From 26d7443c878c77e8da8fc5450a75b916f9fbcfcf Mon Sep 17 00:00:00 2001 From: LamGC Date: Tue, 23 Aug 2022 13:16:20 +0800 Subject: [PATCH] =?UTF-8?q?ci(github-action):=20=E6=8A=8A=20Gradle=20Wrapp?= =?UTF-8?q?er=20=E6=A3=80=E6=9F=A5=E6=AD=A5=E9=AA=A4=E5=8A=A0=E5=85=A5?= =?UTF-8?q?=E5=88=B0=E6=89=80=E6=9C=89=E6=9E=84=E5=BB=BA=E5=B7=A5=E4=BD=9C?= =?UTF-8?q?=E6=B5=81=E4=B8=AD.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 单独检查 Wrapper 并不能阻止其他工作流被恶意 jar 影响, 所以取消单独的检查工作流, 并将检查步骤插入到其他构建工作流中. --- .github/workflows/build-and-test.yml | 29 ++++++++++--------- .github/workflows/create-release.yml | 1 + .../workflows/gradle-wrapper-validation.yml | 10 ------- .github/workflows/release-container-image.yml | 1 + .../workflows/release-dev-container-image.yml | 1 + 5 files changed, 18 insertions(+), 24 deletions(-) delete mode 100644 .github/workflows/gradle-wrapper-validation.yml diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 614d0d0..5a61cee 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -18,17 +18,18 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - java-version: '11' - distribution: 'adopt-hotspot' - cache: 'gradle' - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - name: Build and test - uses: gradle/gradle-build-action@v2.2.1 - with: - gradle-version: 'wrapper' - arguments: test + - uses: actions/checkout@v3 + - name: Set up JDK 11 + uses: actions/setup-java@v3 + with: + java-version: '11' + distribution: 'adopt-hotspot' + cache: 'gradle' + - uses: gradle/wrapper-validation-action@v1 + - name: Grant execute permission for gradlew + run: chmod +x gradlew + - name: Build and test + uses: gradle/gradle-build-action@v2.2.1 + with: + gradle-version: 'wrapper' + arguments: test diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index b68d391..24abe3f 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -42,6 +42,7 @@ jobs: java-version: '11' distribution: 'adopt-hotspot' cache: 'gradle' + - uses: gradle/wrapper-validation-action@v1 - name: Grant execute permission for gradlew run: chmod +x gradlew - name: Build and test diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml deleted file mode 100644 index 405a2b3..0000000 --- a/.github/workflows/gradle-wrapper-validation.yml +++ /dev/null @@ -1,10 +0,0 @@ -name: "Validate Gradle Wrapper" -on: [push, pull_request] - -jobs: - validation: - name: "Validation" - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: gradle/wrapper-validation-action@v1 diff --git a/.github/workflows/release-container-image.yml b/.github/workflows/release-container-image.yml index 640fff4..2c1e989 100644 --- a/.github/workflows/release-container-image.yml +++ b/.github/workflows/release-container-image.yml @@ -21,6 +21,7 @@ jobs: java-version: '11' distribution: 'adopt-hotspot' cache: 'gradle' + - uses: gradle/wrapper-validation-action@v1 - name: Grant execute permission for gradlew run: chmod +x gradlew - name: Build and test diff --git a/.github/workflows/release-dev-container-image.yml b/.github/workflows/release-dev-container-image.yml index 052b773..43676bb 100644 --- a/.github/workflows/release-dev-container-image.yml +++ b/.github/workflows/release-dev-container-image.yml @@ -21,6 +21,7 @@ jobs: java-version: '11' distribution: 'adopt-hotspot' cache: 'gradle' + - uses: gradle/wrapper-validation-action@v1 - name: Grant execute permission for gradlew run: chmod +x gradlew - name: Build project and install Distribution package