Gradle support for secondary versions.props file #8017
Comments
|
I know we certainly don't support the versions.lock part, so the answer is probably No. Can you provide an example repository and elaborate on the requirements further? e.g. is this completely defined by the palantir plugin only or is that also leveraging some other plugins or Gradle concepts Eg for the lock file? |
rarkins
added
manager:gradle
|
Hey Rhys, thanks for your quick response. I think this simple example captures our use case: https://github.com/palantir/conjure-java-example. I believe gradle substitutes values from top-level As far as implementation details, I'm not too sure as I'm new to Gradle. I know the whole consistent versions/versions.prop framework does use Gradle Constraints. So to my eye, Gradle and Gradle Wrapper (gradlew) seem to be the only dependencies, but I have never set it up personally For your own information, we use this framework across all our repos, and no one in the market seems to support it (dependabot, renovatebot, snyk, etc). We are considering whether it might be worth it to submit a PR to implement this functionality ourselves |
|
I think we should add a separate manager for handling that file, as it's easy to parse and update by renovate. Maybe we can name it |
rarkins
added
the
status:requirements
This comment has been minimized.
This comment has been minimized.
rarkins
added
reproduction:provided
and removed
auto:reproduction
|
Thank you for providing a reproduction! 🎉 🚀 The Renovate team will take a look at the reproduction repository. Once we confirm the provided repository reproduces the problem, the label will be changed to |
|
Any status on this? I plan to attempt making a new manager. It would need to
|
no new manager. should be implemented inside Gradle manager. |
|
Is this unblocked due to #18663 ? |
|
Yes no longer blocked |
|
Ok, I'm attempting a PR to add support for this plugin. |
|
I now have a working branchthat produces correct PRs for this plugin, see https://github.com/janhoy/gradle-consistent/pulls I'll do some cleanups and publish a PR... |
|
Another semi-related question: In one project that I plan to start using renovate with this feature, the automated PR validation process also includes validating SHA-sum and licenses for all dependencies, i.e. we "lock" not only the dependency version, but also the dependency JAR SHA-sum in the repository. So when renovate opens a PR, it will patch Before I open a new feature request issue, I thought I'd discuss it in context here. I'm thinking there could be a way for a repo to specify in {
"gradle": {
"postUpgradeGradleTasks": ["task1", "task2"],
"postUpgradeFileFilters": ["shasums.txt"],
}
}Techinically we already run |
|
yes, there is a concern, as the task can manipulate the git directory/ hooks or the shared cache folder. so we don't like to allow arbitrary commands. |
Fixes renovatebot#8017 Signed-off-by: Jan Høydahl <janhoy@users.noreply.github.com>
Co-authored-by: Johannes Feichtner <Churro@users.noreply.github.com> Closes #8017
|
🎉 This issue has been resolved in version 34.52.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
In addition to the typical build.gradle file, we store version info in versions.props as described here https://github.com/palantir/gradle-consistent-versions. We need versions.props tracked and incremented in the same way as renovatebot does for build.gradle
Is this feature currently supported or in the product roadmap?
The text was updated successfully, but these errors were encountered: