Compare commits

...

6 Commits

Author SHA1 Message Date
Markus Hoffrogge
a831018286
Merge 4f3734a7cd into fd08b9c8dc 2024-07-16 13:51:03 +02:00
dependabot[bot]
fd08b9c8dc
Bump undici from 5.28.3 to 5.28.4 (#616)
* Bump undici from 5.28.3 to 5.28.4

Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump undici from 5.28.3 to 5.28.4

Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* bump braces from 3.0.2 to 3.0.3

* Added Semver link

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>
2024-06-27 18:34:36 -05:00
Markus Hoffrogge
4f3734a7cd Update compiled dist scripts after re-base to main 2024-04-07 20:09:44 +02:00
Markus Hoffrogge
993bbb69f1 Update from npm run format to fix prettier check
- missed in initial commit
- took re-built dist from GH actions
2024-04-07 20:00:45 +02:00
Markus Hoffrogge
bf1d57deed Update README.md 2024-04-07 20:00:22 +02:00
Markus Hoffrogge
7ee5d0ee55 Add inputs 'update-toolchains-only', 'update-env-javahome', 'add-to-env-path'
Changes in detail:
------------------
- action.yml:
  - add inputs:
    - update-toolchains-only
    - update-env-javahome
    - add-to-env-path
  - update description for input "overwrite-settings"
  - remove default value of input "overwrite-settings",
    since the default is now propagated from input 'update-toolchains-only'

- base-models.ts:
  - extend interface JavaInstallerOptions:
    - add fields:
      - updateEnvJavaHome: boolean;
      - addToEnvPath: boolean;

- constants.ts:
  - add constant INPUT_UPDATE_TOOLCHAINS_ONLY
    = 'update-toolchains-only'

- auth.ts:
  - function configureAuthentication():
    - add parameter:
      - overwriteSettings: boolean
    - remove the now obsolete const overwriteSettings

- toolchains.ts:
  - function configureToolchains(...):
    - add parameter updateToolchains: boolean
    - remove the now obsolete const overwriteSettings
  - improve variable naming:
    - rename any occurrence of 'overwriteSettings'
        by 'updateToolchains'
    - add field updateToolchains: boolean to the parameter object
  - function writeToolchainsFileToDisk(...):
    - improve variable naming:
      - rename variable 'settingsExists'
          by 'toolchainsExists'
    - update wording of info logs to be more applicable

- setup-java.ts:
  - interface installerInputsOptions:
    - rename to IInstallerInputsOption to meet common coding convention
    - add fields:
      - updateToolchainsOnly: boolean;
      - overwriteSettings: boolean;
      - updateEnvJavaHome: boolean;
      - addToEnvPath: boolean;
  - function run():
    - add const:
      - const updateToolchainsOnly:
        - get as boolean from input 'update-toolchains-only', default: false
      - const overwriteSettings:
        - get as boolean from input 'overwrite-settings', default: !updateToolchainsOnly
      - const updateEnvJavaHome:
        - get as boolean input 'update-env-javahome', default: !updateToolchainsOnly
      - const addToEnvPath:
        - get as boolean input 'add-to-env-path', default: !updateToolchainsOnly
   - extend const installerInputsOptions to match with IInstallerInputsOption:
      - add field updateToolchainsOnly
      - add field overwriteSettings
      - add field updateEnvJavaHome
      - add field addToEnvPath
    - update call of auth.configureAuthentication()
        to auth.configureAuthentication(overwriteSettings)
  - function installVersion(...):
    - add const and init from parameter options:
      - updateToolchainsOnly, overwriteSettings,
        updateEnvJavaHome, addToEnvPath
    - init the additional fields of installerInputsOptions accordingly
    - call toolchains.configureToolchains(...):
      - with parameter updateToolchains= overwriteSettings || updateToolchainsOnly

- base-installer.ts:
  - add constants to import from constants:
    - INPUT_UPDATE_JAVA_HOME
    - INPUT_ADD_TO_PATH
  - add fields:
    - protected updateEnvJavaHome: boolean;
    - protected addToEnvPath: boolean;
  - ctor:
    - init these fields from JavaInstallerOptions accoprdingly
  - function setJavaDefault(...):
    - if updateEnvJavaHome is false:
      - SKIP updating env.JAVA_HOME
      - log info:
        `Skip updating env.JAVA_HOME according to ${INPUT_UPDATE_JAVA_HOME}`
    - if addToEnvPath is false:
      - SKIP adding toolchain path to env.PATH
      - log info:
        `Skip adding to env.PATH according to ${INPUT_ADD_TO_PATH}`
2024-04-07 20:00:21 +02:00
14 changed files with 686 additions and 163 deletions

Binary file not shown.

View File

@ -46,7 +46,13 @@ This action allows you to work with Java and Scala projects.
#### Maven options
The action has a bunch of inputs to generate maven's [settings.xml](https://maven.apache.org/settings.html) on the fly and pass the values to Apache Maven GPG Plugin as well as Apache Maven Toolchains. See [advanced usage](docs/advanced-usage.md) for more.
- `overwrite-settings`: By default action overwrites the settings.xml. In order to skip generation of file if it exists, set this to `false`.
- `overwrite-settings`: By default action overwrites the settings.xml and adds a toolchain entry to toolchains.xml. In order to skip generation of settings.xml and skip adding a toolchain entry to toolchains.xml if the according file exists, set this to `false`.
- `update-env-javahome`: By default action updates `env.JAVA_HOME` with the path of java installed. In order to skip update of JAVA_HOME, set this to `false`. The creation of the env variable JAVA_HOME_{{ MAJOR_VERSION }}_{{ ARCHITECTURE }} is NOT affected by this item. That will be created for any setup.
- `update-env-path`: By default action adds `<java_install_dir>/bin` to `env.PATH`. In order to skip this, set this to `false`.
- `update-toolchains-only`: If set to true, then `overwrite-settings`, `update-env-javahome` and `update-env-path` are propagated to `false` if the specific one is not explicitly configured to `true`. Only a toolchain entry will be added to toolchains.xml. Default is `false`.
- `server-id`: ID of the distributionManagement repository in the pom.xml file. Default is `github`.
@ -230,7 +236,7 @@ jobs:
### Install multiple JDKs
All versions are added to the PATH. The last version will be used and available globally. Other Java versions can be accessed through env variables with such specification as 'JAVA_HOME_{{ MAJOR_VERSION }}_{{ ARCHITECTURE }}'.
By default all versions are added to the PATH. The last version will be used and available globally. Other Java versions can be accessed through env variables with such specification as 'JAVA_HOME_{{ MAJOR_VERSION }}_{{ ARCHITECTURE }}'.
```yaml
steps:
@ -243,6 +249,8 @@ All versions are added to the PATH. The last version will be used and available
15
```
**NOTE:** An alternative option is to use multiple setup-java steps. In this case the behavior can be controlled more granular by making use of the input items `overwrite-settings`, `update-env-javahome`, `update-env-path` and `update-toolchains-only`.
### Using Maven Toolchains
In the example above multiple JDKs are installed for the same job. The result after the last JDK is installed is a Maven Toolchains declaration containing references to all three JDKs. The values for `id`, `version`, and `vendor` of the individual Toolchain entries are the given input values for `distribution` and `java-version` (`vendor` being the combination of `${distribution}_${java-version}`) by default.

View File

@ -115,7 +115,8 @@ describe('findPackageForDownload', () => {
const expectedUrl = `https://download.oracle.com/java/18/archive/jdk-18_${osType}-${distroArch}_bin.${archiveType}`;
expect(result.url).toBe(expectedUrl);
}
},
10000
);
it('should throw an error', async () => {

View File

@ -43,9 +43,21 @@ inputs:
description: 'Path to where the settings.xml file will be written. Default is ~/.m2.'
required: false
overwrite-settings:
description: 'Overwrite the settings.xml file if it exists. Default is "true".'
description: 'Overwrite the settings.xml file if it exists. Default is "!update-toolchains-only". If explcitly set "true", it will update settings.xml regardless of "update-toolchains-only"'
required: false
default: true
# DO NOT set a default here! The default will be propagated from input 'update-toolchains-only'!
update-toolchains-only:
description: 'Update toolchains.xml only. Default is "false". No update of settings.xml, no update of JAVA_HOME, no adding to PATH by default - unless "overwrite-settings", "update-env-javahome" or "add-to-env-path" are not explicitly set "true"'
required: false
default: false
update-env-javahome:
description: 'Update the JAVA_HOME environment variable. Default is "!update-toolchains-only"'
required: false
# DO NOT set a default here! The default will be propagated from input 'update-toolchains-only'!
add-to-env-path:
description: 'Add "<JDK home>/bin" to the PATH environment variable. Default is "!update-toolchains-only"'
required: false
# DO NOT set a default here! The default will be propagated from input 'update-toolchains-only'!
gpg-private-key:
description: 'GPG private key to import. Default is empty string.'
required: false

