Support conventional access key sources #455
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
Pull Request Overview
This PR refactors the authentication mechanism from a simple API token to a more sophisticated access key resolution system that supports conventional Gradle and Maven access key sources. The changes enable the library to automatically discover access keys from environment variables and standard configuration files, matching the patterns used by Gradle and Maven build tools.
- Replaces
apiTokenwithaccessKeyand implements multi-source key resolution - Adds support for conventional access key locations (environment variables and properties files)
- Updates all tests to use the new access key format with host-based key entries
Reviewed Changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| library/src/main/kotlin/com/gabrielfeo/develocity/api/Config.kt | Replaces apiToken with accessKey and adds comprehensive documentation |
| library/src/main/kotlin/com/gabrielfeo/develocity/api/internal/auth/AccessKeyResolver.kt | Implements access key resolution from multiple conventional sources |
| library/src/main/kotlin/com/gabrielfeo/develocity/api/internal/auth/HostAccessKeyEntry.kt | Parses and validates host=key entry format |
| library/src/test/kotlin/com/gabrielfeo/develocity/api/internal/auth/AccessKeyResolverTest.kt | Comprehensive test coverage for access key resolution logic |
| library/src/test/kotlin/com/gabrielfeo/develocity/api/ConfigTest.kt | Updates Config tests for new access key functionality |
| library/src/test/kotlin/com/gabrielfeo/develocity/api/DevelocityApiTest.kt | Updates test to use new access key naming |
| library/src/test/kotlin/com/gabrielfeo/develocity/api/RetrofitTest.kt | Updates test helper to use access key format |
| library/src/test/kotlin/com/gabrielfeo/develocity/api/OkHttpClientTest.kt | Updates test helper to use access key format |
| library/src/integrationTest/kotlin/com/gabrielfeo/develocity/api/DevelocityApiIntegrationTest.kt | Updates integration test to use accessKey parameter |
| library/src/main/kotlin/com/gabrielfeo/develocity/api/internal/OkHttpClient.kt | Updates HTTP client to use accessKey instead of apiToken |
| library/api/library.api | Updates public API signature |
| library/build.gradle.kts | Adds test dependencies for okio fake filesystem and JUnit parameterized tests |
| gradle/libs.versions.toml | Adds dependency version declarations |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
library/src/main/kotlin/com/gabrielfeo/develocity/api/internal/auth/HostAccessKeyEntry.kt
Outdated
Show resolved
Hide resolved
Job Summary for GradleCheck PR :: kotlin-tests
|
Job Summary for GradleCheck PR :: kotlin-tests
|
Job Summary for GradleCheck PR :: kotlin-tests
|
gabrielfeo
force-pushed
the
gf/conventional-access-key-settings
branch
from
ddd51e6 to
83916c3
Compare
Job Summary for GradleCheck PR :: kotlin-tests
|
gabrielfeo
force-pushed
the
gf/conventional-access-key-settings
branch
from
2914cec to
4c8d2a7
Compare
Job Summary for GradleCheck PR :: kotlin-tests
|
gabrielfeo
force-pushed
the
gf/conventional-access-key-settings
branch
from
4c8d2a7 to
a4350e4
Compare
gabrielfeo
added a commit
that referenced
this pull request
Aug 28, 2025
As follow-up to #455 / #338, support the conventional server URL variable that's already set up for official Develocity tooling, such as - any Gradle project using [`common-custom-user-data-gradle-plugin`][1] with a set [Develocity URL override][2] - the [Develocity Python agent][3] `Config.apiUrl` and `DEVELOCITY_API_URL` are renamed to `Config.server` and `DEVELOCITY_URL` for consistency with official Develocity tooling nomenclature. `Config.server` is strongly typed as a URI and validation is improved. [1]: https://github.com/gradle/common-custom-user-data-gradle-plugin [2]: https://github.com/gradle/common-custom-user-data-gradle-plugin/tree/main?tab=readme-ov-file#configuration-overrides [3]: https://docs.gradle.com/develocity/python-agent/#environment_variables
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Support using an access key from the conventional locations, matching the official tooling. Simplifies configuration for users of this library, which most likely also use the official tooling. Currently, they're required to set both
DEVELOCITY_API_TOKEN(for this library) andDEVELOCITY_ACCESS_KEY(for official tooling), which is possibly redundant if the access keys are from the same user and instance. If an access key different from the one defined in usual locations must be used for the API, then a customConfig.accessKeyis still supported. The name "API token" was also unintuitive considering that all Develocity documentation refers to them as "access keys". Resolves #338.This is a breaking change for projects using
DEVELOCITY_API_TOKENorConfig.apiToken, targeting the upcoming 2025.1.0 major release.Thanks to @mcumings for providing an initial reference implementation.