Let me check with infra if we can have non authenticated ge.
Le lun. 25 nov. 2024 à 19:47, Robert Stupp a écrit :
> The interesting part of build-scans is to have those even for CI runs on
> PRs - to get more insights into the build/CI run.
>
> But with a GH secret, as required by ge.apache.org,
The interesting part of build-scans is to have those even for CI runs on
PRs - to get more insights into the build/CI run.
But with a GH secret, as required by ge.apache.org, you cannot have have
that, because then you would have to give all CI jobs access to secrets
--> pwn [1]. That's the re
We are using it in Apache Beam via this configuration:
develocity {
server = "https://ge.apache.org";
buildScan {
uploadInBackground = !isCi
publishing.onlyIf { it.isAuthenticated }
obfuscation {
ipAddresses { addresses -> addresses.map { "0.0.0.0" } }
}
}
}
and using
It's tricky - have to use a mixture actually, as I notes in
https://github.com/apache/polaris/pull/475#issuecomment-2497792648 :
"Apache's instance rejects unauthenticated build scans, which is always
the case for PR CI runs (no secrets in those GH workflows). So I think
it's fine to let CI run
I think that's a good idea, so +1 from my side.
On Mon, Nov 25, 2024 at 11:10 AM Jean-Baptiste Onofré
wrote:
> Hi folks,
>
> The ASF is hosting a Gradle Develocity instance where we can store our
> build scans.
>
> It's hosted on https://ge.apache.org.
> Several projects are using it (Apache Bea
Hi folks,
The ASF is hosting a Gradle Develocity instance where we can store our
build scans.
It's hosted on https://ge.apache.org.
Several projects are using it (Apache Beam, Apache Pekko, etc).
Build scans collect information about a build, including the actual
output of failed tests.
It's con
