enabled';
-
 /** @public */
 export declare function restore(gradleUserHome: string, cacheOptions: CacheOptions): Promise<void>;
 

sources/vendor/gradle-actions-caching/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gradle-actions-caching",
-  "version": "0.8.0-cc",
+  "version": "0.7.0",
   "type": "module",
   "main": "./index.js",
   "types": "./index.d.ts",