chore: update Gradle configuration and publish.yml for improved repos…#45
chore: update Gradle configuration and publish.yml for improved repos…#45ammodev merged 1 commit intoversion/26.1from
Conversation
There was a problem hiding this comment.
Pull request overview
Updates the Gradle/plugin repository configuration and adjusts the GitHub Actions publish workflow, aiming to improve repository management and publishing behavior for the multi-module surf-redis build.
Changes:
- Switched custom Maven repository base URL from
repo.slne.devtoreposilite.slne.dev. - Replaced pinned plugin/plugin-classpath versions with fully dynamic
+versions. - Removed the GitHub Actions job
environment: productionassociation.
Reviewed changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
surf-redis-api/build.gradle.kts |
Comments out task-disabling logic related to publishing (leaving an effectively no-op afterEvaluate block). |
settings.gradle.kts |
Updates pluginManagement repository URL and changes settings plugin version to dynamic +. |
build.gradle.kts |
Updates buildscript repository URL and changes buildscript classpath dependency to dynamic + (and different group). |
.github/workflows/publish.yml |
Removes environment: production from the publish job, affecting protections/secrets scoping. |
| /** | ||
| * Only publish the shadow variant | ||
| */ | ||
| afterEvaluate { | ||
| tasks.named("publishPluginMavenPublicationToMaven-releasesRepository") { | ||
| enabled = false | ||
| } | ||
| tasks.named("publishPluginMavenPublicationToMavenLocal") { | ||
| enabled = false | ||
| } | ||
| // tasks.named("publishPluginMavenPublicationToMaven-releasesRepository") { | ||
| // enabled = false | ||
| // } | ||
| // tasks.named("publishPluginMavenPublicationToMavenLocal") { | ||
| // enabled = false | ||
| // } | ||
| } |
There was a problem hiding this comment.
The afterEvaluate {} block is now effectively dead code (only commented-out task configuration) while the preceding comment still states "Only publish the shadow variant". Either remove this block/comment entirely, or reintroduce an explicit configuration that enforces publishing only the intended publication(s) to avoid future confusion and accidental publishing of extra artifacts.
| plugins { | ||
| id("org.gradle.toolchains.foojay-resolver-convention") version "1.0.0" | ||
| id("dev.slne.surf.api.gradle.settings") version "26.1+" | ||
| id("dev.slne.surf.api.gradle.settings") version "+" |
There was a problem hiding this comment.
Using a dynamic Gradle plugin version (version "+") makes builds non-reproducible and can unexpectedly break CI when a new settings plugin release is published. Pin an explicit version (or a constrained dynamic range like 26.1+ if you really need it) and consider enabling dependency/plugin locking for CI stability.
| id("dev.slne.surf.api.gradle.settings") version "+" | |
| id("dev.slne.surf.api.gradle.settings") version "1.21.11" |
| @@ -17,7 +17,6 @@ env: | |||
| jobs: | |||
| publish: | |||
| runs-on: ubuntu-latest | |||
There was a problem hiding this comment.
Removing the environment: production binding changes how this workflow is protected (required reviewers) and which environment-scoped secrets/vars are available. If production environment protection is still desired, keep the environment; otherwise ensure any needed secrets are repository-scoped and that this change doesn’t weaken release/publish safeguards.
| runs-on: ubuntu-latest | |
| runs-on: ubuntu-latest | |
| environment: production |
…itory management