300
dist/cleanup/index.js vendored
View File

@ -66943,6 +66943,132 @@ function onConnectTimeout (socket) {
module.exports = buildConnector
/***/ }),
/***/ 4462:
/***/ ((module) => {
"use strict";
/** @type {Record<string, string | undefined>} */
const headerNameLowerCasedRecord = {}
// https://developer.mozilla.org/docs/Web/HTTP/Headers
const wellknownHeaderNames = [
'Accept',
'Accept-Encoding',
'Accept-Language',
'Accept-Ranges',
'Access-Control-Allow-Credentials',
'Access-Control-Allow-Headers',
'Access-Control-Allow-Methods',
'Access-Control-Allow-Origin',
'Access-Control-Expose-Headers',
'Access-Control-Max-Age',
'Access-Control-Request-Headers',
'Access-Control-Request-Method',
'Age',
'Allow',
'Alt-Svc',
'Alt-Used',
'Authorization',
'Cache-Control',
'Clear-Site-Data',
'Connection',
'Content-Disposition',
'Content-Encoding',
'Content-Language',
'Content-Length',
'Content-Location',
'Content-Range',
'Content-Security-Policy',
'Content-Security-Policy-Report-Only',
'Content-Type',
'Cookie',
'Cross-Origin-Embedder-Policy',
'Cross-Origin-Opener-Policy',
'Cross-Origin-Resource-Policy',
'Date',
'Device-Memory',
'Downlink',
'ECT',
'ETag',
'Expect',
'Expect-CT',
'Expires',
'Forwarded',
'From',
'Host',
'If-Match',
'If-Modified-Since',
'If-None-Match',
'If-Range',
'If-Unmodified-Since',
'Keep-Alive',
'Last-Modified',
'Link',
'Location',
'Max-Forwards',
'Origin',
'Permissions-Policy',
'Pragma',
'Proxy-Authenticate',
'Proxy-Authorization',
'RTT',
'Range',
'Referer',
'Referrer-Policy',
'Refresh',
'Retry-After',
'Sec-WebSocket-Accept',
'Sec-WebSocket-Extensions',
'Sec-WebSocket-Key',
'Sec-WebSocket-Protocol',
'Sec-WebSocket-Version',
'Server',
'Server-Timing',
'Service-Worker-Allowed',
'Service-Worker-Navigation-Preload',
'Set-Cookie',
'SourceMap',
'Strict-Transport-Security',
'Supports-Loading-Mode',
'TE',
'Timing-Allow-Origin',
'Trailer',
'Transfer-Encoding',
'Upgrade',
'Upgrade-Insecure-Requests',
'User-Agent',
'Vary',
'Via',
'WWW-Authenticate',
'X-Content-Type-Options',
'X-DNS-Prefetch-Control',
'X-Frame-Options',
'X-Permitted-Cross-Domain-Policies',
'X-Powered-By',
'X-Requested-With',
'X-XSS-Protection'
]
for (let i = 0; i < wellknownHeaderNames.length; ++i) {
const key = wellknownHeaderNames[i]
const lowerCasedKey = key.toLowerCase()
headerNameLowerCasedRecord[key] = headerNameLowerCasedRecord[lowerCasedKey] =
lowerCasedKey
}
// Note: object prototypes should not be able to be referenced. e.g. `Object#hasOwnProperty`.
Object.setPrototypeOf(headerNameLowerCasedRecord, null)
module.exports = {
wellknownHeaderNames,
headerNameLowerCasedRecord
}
/***/ }),
/***/ 8045:
@ -67775,6 +67901,7 @@ const { InvalidArgumentError } = __nccwpck_require__(8045)
const { Blob } = __nccwpck_require__(4300)
const nodeUtil = __nccwpck_require__(3837)
const { stringify } = __nccwpck_require__(3477)
const { headerNameLowerCasedRecord } = __nccwpck_require__(4462)
const [nodeMajor, nodeMinor] = process.versions.node.split('.').map(v => Number(v))
@ -67984,6 +68111,15 @@ function parseKeepAliveTimeout (val) {
return m ? parseInt(m[1], 10) * 1000 : null
}
/**
* Retrieves a header name and returns its lowercase value.
* @param {string | Buffer} value Header name
* @returns {string}
*/
function headerNameToString (value) {
return headerNameLowerCasedRecord[value] || value.toLowerCase()
}
function parseHeaders (headers, obj = {}) {
// For H2 support
if (!Array.isArray(headers)) return headers
@ -68255,6 +68391,7 @@ module.exports = {
isIterable,
isAsyncIterable,
isDestroyed,
headerNameToString,
parseRawHeaders,
parseHeaders,
parseKeepAliveTimeout,
@ -74902,14 +75039,18 @@ const { isBlobLike, toUSVString, ReadableStreamFrom } = __nccwpck_require__(3983
const assert = __nccwpck_require__(9491)
const { isUint8Array } = __nccwpck_require__(9830)
let supportedHashes = []
// https://nodejs.org/api/crypto.html#determining-if-crypto-support-is-unavailable
/** @type {import('crypto')|undefined} */
let crypto
try {
crypto = __nccwpck_require__(6113)
const possibleRelevantHashes = ['sha256', 'sha384', 'sha512']
supportedHashes = crypto.getHashes().filter((hash) => possibleRelevantHashes.includes(hash))
/* c8 ignore next 3 */
} catch {
}
function responseURL (response) {
@ -75437,66 +75578,56 @@ function bytesMatch (bytes, metadataList) {
return true
}
// 3. If parsedMetadata is the empty set, return true.
// 3. If response is not eligible for integrity validation, return false.
// TODO
// 4. If parsedMetadata is the empty set, return true.
if (parsedMetadata.length === 0) {
return true
}
// 4. Let metadata be the result of getting the strongest
// 5. Let metadata be the result of getting the strongest
// metadata from parsedMetadata.
const list = parsedMetadata.sort((c, d) => d.algo.localeCompare(c.algo))
// get the strongest algorithm
const strongest = list[0].algo
// get all entries that use the strongest algorithm; ignore weaker
const metadata = list.filter((item) => item.algo === strongest)
const strongest = getStrongestMetadata(parsedMetadata)
const metadata = filterMetadataListByAlgorithm(parsedMetadata, strongest)
// 5. For each item in metadata:
// 6. For each item in metadata:
for (const item of metadata) {
// 1. Let algorithm be the alg component of item.
const algorithm = item.algo
// 2. Let expectedValue be the val component of item.
let expectedValue = item.hash
const expectedValue = item.hash
// See https://github.com/web-platform-tests/wpt/commit/e4c5cc7a5e48093220528dfdd1c4012dc3837a0e
// "be liberal with padding". This is annoying, and it's not even in the spec.
if (expectedValue.endsWith('==')) {
expectedValue = expectedValue.slice(0, -2)
}
// 3. Let actualValue be the result of applying algorithm to bytes.
let actualValue = crypto.createHash(algorithm).update(bytes).digest('base64')
if (actualValue.endsWith('==')) {
if (actualValue[actualValue.length - 1] === '=') {
if (actualValue[actualValue.length - 2] === '=') {
actualValue = actualValue.slice(0, -2)
} else {
actualValue = actualValue.slice(0, -1)
}
}
// 4. If actualValue is a case-sensitive match for expectedValue,
// return true.
if (actualValue === expectedValue) {
return true
}
let actualBase64URL = crypto.createHash(algorithm).update(bytes).digest('base64url')
if (actualBase64URL.endsWith('==')) {
actualBase64URL = actualBase64URL.slice(0, -2)
}
if (actualBase64URL === expectedValue) {
if (compareBase64Mixed(actualValue, expectedValue)) {
return true
}
}
// 6. Return false.
// 7. Return false.
return false
}
// https://w3c.github.io/webappsec-subresource-integrity/#grammardef-hash-with-options
// https://www.w3.org/TR/CSP2/#source-list-syntax
// https://www.rfc-editor.org/rfc/rfc5234#appendix-B.1
const parseHashWithOptions = /((?<algo>sha256|sha384|sha512)-(?<hash>[A-z0-9+/]{1}.*={0,2}))( +[\x21-\x7e]?)?/i
const parseHashWithOptions = /(?<algo>sha256|sha384|sha512)-((?<hash>[A-Za-z0-9+/]+|[A-Za-z0-9_-]+)={0,2}(?:\s|$)( +[!-~]*)?)?/i
/**
* @see https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata
@ -75510,8 +75641,6 @@ function parseMetadata (metadata) {
// 2. Let empty be equal to true.
let empty = true
const supportedHashes = crypto.getHashes()
// 3. For each token returned by splitting metadata on spaces:
for (const token of metadata.split(' ')) {
// 1. Set empty to false.
@ -75521,7 +75650,11 @@ function parseMetadata (metadata) {
const parsedToken = parseHashWithOptions.exec(token)
// 3. If token does not parse, continue to the next token.
if (parsedToken === null || parsedToken.groups === undefined) {
if (
parsedToken === null ||
parsedToken.groups === undefined ||
parsedToken.groups.algo === undefined
) {
// Note: Chromium blocks the request at this point, but Firefox
// gives a warning that an invalid integrity was given. The
// correct behavior is to ignore these, and subsequently not
@ -75530,11 +75663,11 @@ function parseMetadata (metadata) {
}
// 4. Let algorithm be the hash-algo component of token.
const algorithm = parsedToken.groups.algo
const algorithm = parsedToken.groups.algo.toLowerCase()
// 5. If algorithm is a hash function recognized by the user
// agent, add the parsed token to result.
if (supportedHashes.includes(algorithm.toLowerCase())) {
if (supportedHashes.includes(algorithm)) {
result.push(parsedToken.groups)
}
}
@ -75547,6 +75680,82 @@ function parseMetadata (metadata) {
return result
}
/**
* @param {{ algo: 'sha256' | 'sha384' | 'sha512' }[]} metadataList
*/
function getStrongestMetadata (metadataList) {
// Let algorithm be the algo component of the first item in metadataList.
// Can be sha256
let algorithm = metadataList[0].algo
// If the algorithm is sha512, then it is the strongest
// and we can return immediately
if (algorithm[3] === '5') {
return algorithm
}
for (let i = 1; i < metadataList.length; ++i) {
const metadata = metadataList[i]
// If the algorithm is sha512, then it is the strongest
// and we can break the loop immediately
if (metadata.algo[3] === '5') {
algorithm = 'sha512'
break
// If the algorithm is sha384, then a potential sha256 or sha384 is ignored
} else if (algorithm[3] === '3') {
continue
// algorithm is sha256, check if algorithm is sha384 and if so, set it as
// the strongest
} else if (metadata.algo[3] === '3') {
algorithm = 'sha384'
}
}
return algorithm
}
function filterMetadataListByAlgorithm (metadataList, algorithm) {
if (metadataList.length === 1) {
return metadataList
}
let pos = 0
for (let i = 0; i < metadataList.length; ++i) {
