Automate gradle wrapper upgrade #2535
Conversation
There was a problem hiding this comment.
I don't feel very confident provide my personal GitHub PAT to a plugin. Is there another way to make it work?
Can you expand on the implications if we don't do that. If the bot opens the PR with the Bot username what's the issue? I don't understand why It'll use th wrong wrapper.
|
If, I understand correctly if it's not with my token - can I manually approve the CI run? Like I just did for your - if that's the case, it's perfect IMO Overall, your PR LGTM - sorry for the stupid questions but I don't fully understand the token part 😀 |
|
Hehe, no worries 😉 It doesn't matter "which" token you add, as long as the given token has write PR access to the repository, it works. Therfore, the current code works! It will open an PR by the github-actions[bot] user. Honestly, I didn't find a way to manually trigger those actions afterwards. They don't run and you can't manually trigger approve them (like you did in this PR). The commit/PR will simply not tested. Does this make sense? 🤔 I am not sure if you are aware of it, but you can simply create a new token with just write PR write access and add it to the github actions secrets. I personally don't see the reason why someone don't want to do this. Name it like WRAPPER_UPGRADE_TOKEN 🤷♂️. However, if you don't want to do this, feel free to merge this PR as it is. PRs will still be created. But you should manually checkout the PR and do your smoke tests on it. I think this is also not a big deal as Gradle is the build tool. So either it builds the project or not 🤷♂️ |
Thanks for the detailed explanation! Yeah, it clarifies things 👍 I'll just create a fine-grained token and scope it Ivy Wallet open PRs and it should work fine. Biggest security risk is the bot spamming the repo with PRs but that's fine - I can invalidate the token. Sounds good! Let's do it. I'll create the |
Pull Request (PR) Checklist
Please check if your pull request fulfills the following requirements:
mainbranch.Put an
xin the boxes that apply.[x]Pull Request Type
Please check the type of the changes that your PR introduce:
Put an
xin all the boxes that apply.What's changed?
Describe with a few bullets what's new:
💡 Tip: Attach screenshots and screen recordings. It helps a lot!
Does this PR closes any GitHub Issues?
Check Ivy Wallet Issues.
Replace
{ISSUE_NUMBER}with the id/number of the issue that you've fixed.Final Steps
Test your build again with the app-demo.apk generated by the
APK workflow. This is an important step because it applies code obfuscation and R8 that often produces runtime exceptions which make the app crash.If everything still works fines, comment and tag @ILIYANGERMANOV. He'll try to merge your PR whenever possible.
Thank you for your contribution! 🎉
Some more notes:
You should replace the
secrets.GITHUB_TOKENwith your own GitHub token.Why?
Otherwise The GitHub Actions bot will create the PR with the wrapper upgrade.
This will work, but "test" Actions (CI) will not run because of this.
So it is better to replace this with your personal token.
With that, it looks like "you" created the PR and tehrefore the test Actions (CI) will run.
For testing purpose you can also downgrade Gradle (to 8.2) and then run locally: