Skip to content

Commit

Permalink
Address merge conflicts
Browse files Browse the repository at this point in the history
  • Loading branch information
david-wiggs committed Jul 21, 2024
1 parent f97a407 commit 5275a08
Show file tree
Hide file tree
Showing 6 changed files with 53 additions and 2 deletions.
30 changes: 30 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,37 @@ Generating and submitting a dependency snapshot using the defaults:
Upon success it will generate a snapshot captured from Maven POM like;
![Screenshot 2022-08-15 at 09 33 47](https://user-images.githubusercontent.com/681306/184603264-3cd69fda-75ff-4a46-b014-630acab60fab.png)

### Configuring for Matrix-Based Workflows

To ensure that the job parameter of the submission remains unique when the action is being called from a workflow that has a matrix, you can pass a `correlator` to the action. This identifier will be appended to the default correlator propterty of a job, ensuring uniqueness across matrix-based workflows. When dealing with Maven-based Java projects that utilize different `pom.xml` files across matrix jobs, you can specify the `directory` relevant to each matrix job. This ensures that the dependency snapshot accurately reflects the dependencies for each specific configuration.

Example of specifying `pom.xml` files for different matrix jobs:

```yaml
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
include:
- java-version: 8
directory: project1
- java-version: 11
directory: project2
steps:
- uses: actions/checkout@v2
- name: Set up JDK ${{ matrix.java-version }}
uses: actions/setup-java@v2
with:
java-version: ${{ matrix.java-version }}
- name: Submit Dependency Snapshot
uses: advanced-security/maven-dependency-submission-action@v3
with:
directory: ${{ matrix.directory }}
correlator: ${{ github.job }}-${{ matrix.directory }}
```
In this example, the action is configured to use different working directories based on the Java version specified in the matrix. This ensures that the dependency snapshot is accurate for each Java version being tested.
## Command Line Usage
Expand Down
5 changes: 5 additions & 0 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,11 @@ inputs:
description: The URL to the detector that generated the dependency snapshot
type: string

correlator:
description: An optional identifier to distinguish between multiple dependency snapshots of the same type
type: string
required: false

runs:
using: node20
main: dist/index.js
9 changes: 8 additions & 1 deletion dist/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -251,6 +251,10 @@ function run() {
sha: core.getInput('snapshot-sha'),
ref: core.getInput('snapshot-ref'),
};
const correlator = core.getInput('correlator');
if (correlator) {
snapshotConfig.correlator = correlator;
}
const detectorName = core.getInput('detector-name');
if (detectorName !== '') {
snapshotConfig.detector = {
Expand Down Expand Up @@ -483,7 +487,7 @@ const packageData = __nccwpck_require__(2876);
const DEPGRAPH_MAVEN_PLUGIN_VERSION = '4.0.2';
function generateSnapshot(directory, mvnConfig, snapshotConfig) {
return __awaiter(this, void 0, void 0, function* () {
var _a;
var _a, _b;
const depgraph = yield generateDependencyGraph(directory, mvnConfig);
try {
const mavenDependencies = new depgraph_1.MavenDependencyGraph(depgraph);
Expand All @@ -505,6 +509,9 @@ function generateSnapshot(directory, mvnConfig, snapshotConfig) {
const detector = (_a = snapshotConfig === null || snapshotConfig === void 0 ? void 0 : snapshotConfig.detector) !== null && _a !== void 0 ? _a : getDetector();
const snapshot = new dependency_submission_toolkit_1.Snapshot(detector, snapshotConfig === null || snapshotConfig === void 0 ? void 0 : snapshotConfig.context, snapshotConfig === null || snapshotConfig === void 0 ? void 0 : snapshotConfig.job);
snapshot.addManifest(manifest);
snapshot.job.correlator = (snapshotConfig === null || snapshotConfig === void 0 ? void 0 : snapshotConfig.correlator)
? `${snapshot.job.correlator}-${snapshotConfig.correlator}`
: (_b = snapshot.job) === null || _b === void 0 ? void 0 : _b.correlator;
const specifiedRef = getNonEmtptyValue(snapshotConfig === null || snapshotConfig === void 0 ? void 0 : snapshotConfig.ref);
if (specifiedRef) {
snapshot.ref = specifiedRef;
Expand Down
2 changes: 1 addition & 1 deletion dist/index.js.map

Large diffs are not rendered by default.

4 changes: 4 additions & 0 deletions src/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ async function run() {
sha: core.getInput('snapshot-sha'),
ref: core.getInput('snapshot-ref'),
}
const correlator = core.getInput('correlator');
if (correlator) {
snapshotConfig.correlator = correlator;
}
const detectorName = core.getInput('detector-name');
if (detectorName !== '') {
snapshotConfig.detector = {
Expand Down
5 changes: 5 additions & 0 deletions src/snapshot-generator.ts
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ export type SnapshotConfig = {
url: string;
version: string;
};
correlator?: string;
};

export async function generateSnapshot(directory: string, mvnConfig?: MavenConfiguration, snapshotConfig?: SnapshotConfig) {
Expand All @@ -53,6 +54,10 @@ export async function generateSnapshot(directory: string, mvnConfig?: MavenConfi
const snapshot = new Snapshot(detector, snapshotConfig?.context, snapshotConfig?.job);
snapshot.addManifest(manifest);

snapshot.job.correlator = snapshotConfig?.correlator
? `${snapshot.job.correlator}-${snapshotConfig.correlator}`
: snapshot.job?.correlator;

const specifiedRef = getNonEmtptyValue(snapshotConfig?.ref);
if (specifiedRef) {
snapshot.ref = specifiedRef;
Expand Down

0 comments on commit 5275a08

Please sign in to comment.