gradle · jprinet · Sep 28, 2023 · Sep 29, 2023 · Oct 2, 2023 · Oct 3, 2023
diff --git a/.github/workflows/test-maven-build-scan-publish.yml b/.github/workflows/test-maven-build-scan-publish.yml
@@ -0,0 +1,39 @@
+name: TEST - Publish Maven Build Scan
+
+on:
+  pull_request:
+
+jobs:
+  create-and-verify-build-scan-publication:
+    name: Create and attempt to publish Maven Build Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout current repository
+        uses: actions/checkout@v4
+      - name: Checkout Maven sample project
+        uses: actions/checkout@v4
+        with:
+          repository: 'gradle/gradle-enterprise-build-config-samples'
+          path: 'sample'
+          ref: 'main'
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'temurin'
+      - name: Run Maven Build
+        working-directory: ./sample/common-gradle-enterprise-maven-configuration
+        run: mvn clean -B
+      - name: Attempt to publish Maven Build Scans
+        uses: ./maven-build-scan/publish
+        with:
+          develocity-url: 'https://foo.bar'
+          pr-number: ${{ github.event.number }}
+      - name: Verify publication attempt
+        run: |
+          if ! grep -q "Publishing build scan..." ./maven-build-scan-publisher/build.out; then
+            echo "Publication attempt not found in build log:"
+            cat ./maven-build-scan-publisher/build.out
+            exit 1
+          fi
+
diff --git a/...b/workflows/test-terms-of-service-run.yml → .../test-terms-of-service-acceptance-run.yml b/...b/workflows/test-terms-of-service-run.yml → .../test-terms-of-service-acceptance-run.yml
@@ -9,8 +9,6 @@ jobs:
     permissions:
       contents: write
       pull-requests: write
-      actions: write
-      statuses: write
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -19,3 +17,5 @@ jobs:
         with:
           tos-location: 'https://foo.bar/tos.html'
           white-list: '*'
+          tos-acceptance-file-branch: ${{ github.event.repository.default_branch }}
+          tos-acceptance-file: '.github/develocity-tos.json'
diff --git a/README.md b/README.md
diff --git a/doc/architecture.png b/doc/architecture.png
diff --git a/maven-build-scan/action.yml b/maven-build-scan/action.yml
@@ -0,0 +1,71 @@
+name: Publish Maven Build Scan
+description: Publish Maven Build Scan
+
+inputs:
+  build-workflow-filename:
+    description: 'Filename of the workflow where the maven-build-scan/save action was triggered'
+    required: true
+  develocity-url:
+    description: 'Develocity URL'
+    required: true
+  develocity-access-key:
+    description: 'Develocity access key'
+    required: false
+  tos-location:
+    description: 'Terms of Service location as an URL (https://foo.com/tos.html) or a Github repository file (/<owner>/<repo>/blob/<branch>/tos.html)'
+    required: true
+  develocity-allow-untrusted:
+    description: 'Develocity allow-untrusted flag'
+    default: 'false'
+  pr-comment-tos-acceptance-missing:
+    description: 'pull-request comment added when Terms of Service are not accepted ({0} in the value will be replaced by tos-location input)'
+    default: 'Please accept [Develocity Terms of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:'
+  pr-comment-tos-acceptance-request:
+    description: 'pull-request comment to accept the Terms of Service'
+    default: 'I have read Develocity Terms of Service and I hereby accept the Terms'
+  pr-comment-tos-acceptance-validation:
+    description: 'pull-request comment added when Terms of Service are accepted'
+    default: 'All Contributors have accepted Develocity Terms of Service.'