if (metadataList[i].algo === algorithm) {
metadataList[pos++] = metadataList[i]
}
}
metadataList.length = pos
return metadataList
}
/**
* Compares two base64 strings, allowing for base64url
* in the second string.
*
* @param {string} actualValue always base64
* @param {string} expectedValue base64 or base64url
* @returns {boolean}
*/
function compareBase64Mixed (actualValue, expectedValue) {
if (actualValue.length !== expectedValue.length) {
return false
}
for (let i = 0; i < actualValue.length; ++i) {
if (actualValue[i] !== expectedValue[i]) {
if (
(actualValue[i] === '+' && expectedValue[i] === '-') ||
(actualValue[i] === '/' && expectedValue[i] === '_')
) {
continue
}
return false
}
}
return true
}
// https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-request
function tryUpgradeRequestToAPotentiallyTrustworthyURL (request) {
// TODO
@ -75962,7 +76171,8 @@ module.exports = {
urlHasHttpsScheme,
urlIsHttpHttpsScheme,
readAllBytes,
normalizeMethodRecord
normalizeMethodRecord,
parseMetadata
}
@ -78049,12 +78259,17 @@ function parseLocation (statusCode, headers) {
// https://tools.ietf.org/html/rfc7231#section-6.4.4
function shouldRemoveHeader (header, removeContent, unknownOrigin) {
return (
(header.length === 4 && header.toString().toLowerCase() === 'host') ||
(removeContent && header.toString().toLowerCase().indexOf('content-') === 0) ||
(unknownOrigin && header.length === 13 && header.toString().toLowerCase() === 'authorization') ||
(unknownOrigin && header.length === 6 && header.toString().toLowerCase() === 'cookie')
)
if (header.length === 4) {
return util.headerNameToString(header) === 'host'
}
if (removeContent && util.headerNameToString(header).startsWith('content-')) {
return true
}
if (unknownOrigin && (header.length === 13 || header.length === 6 || header.length === 19)) {
const name = util.headerNameToString(header)
return name === 'authorization' || name === 'cookie' || name === 'proxy-authorization'
}
return false
}
// https://tools.ietf.org/html/rfc7231#section-6.4
@ -88096,7 +88311,7 @@ else {
"use strict";
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = exports.INPUT_MVN_TOOLCHAIN_VENDOR = exports.INPUT_MVN_TOOLCHAIN_ID = exports.MVN_TOOLCHAINS_FILE = exports.MVN_SETTINGS_FILE = exports.M2_DIR = exports.STATE_GPG_PRIVATE_KEY_FINGERPRINT = exports.INPUT_JOB_STATUS = exports.INPUT_CACHE_DEPENDENCY_PATH = exports.INPUT_CACHE = exports.INPUT_DEFAULT_GPG_PASSPHRASE = exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = exports.INPUT_GPG_PASSPHRASE = exports.INPUT_GPG_PRIVATE_KEY = exports.INPUT_OVERWRITE_SETTINGS = exports.INPUT_SETTINGS_PATH = exports.INPUT_SERVER_PASSWORD = exports.INPUT_SERVER_USERNAME = exports.INPUT_SERVER_ID = exports.INPUT_CHECK_LATEST = exports.INPUT_JDK_FILE = exports.INPUT_DISTRIBUTION = exports.INPUT_JAVA_PACKAGE = exports.INPUT_ARCHITECTURE = exports.INPUT_JAVA_VERSION_FILE = exports.INPUT_JAVA_VERSION = exports.MACOS_JAVA_CONTENT_POSTFIX = void 0;
exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = exports.INPUT_MVN_TOOLCHAIN_VENDOR = exports.INPUT_MVN_TOOLCHAIN_ID = exports.MVN_TOOLCHAINS_FILE = exports.MVN_SETTINGS_FILE = exports.M2_DIR = exports.STATE_GPG_PRIVATE_KEY_FINGERPRINT = exports.INPUT_JOB_STATUS = exports.INPUT_CACHE_DEPENDENCY_PATH = exports.INPUT_CACHE = exports.INPUT_DEFAULT_GPG_PASSPHRASE = exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = exports.INPUT_GPG_PASSPHRASE = exports.INPUT_GPG_PRIVATE_KEY = exports.INPUT_ADD_TO_PATH = exports.INPUT_UPDATE_JAVA_HOME = exports.INPUT_UPDATE_TOOLCHAINS_ONLY = exports.INPUT_OVERWRITE_SETTINGS = exports.INPUT_SETTINGS_PATH = exports.INPUT_SERVER_PASSWORD = exports.INPUT_SERVER_USERNAME = exports.INPUT_SERVER_ID = exports.INPUT_CHECK_LATEST = exports.INPUT_JDK_FILE = exports.INPUT_DISTRIBUTION = exports.INPUT_JAVA_PACKAGE = exports.INPUT_ARCHITECTURE = exports.INPUT_JAVA_VERSION_FILE = exports.INPUT_JAVA_VERSION = exports.MACOS_JAVA_CONTENT_POSTFIX = void 0;
exports.MACOS_JAVA_CONTENT_POSTFIX = 'Contents/Home';
exports.INPUT_JAVA_VERSION = 'java-version';
exports.INPUT_JAVA_VERSION_FILE = 'java-version-file';
@ -88110,6 +88325,9 @@ exports.INPUT_SERVER_USERNAME = 'server-username';
exports.INPUT_SERVER_PASSWORD = 'server-password';
exports.INPUT_SETTINGS_PATH = 'settings-path';
exports.INPUT_OVERWRITE_SETTINGS = 'overwrite-settings';
exports.INPUT_UPDATE_TOOLCHAINS_ONLY = 'update-toolchains-only';
exports.INPUT_UPDATE_JAVA_HOME = 'update-env-javahome';
exports.INPUT_ADD_TO_PATH = 'add-to-env-path';
exports.INPUT_GPG_PRIVATE_KEY = 'gpg-private-key';
exports.INPUT_GPG_PASSPHRASE = 'gpg-passphrase';
exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = undefined;

