From e449898f19df776bf2a7e05f2b0a4a7f559e5689 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 25 Mar 2026 14:20:35 +0000 Subject: [PATCH 1/2] Update GitHub actions --- .github/workflows/PullRequestClosed.yml | 2 +- .github/workflows/PullRequestCreated.yml | 2 +- .github/workflows/RequestReview.yml | 2 +- .github/workflows/SubmitReview.yml | 2 +- .github/workflows/test-shell-scripts.yml | 2 +- build-gradle/action.yml | 2 +- build-maven/action.yml | 2 +- build-npm/action.yml | 2 +- build-poetry/action.yml | 4 ++-- build-yarn/action.yml | 4 ++-- cache/action.yml | 2 +- code-signing/action.yml | 4 ++-- config-gradle/action.yml | 4 ++-- config-maven/action.yml | 4 ++-- config-npm/action.yml | 4 ++-- config-pip/action.yml | 4 ++-- get-build-number/action.yml | 2 +- promote/action.yml | 2 +- 18 files changed, 25 insertions(+), 25 deletions(-) diff --git a/.github/workflows/PullRequestClosed.yml b/.github/workflows/PullRequestClosed.yml index 9efebded..879365fc 100644 --- a/.github/workflows/PullRequestClosed.yml +++ b/.github/workflows/PullRequestClosed.yml @@ -18,7 +18,7 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 with: secrets: | development/kv/data/jira user | JIRA_USER; diff --git a/.github/workflows/PullRequestCreated.yml b/.github/workflows/PullRequestCreated.yml index 581b0eca..4f9095fc 100644 --- a/.github/workflows/PullRequestCreated.yml +++ b/.github/workflows/PullRequestCreated.yml @@ -17,7 +17,7 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 with: secrets: | development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN; diff --git a/.github/workflows/RequestReview.yml b/.github/workflows/RequestReview.yml index 74ac40c8..39281fd8 100644 --- a/.github/workflows/RequestReview.yml +++ b/.github/workflows/RequestReview.yml @@ -17,7 +17,7 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 with: secrets: | development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN; diff --git a/.github/workflows/SubmitReview.yml b/.github/workflows/SubmitReview.yml index 6a666fa8..c025d24c 100644 --- a/.github/workflows/SubmitReview.yml +++ b/.github/workflows/SubmitReview.yml @@ -20,7 +20,7 @@ jobs: || github.event.review.state == 'approved') steps: - id: secrets - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 with: secrets: | development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN; diff --git a/.github/workflows/test-shell-scripts.yml b/.github/workflows/test-shell-scripts.yml index 081ce770..44b4c9b8 100644 --- a/.github/workflows/test-shell-scripts.yml +++ b/.github/workflows/test-shell-scripts.yml @@ -33,7 +33,7 @@ jobs: ./run_shell_tests.sh - name: Vault id: secrets - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 with: secrets: | development/kv/data/sonarcloud url | SONAR_URL; diff --git a/build-gradle/action.yml b/build-gradle/action.yml index 4b40e05b..99fceea7 100644 --- a/build-gradle/action.yml +++ b/build-gradle/action.yml @@ -122,7 +122,7 @@ runs: run: | echo "ARTIFACTORY_DEPLOYER_ROLE=${ARTIFACTORY_DEPLOYER_ROLE}" >> "$GITHUB_ENV" - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 id: secrets with: # yamllint disable rule:line-length diff --git a/build-maven/action.yml b/build-maven/action.yml index c81fd848..111096bf 100644 --- a/build-maven/action.yml +++ b/build-maven/action.yml @@ -150,7 +150,7 @@ runs: echo "SONARSOURCE_REPOSITORY_URL=${ARTIFACTORY_URL}/sonarsource" >> "$GITHUB_ENV" # yamllint enable rule:line-length - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 id: secrets with: # yamllint disable rule:line-length diff --git a/build-npm/action.yml b/build-npm/action.yml index 532c22a4..c85288a1 100644 --- a/build-npm/action.yml +++ b/build-npm/action.yml @@ -128,7 +128,7 @@ runs: working-directory: ${{ inputs.working-directory }} disable-caching: ${{ inputs.cache-npm != 'true' && 'true' || inputs.disable-caching }} - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 id: secrets # yamllint disable rule:line-length with: diff --git a/build-poetry/action.yml b/build-poetry/action.yml index 8b3b2887..3cd03506 100644 --- a/build-poetry/action.yml +++ b/build-poetry/action.yml @@ -111,7 +111,7 @@ runs: with: host-actions-root: ${{ steps.set-path.outputs.host_actions_root }} - name: Cache local Poetry cache - uses: SonarSource/gh-action_cache@957cb1f6f70956976b834546bf09839080b5bb00 # v1.2.3 + uses: SonarSource/gh-action_cache@0fe268e0b670dfb7aea67a0578b317d5a2e26212 # v1.4.1 if: inputs.disable-caching == 'false' with: path: ${{ github.workspace }}/${{ inputs.poetry-cache-dir }} @@ -120,7 +120,7 @@ runs: - uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 with: version: 2026.3.7 - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 id: secrets # yamllint disable rule:line-length with: diff --git a/build-yarn/action.yml b/build-yarn/action.yml index 33f30251..cf3f7353 100644 --- a/build-yarn/action.yml +++ b/build-yarn/action.yml @@ -122,7 +122,7 @@ runs: working_directory: ${{ inputs.working-directory }} - name: Cache Yarn dependencies - uses: SonarSource/gh-action_cache@957cb1f6f70956976b834546bf09839080b5bb00 # v1.2.3 + uses: SonarSource/gh-action_cache@0fe268e0b670dfb7aea67a0578b317d5a2e26212 # v1.4.1 if: ${{ inputs.cache-yarn == 'true' && inputs.disable-caching != 'true' }} with: path: | @@ -130,7 +130,7 @@ runs: key: yarn-${{ runner.os }}-${{ hashFiles('**/yarn.lock') }} restore-keys: yarn-${{ runner.os }}- - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 id: secrets # yamllint disable rule:line-length with: diff --git a/cache/action.yml b/cache/action.yml index 8685c992..bebe1a2b 100644 --- a/cache/action.yml +++ b/cache/action.yml @@ -36,7 +36,7 @@ runs: echo "::warning:: This action is deprecated and will be removed in future releases." \ "Please migrate to using the SonarSource/gh-action_cache action directly." >&2 - - uses: SonarSource/gh-action_cache@957cb1f6f70956976b834546bf09839080b5bb00 # v1.2.3 + - uses: SonarSource/gh-action_cache@0fe268e0b670dfb7aea67a0578b317d5a2e26212 # v1.4.1 id: cache with: path: ${{ inputs.path }} diff --git a/code-signing/action.yml b/code-signing/action.yml index 14e9e843..43475efa 100644 --- a/code-signing/action.yml +++ b/code-signing/action.yml @@ -22,7 +22,7 @@ runs: echo "JSIGN_CACHE_PATH=/tmp/jsign-cache" >> "$GITHUB_ENV" - name: Cache code signing tools - uses: SonarSource/gh-action_cache@957cb1f6f70956976b834546bf09839080b5bb00 # v1.2.3 + uses: SonarSource/gh-action_cache@0fe268e0b670dfb7aea67a0578b317d5a2e26212 # v1.4.1 id: tools-cache with: path: | @@ -32,7 +32,7 @@ runs: - name: Get DigiCert secrets from Vault id: secrets - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 with: secrets: | development/kv/data/sign/digicert apikey | SM_API_KEY; diff --git a/config-gradle/action.yml b/config-gradle/action.yml index 9b0ade8c..04d12ad1 100644 --- a/config-gradle/action.yml +++ b/config-gradle/action.yml @@ -91,7 +91,7 @@ runs: (github.event.repository.visibility == 'public' && 'public-reader' || 'private-reader') }} run: | echo "ARTIFACTORY_READER_ROLE=${ARTIFACTORY_READER_ROLE}" >> "$GITHUB_ENV" - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 if: steps.config-gradle-completed.outputs.skip != 'true' id: secrets with: @@ -167,7 +167,7 @@ runs: run: echo "workflow_name=${WORKFLOW_NAME// /-}" >> "$GITHUB_OUTPUT" - name: Gradle Cache - uses: SonarSource/gh-action_cache@957cb1f6f70956976b834546bf09839080b5bb00 # v1.2.3 + uses: SonarSource/gh-action_cache@0fe268e0b670dfb7aea67a0578b317d5a2e26212 # v1.4.1 if: steps.config-gradle-completed.outputs.skip != 'true' && inputs.disable-caching == 'false' with: path: ${{ inputs.cache-paths }} diff --git a/config-maven/action.yml b/config-maven/action.yml index 71e69263..d331e19d 100644 --- a/config-maven/action.yml +++ b/config-maven/action.yml @@ -92,7 +92,7 @@ runs: (github.event.repository.visibility == 'public' && 'public-reader' || 'private-reader') }} run: | echo "ARTIFACTORY_READER_ROLE=${ARTIFACTORY_READER_ROLE}" >> "$GITHUB_ENV" - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 if: steps.config-maven-completed.outputs.skip != 'true' id: secrets with: @@ -178,7 +178,7 @@ runs: run: echo "workflow_name=${WORKFLOW_NAME// /-}" >> "$GITHUB_OUTPUT" - name: Cache local Maven repository - uses: SonarSource/gh-action_cache@957cb1f6f70956976b834546bf09839080b5bb00 # v1.2.3 + uses: SonarSource/gh-action_cache@0fe268e0b670dfb7aea67a0578b317d5a2e26212 # v1.4.1 if: steps.config-maven-completed.outputs.skip != 'true' && inputs.disable-caching == 'false' with: path: ${{ inputs.cache-paths }} diff --git a/config-npm/action.yml b/config-npm/action.yml index 06336838..89330358 100644 --- a/config-npm/action.yml +++ b/config-npm/action.yml @@ -92,7 +92,7 @@ runs: with: version: 2026.3.7 - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 if: steps.config-npm-completed.outputs.skip != 'true' id: secrets with: @@ -125,7 +125,7 @@ runs: run: echo "workflow_name=${WORKFLOW_NAME// /-}" >> "$GITHUB_OUTPUT" - name: Cache NPM dependencies - uses: SonarSource/gh-action_cache@957cb1f6f70956976b834546bf09839080b5bb00 # v1.2.3 + uses: SonarSource/gh-action_cache@0fe268e0b670dfb7aea67a0578b317d5a2e26212 # v1.4.1 if: steps.config-npm-completed.outputs.skip != 'true' && inputs.disable-caching != 'true' && inputs.cache-npm == 'true' with: path: ~/.npm diff --git a/config-pip/action.yml b/config-pip/action.yml index 23c21414..85daba92 100644 --- a/config-pip/action.yml +++ b/config-pip/action.yml @@ -73,7 +73,7 @@ runs: run: | echo "ARTIFACTORY_READER_ROLE=${ARTIFACTORY_READER_ROLE}" >> "$GITHUB_ENV" - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 id: secrets with: secrets: | @@ -100,7 +100,7 @@ runs: run: echo "workflow_name=${WORKFLOW_NAME// /-}" >> "$GITHUB_OUTPUT" - name: Cache pip dependencies - uses: SonarSource/gh-action_cache@957cb1f6f70956976b834546bf09839080b5bb00 # v1.2.3 + uses: SonarSource/gh-action_cache@0fe268e0b670dfb7aea67a0578b317d5a2e26212 # v1.4.1 if: inputs.disable-caching == 'false' with: path: ${{ inputs.cache-paths }} diff --git a/get-build-number/action.yml b/get-build-number/action.yml index 02df2b14..7cc26e73 100644 --- a/get-build-number/action.yml +++ b/get-build-number/action.yml @@ -52,7 +52,7 @@ runs: enableCrossOsArchive: true # Otherwise, increment the build number - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 id: secrets if: steps.from-env.outputs.skip != 'true' && steps.current-build-number.outputs.cache-hit != 'true' with: diff --git a/promote/action.yml b/promote/action.yml index 586ac239..7f3b0abb 100644 --- a/promote/action.yml +++ b/promote/action.yml @@ -51,7 +51,7 @@ runs: - uses: ./.actions/get-build-number with: host-actions-root: ${{ steps.set-path.outputs.host_actions_root }} - - uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 + - uses: SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820 # 3.4.0 id: secrets with: secrets: | From 93b6c30090b5802defead182fdef554dcb25d9b8 Mon Sep 17 00:00:00 2001 From: Julien Carsique Date: Wed, 25 Mar 2026 17:42:59 +0100 Subject: [PATCH 2/2] BUILD-10724 fix SQ issues Co-Authored-By: Claude Sonnet 4.6 --- build-maven/action.yml | 3 ++- build-poetry/action.yml | 3 ++- code-signing/action.yml | 10 +++++++--- config-gradle/action.yml | 8 ++++++-- config-maven/action.yml | 10 +++++++--- config-npm/action.yml | 3 ++- config-pip/action.yml | 4 +++- get-build-number/action.yml | 4 +++- 8 files changed, 32 insertions(+), 13 deletions(-) diff --git a/build-maven/action.yml b/build-maven/action.yml index 111096bf..73b02d19 100644 --- a/build-maven/action.yml +++ b/build-maven/action.yml @@ -127,6 +127,7 @@ runs: shell: bash id: params env: + MIXED_PRIVACY: ${{ inputs.mixed-privacy }} USER_MAVEN_ARGS: ${{ inputs.maven-args }} ARTIFACTORY_DEPLOY_REPO: ${{ inputs.artifactory-deploy-repo != '' && inputs.artifactory-deploy-repo || (github.event.repository.visibility == 'public' || inputs.mixed-privacy == 'true') && 'sonarsource-public-qa' || @@ -137,7 +138,7 @@ runs: # yamllint disable rule:line-length run: | { - if [[ "${{ inputs.mixed-privacy }}" == 'true' ]]; then + if [[ "${MIXED_PRIVACY}" == 'true' ]]; then USER_MAVEN_ARGS="${USER_MAVEN_ARGS} -Dartifactory.publish.artifacts=false" echo "ARTIFACTORY_PRIVATE_DEPLOY_REPO=${ARTIFACTORY_PRIVATE_DEPLOY_REPO:=sonarsource-private-qa}" echo "ARTIFACTORY_PRIVATE_DEPLOY_ACCESS_TOKEN_VAULT=development/artifactory/token/{REPO_OWNER_NAME_DASH}-${ARTIFACTORY_PRIVATE_DEPLOYER_ROLE:=qa-deployer} access_token | ARTIFACTORY_PRIVATE_DEPLOY_ACCESS_TOKEN;" diff --git a/build-poetry/action.yml b/build-poetry/action.yml index 3cd03506..6a96f83a 100644 --- a/build-poetry/action.yml +++ b/build-poetry/action.yml @@ -166,8 +166,9 @@ runs: SONAR_PLATFORM: ${{ inputs.sonar-platform }} RUN_SHADOW_SCANS: ${{ inputs.run-shadow-scans }} JFROG_CLI_COMMAND_SUMMARY_OUTPUT_DIR: ${{ runner.temp }}/jfrog-summary + WORKING_DIRECTORY: ${{ inputs.working-directory }} run: | - cd "${{ inputs.working-directory }}" + cd "${WORKING_DIRECTORY}" "$ACTION_PATH_BUILD_POETRY/build.sh" - name: Generate provenance attestation diff --git a/code-signing/action.yml b/code-signing/action.yml index 43475efa..a9bf3156 100644 --- a/code-signing/action.yml +++ b/code-signing/action.yml @@ -14,9 +14,11 @@ runs: steps: - name: Set versions and cache keys shell: bash + env: + JSIGN_VERSION: ${{ inputs.jsign-version }} run: | - echo "JSIGN_VERSION=${{ inputs.jsign-version }}" >> "$GITHUB_ENV" - echo "JSIGN_CACHE_KEY=jsign-${{ inputs.jsign-version }}-${{ runner.os }}" >> "$GITHUB_ENV" + echo "JSIGN_VERSION=${JSIGN_VERSION}" >> "$GITHUB_ENV" + echo "JSIGN_CACHE_KEY=jsign-${JSIGN_VERSION}-${{ runner.os }}" >> "$GITHUB_ENV" echo "SMTOOLS_CACHE_KEY=smtools-linux-x64-${{ runner.os }}" >> "$GITHUB_ENV" echo "SMTOOLS_PATH=/tmp/DigiCert One Signing Manager Tools/smtools-linux-x64" >> "$GITHUB_ENV" echo "JSIGN_CACHE_PATH=/tmp/jsign-cache" >> "$GITHUB_ENV" @@ -56,6 +58,8 @@ runs: - name: Setup jsign shell: bash + env: + FORCE_DOWNLOAD_TOOLS: ${{ inputs.force-download-tools }} run: | echo "Setting up jsign version ${JSIGN_VERSION}..." java --version @@ -64,7 +68,7 @@ runs: sudo apt-get update -q sudo apt-get install -y default-jre-headless - if [[ "${{ steps.tools-cache.outputs.cache-hit }}" == "true" && "${{ inputs.force-download-tools }}" != "true" && + if [[ "${{ steps.tools-cache.outputs.cache-hit }}" == "true" && "${FORCE_DOWNLOAD_TOOLS}" != "true" && -f "${JSIGN_CACHE_PATH}/jsign_${JSIGN_VERSION}_all.deb" ]]; then echo "Installing jsign from cache..." sudo dpkg --install "${JSIGN_CACHE_PATH}/jsign_${JSIGN_VERSION}_all.deb" diff --git a/config-gradle/action.yml b/config-gradle/action.yml index 04d12ad1..43aca6d2 100644 --- a/config-gradle/action.yml +++ b/config-gradle/action.yml @@ -50,12 +50,14 @@ runs: - name: Set local action paths id: set-path shell: bash + env: + HOST_ACTIONS_ROOT: ${{ inputs.host-actions-root }} run: | echo "::group::Fix for using local actions" echo "GITHUB_ACTION_PATH=$GITHUB_ACTION_PATH" echo "github.action_path=${{ github.action_path }}" ACTION_PATH_CONFIG_GRADLE="${{ github.action_path }}" - host_actions_root="${{ inputs.host-actions-root }}" + host_actions_root="${HOST_ACTIONS_ROOT}" if [[ -z "$host_actions_root" ]]; then host_actions_root="$(dirname "$ACTION_PATH_CONFIG_GRADLE")" else @@ -104,7 +106,9 @@ runs: id: develocity-hostname if: steps.config-gradle-completed.outputs.skip != 'true' && inputs.use-develocity == 'true' shell: bash - run: echo "hostname=$(echo '${{ inputs.develocity-url }}' | sed -e 's|https://||' -e 's|/$||')" >> $GITHUB_OUTPUT + env: + DEVELOCITY_URL: ${{ inputs.develocity-url }} + run: echo "hostname=$(echo "${DEVELOCITY_URL}" | sed -e 's|https://||' -e 's|/$||')" >> $GITHUB_OUTPUT - name: Set environment variables for Artifactory authentication if: steps.config-gradle-completed.outputs.skip != 'true' diff --git a/config-maven/action.yml b/config-maven/action.yml index d331e19d..8723de29 100644 --- a/config-maven/action.yml +++ b/config-maven/action.yml @@ -51,12 +51,14 @@ runs: - name: Set local action paths id: set-path shell: bash + env: + HOST_ACTIONS_ROOT: ${{ inputs.host-actions-root }} run: | echo "::group::Fix for using local actions" echo "GITHUB_ACTION_PATH=$GITHUB_ACTION_PATH" echo "github.action_path=${{ github.action_path }}" ACTION_PATH_CONFIG_MAVEN="${{ github.action_path }}" - host_actions_root="${{ inputs.host-actions-root }}" + host_actions_root="${HOST_ACTIONS_ROOT}" if [[ -z "$host_actions_root" ]]; then host_actions_root="$(dirname "$ACTION_PATH_CONFIG_MAVEN")" else @@ -105,7 +107,9 @@ runs: id: develocity-hostname if: steps.config-maven-completed.outputs.skip != 'true' && inputs.use-develocity == 'true' shell: bash - run: echo "hostname=$(echo '${{ inputs.develocity-url }}' | sed -e 's|https://||' -e 's|/$||')" >> $GITHUB_OUTPUT + env: + DEVELOCITY_URL: ${{ inputs.develocity-url }} + run: echo "hostname=$(echo "${DEVELOCITY_URL}" | sed -e 's|https://||' -e 's|/$||')" >> $GITHUB_OUTPUT - name: Set environment variables for Artifactory authentication if: steps.config-maven-completed.outputs.skip != 'true' @@ -210,7 +214,7 @@ runs: COMMON_MVN_FLAGS: ${{ inputs.common-mvn-flags }} run: | # - 'command mvn' prevents the function from calling itself in a loop. - echo 'mvn() { command mvn ${{ env.COMMON_MVN_FLAGS }} "$@"; }' >> "$HOME/.bash_profile" + echo "mvn() { command mvn ${COMMON_MVN_FLAGS} \"\$@\"; }" >> "$HOME/.bash_profile" echo "BASH_ENV=$HOME/.bash_profile" >> "$GITHUB_ENV" echo "MAVEN_OPTS=${MAVEN_OPTS:=-Xmx1536m -Xms128m}" >> "$GITHUB_ENV" echo "CONFIG_MAVEN_COMPLETED=$GITHUB_ACTION" >> "$GITHUB_ENV" diff --git a/config-npm/action.yml b/config-npm/action.yml index 89330358..d4e5976c 100644 --- a/config-npm/action.yml +++ b/config-npm/action.yml @@ -53,12 +53,13 @@ runs: ARTIFACTORY_READER_ROLE: ${{ inputs.artifactory-reader-role != '' && inputs.artifactory-reader-role || (github.event.repository.visibility == 'public' && 'public-reader' || 'private-reader') }} CACHE_NPM: ${{ inputs.cache-npm }} + HOST_ACTIONS_ROOT: ${{ inputs.host-actions-root }} run: | echo "::group::Fix for using local actions" echo "GITHUB_ACTION_PATH=$GITHUB_ACTION_PATH" echo "github.action_path=${{ github.action_path }}" ACTION_PATH_CONFIG_NPM="${{ github.action_path }}" - host_actions_root="${{ inputs.host-actions-root }}" + host_actions_root="${HOST_ACTIONS_ROOT}" if [[ -z "$host_actions_root" ]]; then host_actions_root="$(dirname "$ACTION_PATH_CONFIG_NPM")" else diff --git a/config-pip/action.yml b/config-pip/action.yml index 85daba92..4e02a652 100644 --- a/config-pip/action.yml +++ b/config-pip/action.yml @@ -37,12 +37,14 @@ runs: - name: Set local action paths id: set-path shell: bash + env: + HOST_ACTIONS_ROOT: ${{ inputs.host-actions-root }} run: | echo "::group::Fix for using local actions" echo "GITHUB_ACTION_PATH=$GITHUB_ACTION_PATH" echo "github.action_path=${{ github.action_path }}" ACTION_PATH_CONFIG_PIP="${{ github.action_path }}" - host_actions_root="${{ inputs.host-actions-root }}" + host_actions_root="${HOST_ACTIONS_ROOT}" if [[ -z "$host_actions_root" ]]; then host_actions_root="$(dirname "$ACTION_PATH_CONFIG_PIP")" else diff --git a/get-build-number/action.yml b/get-build-number/action.yml index 7cc26e73..33c8fb98 100644 --- a/get-build-number/action.yml +++ b/get-build-number/action.yml @@ -16,12 +16,14 @@ runs: - name: Set local action paths id: set-path shell: bash + env: + HOST_ACTIONS_ROOT: ${{ inputs.host-actions-root }} run: | echo "::group::Fix for using local actions" echo "GITHUB_ACTION_PATH=$GITHUB_ACTION_PATH" echo "github.action_path=${{ github.action_path }}" ACTION_PATH_GET_BUILD_NUMBER="${{ github.action_path }}" - host_actions_root="${{ inputs.host-actions-root }}" + host_actions_root="${HOST_ACTIONS_ROOT}" if [[ -z "$host_actions_root" ]]; then host_actions_root="$(dirname "$ACTION_PATH_GET_BUILD_NUMBER")" else