+  tos-acceptance-file-branch:
+    description: 'Git branch where the Terms of Service acceptance file will be stored'
+    default: ${{ github.event.repository.default_branch }}
+  tos-acceptance-file:
+    description: 'Terms of Service acceptance file location'
+    default: '.github/develocity-tos.json'
+  white-list:
+    description: 'CSV List of users not required to accept the Terms of Service'
+    default: ''
+  github-token:
+    description: 'The token used for Github API requests'
+    default: ${{ github.token }}
+    required: false
+
+runs:
+  using: composite
+  steps:
+    - name: Load data
+      id: load
+      uses: gradle/github-actions/maven-build-scan/load@v1.0
+      with:
+        build-workflow-filename: ${{ inputs.build-workflow-filename }}
+        pr-comment-tos-acceptance-request: ${{ inputs.pr-comment-tos-acceptance-request }}
+    - name: Verify Terms of Service acceptance
+      uses: gradle/github-actions/terms-of-service-acceptance/run@v1.0
+      with:
+        tos-location: ${{ inputs.tos-location }}
+        pr-number: ${{ steps.load.outputs.pr-number }}
+        pr-comment-tos-acceptance-missing: ${{ inputs.pr-comment-tos-acceptance-missing }}
+        pr-comment-tos-acceptance-request: ${{ inputs.pr-comment-tos-acceptance-request }}
+        pr-comment-tos-acceptance-validation: ${{ inputs.pr-comment-tos-acceptance-validation }}
+        tos-acceptance-file-branch: ${{ inputs.tos-acceptance-file-branch }}
+        tos-acceptance-file: ${{ inputs.tos-acceptance-file }}
+        white-list: ${{ inputs.white-list }}
+        github-token: ${{ inputs.github-token }}
+    - name: Publish Maven Build Scans
+      uses: gradle/github-actions/maven-build-scan/publish@v1.0
+      with:
+        develocity-url: ${{ inputs.develocity-url }}
+        develocity-access-key: ${{ inputs.develocity-access-key }}
+        pr-number: ${{ steps.load.outputs.pr-number }}
+        develocity-allow-untrusted: ${{ inputs.develocity-allow-untrusted }}
+        github-token: ${{ inputs.github-token }}
diff --git a/maven-build-scan/load/action.yml b/maven-build-scan/load/action.yml
@@ -0,0 +1,68 @@
+name: Load Maven Build Scans
+description: Load Maven Build Scans
+
+inputs:
+  build-workflow-filename:
+    description: 'Filename of the workflow where the maven-build-scan/save action was triggered'
+    required: true
+  pr-comment-tos-acceptance-request:
+    description: 'pull-request comment to accept the Terms of Service'
+    required: true
+
+outputs:
+  pr-number:
+    description: "pull-request number"
+    value: ${{ steps.pr.outputs.PR_NUMBER }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Assert event trigger
+      if: |
+        (github.event_name != 'issue_comment' 
+          || (
+            github.event.comment.body != 'recheck' 
+            && github.event.comment.body != inputs.pr-comment-tos-acceptance-request
+          )
+        )
+        && github.event_name != 'workflow_run'
+      run: |
+        echo "Skipping the publication process due to unsupported event trigger"
+        exit 1
+      shell: bash
+    - name: Download Build Metadata after PR Build
+      if: github.event_name == 'workflow_run'
+      uses: dawidd6/action-download-artifact@v2
+      env:
+        ARTIFACT_NAME: 'maven-build-scan-data'
+      with:
+        run_id: ${{ github.event.workflow_run.id }}
+        name: ${{ env.ARTIFACT_NAME }}
+        path: ${{ env.ARTIFACT_NAME }}
+    - name: Download Build Metadata after PR Comment
+      if: github.event_name == 'issue_comment'
+      env:
+        ARTIFACT_NAME: 'maven-build-scan-data'
+      uses: dawidd6/action-download-artifact@v2
+      with:
+        pr: ${{ github.event.issue.number }}
+        workflow_conclusion: success
+        workflow: ${{ inputs.build-workflow-filename }}
+        name: ${{ env.ARTIFACT_NAME }}
+        path: ${{ env.ARTIFACT_NAME }}
+    - name: Restore Build Scans
+      env:
+        ARTIFACT_NAME: 'maven-build-scan-data'
+        BUILD_SCAN_DIR: '~/.m2/.gradle-enterprise/build-scan-data/'
+      run: |
+        mkdir -p ${{ env.BUILD_SCAN_DIR }}
+        cp -r ${{ env.ARTIFACT_NAME }}/* ${{ env.BUILD_SCAN_DIR }}
+      shell: bash
+    - name: Collect pull-request number
+      id: pr
+      env:
+        BUILD_SCAN_DIR: '~/.m2/.gradle-enterprise/build-scan-data/'
+      run: |
+        source $(find ${{ env.BUILD_SCAN_DIR }} -type f -name "pr-number.properties")
+        echo "PR_NUMBER=$PR_NUMBER" >> $GITHUB_OUTPUT
+      shell: bash
diff --git a/maven-build-scan/publish/action.yml b/maven-build-scan/publish/action.yml
@@ -10,39 +10,18 @@ inputs:
     required: false
   develocity-allow-untrusted:
     description: 'Develocity allow-untrusted flag'
-    default: 'false'
+    required: true
   github-token:
     description: 'The token used for Github API requests'