362
dist/setup/index.js vendored
View File

@ -91797,6 +91797,132 @@ function onConnectTimeout (socket) {
module.exports = buildConnector
/***/ }),
/***/ 14462:
/***/ ((module) => {
"use strict";
/** @type {Record<string, string | undefined>} */
const headerNameLowerCasedRecord = {}
// https://developer.mozilla.org/docs/Web/HTTP/Headers
const wellknownHeaderNames = [
'Accept',
'Accept-Encoding',
'Accept-Language',
'Accept-Ranges',
'Access-Control-Allow-Credentials',
'Access-Control-Allow-Headers',
'Access-Control-Allow-Methods',
'Access-Control-Allow-Origin',
'Access-Control-Expose-Headers',
'Access-Control-Max-Age',
'Access-Control-Request-Headers',
'Access-Control-Request-Method',
'Age',
'Allow',
'Alt-Svc',
'Alt-Used',
'Authorization',
'Cache-Control',
'Clear-Site-Data',
'Connection',
'Content-Disposition',
'Content-Encoding',
'Content-Language',
'Content-Length',
'Content-Location',
'Content-Range',
'Content-Security-Policy',
'Content-Security-Policy-Report-Only',
'Content-Type',
'Cookie',
'Cross-Origin-Embedder-Policy',
'Cross-Origin-Opener-Policy',
'Cross-Origin-Resource-Policy',
'Date',
'Device-Memory',
'Downlink',
'ECT',
'ETag',
'Expect',
'Expect-CT',
'Expires',
'Forwarded',
'From',
'Host',
'If-Match',
'If-Modified-Since',
'If-None-Match',
'If-Range',
'If-Unmodified-Since',
'Keep-Alive',
'Last-Modified',
'Link',
'Location',
'Max-Forwards',
'Origin',
'Permissions-Policy',
'Pragma',
'Proxy-Authenticate',
'Proxy-Authorization',
'RTT',
'Range',
'Referer',
'Referrer-Policy',
'Refresh',
'Retry-After',
'Sec-WebSocket-Accept',
'Sec-WebSocket-Extensions',
'Sec-WebSocket-Key',
'Sec-WebSocket-Protocol',
'Sec-WebSocket-Version',
'Server',
'Server-Timing',
'Service-Worker-Allowed',
'Service-Worker-Navigation-Preload',
'Set-Cookie',
'SourceMap',
'Strict-Transport-Security',
'Supports-Loading-Mode',
'TE',
'Timing-Allow-Origin',
'Trailer',
'Transfer-Encoding',
'Upgrade',
'Upgrade-Insecure-Requests',
'User-Agent',
'Vary',
'Via',
'WWW-Authenticate',
'X-Content-Type-Options',
'X-DNS-Prefetch-Control',
'X-Frame-Options',
'X-Permitted-Cross-Domain-Policies',
'X-Powered-By',
'X-Requested-With',
'X-XSS-Protection'
]
for (let i = 0; i < wellknownHeaderNames.length; ++i) {
const key = wellknownHeaderNames[i]
const lowerCasedKey = key.toLowerCase()
headerNameLowerCasedRecord[key] = headerNameLowerCasedRecord[lowerCasedKey] =
lowerCasedKey
}
// Note: object prototypes should not be able to be referenced. e.g. `Object#hasOwnProperty`.
Object.setPrototypeOf(headerNameLowerCasedRecord, null)
module.exports = {
wellknownHeaderNames,
headerNameLowerCasedRecord
}
/***/ }),
/***/ 48045:
@ -92629,6 +92755,7 @@ const { InvalidArgumentError } = __nccwpck_require__(48045)
const { Blob } = __nccwpck_require__(14300)
const nodeUtil = __nccwpck_require__(73837)
const { stringify } = __nccwpck_require__(63477)
const { headerNameLowerCasedRecord } = __nccwpck_require__(14462)
const [nodeMajor, nodeMinor] = process.versions.node.split('.').map(v => Number(v))
@ -92838,6 +92965,15 @@ function parseKeepAliveTimeout (val) {
return m ? parseInt(m[1], 10) * 1000 : null
}
/**
* Retrieves a header name and returns its lowercase value.
* @param {string | Buffer} value Header name
* @returns {string}
*/
function headerNameToString (value) {
return headerNameLowerCasedRecord[value] || value.toLowerCase()
}
function parseHeaders (headers, obj = {}) {
// For H2 support
if (!Array.isArray(headers)) return headers
@ -93109,6 +93245,7 @@ module.exports = {
isIterable,
isAsyncIterable,
isDestroyed,
headerNameToString,
parseRawHeaders,
parseHeaders,
parseKeepAliveTimeout,
@ -99756,14 +99893,18 @@ const { isBlobLike, toUSVString, ReadableStreamFrom } = __nccwpck_require__(8398
const assert = __nccwpck_require__(39491)
const { isUint8Array } = __nccwpck_require__(29830)
let supportedHashes = []
// https://nodejs.org/api/crypto.html#determining-if-crypto-support-is-unavailable
/** @type {import('crypto')|undefined} */
let crypto
try {
crypto = __nccwpck_require__(6113)
const possibleRelevantHashes = ['sha256', 'sha384', 'sha512']
supportedHashes = crypto.getHashes().filter((hash) => possibleRelevantHashes.includes(hash))
/* c8 ignore next 3 */
} catch {
}
function responseURL (response) {
@ -100291,66 +100432,56 @@ function bytesMatch (bytes, metadataList) {
return true
}
// 3. If parsedMetadata is the empty set, return true.
// 3. If response is not eligible for integrity validation, return false.
// TODO
// 4. If parsedMetadata is the empty set, return true.
if (parsedMetadata.length === 0) {
return true
}
// 4. Let metadata be the result of getting the strongest
// 5. Let metadata be the result of getting the strongest
// metadata from parsedMetadata.
const list = parsedMetadata.sort((c, d) => d.algo.localeCompare(c.algo))
// get the strongest algorithm
const strongest = list[0].algo
// get all entries that use the strongest algorithm; ignore weaker
const metadata = list.filter((item) => item.algo === strongest)
const strongest = getStrongestMetadata(parsedMetadata)
const metadata = filterMetadataListByAlgorithm(parsedMetadata, strongest)
// 5. For each item in metadata:
// 6. For each item in metadata:
for (const item of metadata) {
// 1. Let algorithm be the alg component of item.
const algorithm = item.algo
// 2. Let expectedValue be the val component of item.
let expectedValue = item.hash
const expectedValue = item.hash
// See https://github.com/web-platform-tests/wpt/commit/e4c5cc7a5e48093220528dfdd1c4012dc3837a0e
// "be liberal with padding". This is annoying, and it's not even in the spec.
if (expectedValue.endsWith('==')) {
expectedValue = expectedValue.slice(0, -2)
}
// 3. Let actualValue be the result of applying algorithm to bytes.
let actualValue = crypto.createHash(algorithm).update(bytes).digest('base64')
if (actualValue.endsWith('==')) {
if (actualValue[actualValue.length - 1] === '=') {
if (actualValue[actualValue.length - 2] === '=') {
actualValue = actualValue.slice(0, -2)
} else {