     default: ${{ github.token }}
     required: false
+  pr-number:
+    description: 'PR number'
+    required: true
 
 runs:
   using: 'composite'
   steps:
-    - name: Download Build Scans
-      uses: dawidd6/action-download-artifact@v2
-      env:
-        ARTIFACT_NAME: 'maven-build-scan-data'
-      with:
-        run_id: ${{ github.event.workflow_run.id }}
-        name: ${{ env.ARTIFACT_NAME }}
-        path: ${{ env.ARTIFACT_NAME }}
-    - name: Restore Build Scans
-      env:
-        ARTIFACT_NAME: 'maven-build-scan-data'
-        BUILD_SCAN_DIR: '~/.m2/.gradle-enterprise/build-scan-data/'
-      run: |
-        mkdir -p ${{ env.BUILD_SCAN_DIR }}
-        cp -r ${{ env.ARTIFACT_NAME }}/* ${{ env.BUILD_SCAN_DIR }}
-      shell: bash
-    - name: Collect pull-request number
-      id: pr
-      env:
-        BUILD_SCAN_DIR: '~/.m2/.gradle-enterprise/build-scan-data/'
-      run: |
-        source $(find ${{ env.BUILD_SCAN_DIR }} -type f -name "pr-number.properties")
-        echo "PR_NUMBER=$PR_NUMBER" >> $GITHUB_OUTPUT
-      shell: bash
     - name: Create Maven Project Structure
       env:
         PROJECT_DIR: 'maven-build-scan-publisher'
@@ -128,7 +107,7 @@ runs:
     - name: Comment pull-request with Build Scan links
       uses: actions/github-script@v6
       env:
-        PR: ${{ steps.pr.outputs.PR_NUMBER }}
+        PR: ${{ inputs.pr-number }}
         SCAN_LINKS: ${{ steps.publish.outputs.SCAN_LINKS }}
       with:
         github-token: ${{ inputs.github-token }}

diff --git a/terms-of-service-acceptance/run/action.yml b/terms-of-service-acceptance/run/action.yml
@@ -5,24 +5,27 @@ inputs:
   tos-location:
     description: 'Terms of Service location as an URL (https://foo.com/tos.html) or a Github repository file (/<owner>/<repo>/blob/<branch>/tos.html)'
     required: true
+  pr-number:
+    description: 'pull-request number'
+    required: true
   pr-comment-tos-acceptance-missing:
     description: 'pull-request comment added when Terms of Service are not accepted ({0} in the value will be replaced by tos-location input)'
-    default: 'Please accept [Develocity Terms of Service]({0}) to get your pull-request Build Scan published by commenting this pull-request with the following message:'
+    required: true
   pr-comment-tos-acceptance-request:
     description: 'pull-request comment to accept the Terms of Service'
-    default: 'I have read Develocity Terms of Service and I hereby accept the Terms'
+    required: true
   pr-comment-tos-acceptance-validation:
     description: 'pull-request comment added when Terms of Service are accepted'
-    default: 'All Contributors have accepted Develocity Terms of Service.'
-  signature-branch:
-    description: 'Git branch where the signature file will be stored'
-    default: ${{ github.event.repository.default_branch }}
-  signature-location:
-    description: 'Signature file location'
-    default: '.github/develocity-tos.json'
+    required: true
+  tos-acceptance-file-branch:
+    description: 'Git branch where the Terms of Service acceptance file will be stored'
+    required: true
+  tos-acceptance-file:
+    description: 'Terms of Service acceptance file location'
+    required: true
   white-list:
     description: 'CSV List of users not required to accept the Terms of Service'
-    default: ''
+    required: true
   github-token:
     description: 'The token used for Github API requests'
     default: ${{ github.token }}
@@ -32,16 +35,18 @@ runs:
   using: 'composite'
   steps:
     - name: Run Terms of Service acceptance
-      if: (github.event.comment.body == 'recheck' || github.event.comment.body == ${{ inputs.pr-comment-tos-acceptance-request }}) || github.event_name == 'pull_request_target' || github.event_name == 'pull_request'
-      uses: contributor-assistant/github-action@v2.3.0
+#      uses: contributor-assistant/github-action@v2.3.0
+      id: check
+      uses: jprinet/check-terms-of-service@v1
       env:
         GITHUB_TOKEN: ${{ inputs.github-token }}
       with:
         custom-notsigned-prcomment: ${{ format(inputs.pr-comment-tos-acceptance-missing, inputs.tos-location )}}
         custom-pr-sign-comment: ${{ inputs.pr-comment-tos-acceptance-request }}
         custom-allsigned-prcomment: ${{ inputs.pr-comment-tos-acceptance-validation }}
-        branch: ${{ inputs.signature-branch }}
-        path-to-signatures: ${{ inputs.signature-location }}
+        branch: ${{ inputs.tos-acceptance-file-branch }}
+        path-to-signatures: ${{ inputs.tos-acceptance-file }}
         allowlist: ${{ inputs.white-list }}
         path-to-document: 'unused'
         lock-pullrequest-aftermerge: false
+        pr-number: ${{ inputs.pr-number }}
diff --git a/terms-of-service-acceptance/verify/action.yml b/terms-of-service-acceptance/verify/action.yml