actualValue = actualValue.slice(0, -1)
}
}
// 4. If actualValue is a case-sensitive match for expectedValue,
// return true.
if (actualValue === expectedValue) {
return true
}
let actualBase64URL = crypto.createHash(algorithm).update(bytes).digest('base64url')
if (actualBase64URL.endsWith('==')) {
actualBase64URL = actualBase64URL.slice(0, -2)
}
if (actualBase64URL === expectedValue) {
if (compareBase64Mixed(actualValue, expectedValue)) {
return true
}
}
// 6. Return false.
// 7. Return false.
return false
}
// https://w3c.github.io/webappsec-subresource-integrity/#grammardef-hash-with-options
// https://www.w3.org/TR/CSP2/#source-list-syntax
// https://www.rfc-editor.org/rfc/rfc5234#appendix-B.1
const parseHashWithOptions = /((?<algo>sha256|sha384|sha512)-(?<hash>[A-z0-9+/]{1}.*={0,2}))( +[\x21-\x7e]?)?/i
const parseHashWithOptions = /(?<algo>sha256|sha384|sha512)-((?<hash>[A-Za-z0-9+/]+|[A-Za-z0-9_-]+)={0,2}(?:\s|$)( +[!-~]*)?)?/i
/**
* @see https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata
@ -100364,8 +100495,6 @@ function parseMetadata (metadata) {
// 2. Let empty be equal to true.
let empty = true
const supportedHashes = crypto.getHashes()
// 3. For each token returned by splitting metadata on spaces:
for (const token of metadata.split(' ')) {
// 1. Set empty to false.
@ -100375,7 +100504,11 @@ function parseMetadata (metadata) {
const parsedToken = parseHashWithOptions.exec(token)
// 3. If token does not parse, continue to the next token.
if (parsedToken === null || parsedToken.groups === undefined) {
if (
parsedToken === null ||
parsedToken.groups === undefined ||
parsedToken.groups.algo === undefined
) {
// Note: Chromium blocks the request at this point, but Firefox
// gives a warning that an invalid integrity was given. The
// correct behavior is to ignore these, and subsequently not
@ -100384,11 +100517,11 @@ function parseMetadata (metadata) {
}
// 4. Let algorithm be the hash-algo component of token.
const algorithm = parsedToken.groups.algo
const algorithm = parsedToken.groups.algo.toLowerCase()
// 5. If algorithm is a hash function recognized by the user
// agent, add the parsed token to result.
if (supportedHashes.includes(algorithm.toLowerCase())) {
if (supportedHashes.includes(algorithm)) {
result.push(parsedToken.groups)
}
}
@ -100401,6 +100534,82 @@ function parseMetadata (metadata) {
return result
}
/**
* @param {{ algo: 'sha256' | 'sha384' | 'sha512' }[]} metadataList
*/
function getStrongestMetadata (metadataList) {
// Let algorithm be the algo component of the first item in metadataList.
// Can be sha256
let algorithm = metadataList[0].algo
// If the algorithm is sha512, then it is the strongest
// and we can return immediately
if (algorithm[3] === '5') {
return algorithm
}
for (let i = 1; i < metadataList.length; ++i) {
const metadata = metadataList[i]
// If the algorithm is sha512, then it is the strongest
// and we can break the loop immediately
if (metadata.algo[3] === '5') {
algorithm = 'sha512'
break
// If the algorithm is sha384, then a potential sha256 or sha384 is ignored
} else if (algorithm[3] === '3') {
continue
// algorithm is sha256, check if algorithm is sha384 and if so, set it as
// the strongest
} else if (metadata.algo[3] === '3') {
algorithm = 'sha384'
}
}
return algorithm
}
function filterMetadataListByAlgorithm (metadataList, algorithm) {
if (metadataList.length === 1) {
return metadataList
}
let pos = 0
for (let i = 0; i < metadataList.length; ++i) {
if (metadataList[i].algo === algorithm) {
metadataList[pos++] = metadataList[i]
}
}
metadataList.length = pos
return metadataList
}
/**
* Compares two base64 strings, allowing for base64url
* in the second string.
*
* @param {string} actualValue always base64
* @param {string} expectedValue base64 or base64url
* @returns {boolean}
*/
function compareBase64Mixed (actualValue, expectedValue) {
if (actualValue.length !== expectedValue.length) {
return false
}
for (let i = 0; i < actualValue.length; ++i) {
if (actualValue[i] !== expectedValue[i]) {
if (
(actualValue[i] === '+' && expectedValue[i] === '-') ||
(actualValue[i] === '/' && expectedValue[i] === '_')
) {
continue
}
return false
}
}
return true
}
// https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-request
function tryUpgradeRequestToAPotentiallyTrustworthyURL (request) {
// TODO
@ -100816,7 +101025,8 @@ module.exports = {
urlHasHttpsScheme,
urlIsHttpHttpsScheme,
readAllBytes,
normalizeMethodRecord
normalizeMethodRecord,
parseMetadata
}
@ -102903,12 +103113,17 @@ function parseLocation (statusCode, headers) {
// https://tools.ietf.org/html/rfc7231#section-6.4.4
function shouldRemoveHeader (header, removeContent, unknownOrigin) {
return (
(header.length === 4 && header.toString().toLowerCase() === 'host') ||
(removeContent && header.toString().toLowerCase().indexOf('content-') === 0) ||
(unknownOrigin && header.length === 13 && header.toString().toLowerCase() === 'authorization') ||
(unknownOrigin && header.length === 6 && header.toString().toLowerCase() === 'cookie')
)
if (header.length === 4) {
return util.headerNameToString(header) === 'host'
}
if (removeContent && util.headerNameToString(header).startsWith('content-')) {
return true
}
if (unknownOrigin && (header.length === 13 || header.length === 6 || header.length === 19)) {
const name = util.headerNameToString(header)
return name === 'authorization' || name === 'cookie' || name === 'proxy-authorization'
}
return false
}
// https://tools.ietf.org/html/rfc7231#section-6.4
@ -122936,15 +123151,13 @@ const os = __importStar(__nccwpck_require__(22037));
const xmlbuilder2_1 = __nccwpck_require__(70151);
const constants = __importStar(__nccwpck_require__(69042));
const gpg = __importStar(__nccwpck_require__(23759));
const util_1 = __nccwpck_require__(92629);
function configureAuthentication() {
function configureAuthentication(overwriteSettings) {
return __awaiter(this, void 0, void 0, function* () {
const id = core.getInput(constants.INPUT_SERVER_ID);
const username = core.getInput(constants.INPUT_SERVER_USERNAME);
const password = core.getInput(constants.INPUT_SERVER_PASSWORD);
const settingsDirectory = core.getInput(constants.INPUT_SETTINGS_PATH) ||
path.join(os.homedir(), constants.M2_DIR);
const overwriteSettings = (0, util_1.getBooleanInput)(constants.INPUT_OVERWRITE_SETTINGS, true);
const gpgPrivateKey = core.getInput(constants.INPUT_GPG_PRIVATE_KEY) ||
constants.INPUT_DEFAULT_GPG_PRIVATE_KEY;
const gpgPassphrase = core.getInput(constants.INPUT_GPG_PASSPHRASE) ||
@ -123240,7 +123453,7 @@ function isProbablyGradleDaemonProblem(packageManager, error) {
"use strict";
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = exports.INPUT_MVN_TOOLCHAIN_VENDOR = exports.INPUT_MVN_TOOLCHAIN_ID = exports.MVN_TOOLCHAINS_FILE = exports.MVN_SETTINGS_FILE = exports.M2_DIR = exports.STATE_GPG_PRIVATE_KEY_FINGERPRINT = exports.INPUT_JOB_STATUS = exports.INPUT_CACHE_DEPENDENCY_PATH = exports.INPUT_CACHE = exports.INPUT_DEFAULT_GPG_PASSPHRASE = exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = exports.INPUT_GPG_PASSPHRASE = exports.INPUT_GPG_PRIVATE_KEY = exports.INPUT_OVERWRITE_SETTINGS = exports.INPUT_SETTINGS_PATH = exports.INPUT_SERVER_PASSWORD = exports.INPUT_SERVER_USERNAME = exports.INPUT_SERVER_ID = exports.INPUT_CHECK_LATEST = exports.INPUT_JDK_FILE = exports.INPUT_DISTRIBUTION = exports.INPUT_JAVA_PACKAGE = exports.INPUT_ARCHITECTURE = exports.INPUT_JAVA_VERSION_FILE = exports.INPUT_JAVA_VERSION = exports.MACOS_JAVA_CONTENT_POSTFIX = void 0;
exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = exports.INPUT_MVN_TOOLCHAIN_VENDOR = exports.INPUT_MVN_TOOLCHAIN_ID = exports.MVN_TOOLCHAINS_FILE = exports.MVN_SETTINGS_FILE = exports.M2_DIR = exports.STATE_GPG_PRIVATE_KEY_FINGERPRINT = exports.INPUT_JOB_STATUS = exports.INPUT_CACHE_DEPENDENCY_PATH = exports.INPUT_CACHE = exports.INPUT_DEFAULT_GPG_PASSPHRASE = exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = exports.INPUT_GPG_PASSPHRASE = exports.INPUT_GPG_PRIVATE_KEY = exports.INPUT_ADD_TO_PATH = exports.INPUT_UPDATE_JAVA_HOME = exports.INPUT_UPDATE_TOOLCHAINS_ONLY = exports.INPUT_OVERWRITE_SETTINGS = exports.INPUT_SETTINGS_PATH = exports.INPUT_SERVER_PASSWORD = exports.INPUT_SERVER_USERNAME = exports.INPUT_SERVER_ID = exports.INPUT_CHECK_LATEST = exports.INPUT_JDK_FILE = exports.INPUT_DISTRIBUTION = exports.INPUT_JAVA_PACKAGE = exports.INPUT_ARCHITECTURE = exports.INPUT_JAVA_VERSION_FILE = exports.INPUT_JAVA_VERSION = exports.MACOS_JAVA_CONTENT_POSTFIX = void 0;
exports.MACOS_JAVA_CONTENT_POSTFIX = 'Contents/Home';
exports.INPUT_JAVA_VERSION = 'java-version';
exports.INPUT_JAVA_VERSION_FILE = 'java-version-file';
@ -123254,6 +123467,9 @@ exports.INPUT_SERVER_USERNAME = 'server-username';
exports.INPUT_SERVER_PASSWORD = 'server-password';
exports.INPUT_SETTINGS_PATH = 'settings-path';
exports.INPUT_OVERWRITE_SETTINGS = 'overwrite-settings';
exports.INPUT_UPDATE_TOOLCHAINS_ONLY = 'update-toolchains-only';
exports.INPUT_UPDATE_JAVA_HOME = 'update-env-javahome';
exports.INPUT_ADD_TO_PATH = 'add-to-env-path';
exports.INPUT_GPG_PRIVATE_KEY = 'gpg-private-key';
exports.INPUT_GPG_PASSPHRASE = 'gpg-passphrase';
exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = undefined;
@ -123512,6 +123728,8 @@ class JavaBase {
this.architecture = installerOptions.architecture || os_1.default.arch();
this.packageType = installerOptions.packageType;
this.checkLatest = installerOptions.checkLatest;
this.updateEnvJavaHome = installerOptions.updateEnvJavaHome;
this.addToEnvPath = installerOptions.addToEnvPath;
}
setupJava() {
return __awaiter(this, void 0, void 0, function* () {
@ -123613,8 +123831,18 @@ class JavaBase {
}
setJavaDefault(version, toolPath) {
const majorVersion = version.split('.')[0];
if (this.updateEnvJavaHome) {
core.exportVariable('JAVA_HOME', toolPath);
}
else {
core.info(`Skip updating env.JAVA_HOME according to ${constants_1.INPUT_UPDATE_JAVA_HOME}`);
}
if (this.addToEnvPath) {
core.addPath(path_1.default.join(toolPath, 'bin'));
}
else {
core.info(`Skip adding to env.PATH according to ${constants_1.INPUT_ADD_TO_PATH}`);
}
core.setOutput('distribution', this.distribution);
core.setOutput('path', toolPath);
core.setOutput('version', version);
@ -125353,6 +125581,10 @@ function run() {
const cache = core.getInput(constants.INPUT_CACHE);
const cacheDependencyPath = core.getInput(constants.INPUT_CACHE_DEPENDENCY_PATH);
const checkLatest = (0, util_1.getBooleanInput)(constants.INPUT_CHECK_LATEST, false);
const updateToolchainsOnly = (0, util_1.getBooleanInput)(constants.INPUT_UPDATE_TOOLCHAINS_ONLY, false);
const overwriteSettings = (0, util_1.getBooleanInput)(constants.INPUT_OVERWRITE_SETTINGS, !updateToolchainsOnly);
const updateEnvJavaHome = (0, util_1.getBooleanInput)(constants.INPUT_UPDATE_JAVA_HOME, !updateToolchainsOnly);
const addToEnvPath = (0, util_1.getBooleanInput)(constants.INPUT_ADD_TO_PATH, !updateToolchainsOnly);
let toolchainIds = core.getMultilineInput(constants.INPUT_MVN_TOOLCHAIN_ID);
core.startGroup('Installed distributions');
if (versions.length !== toolchainIds.length) {
@ -125367,7 +125599,11 @@ function run() {
checkLatest,
distributionName,
jdkFile,
toolchainIds
toolchainIds,
updateToolchainsOnly,
overwriteSettings,
updateEnvJavaHome,
addToEnvPath
};
if (!versions.length) {
core.debug('java-version input is empty, looking for java-version-file input');
@ -125385,7 +125621,7 @@ function run() {
core.endGroup();
const matchersPath = path.join(__dirname, '..', '..', '.github');
core.info(`##[add-matcher]${path.join(matchersPath, 'java.json')}`);
yield auth.configureAuthentication();
yield auth.configureAuthentication(overwriteSettings);
if (cache && (0, util_1.isCacheFeatureAvailable)()) {
yield (0, cache_1.restore)(cache, cacheDependencyPath);
}
@ -125398,19 +125634,21 @@ function run() {
run();
function installVersion(version, options, toolchainId = 0) {
return __awaiter(this, void 0, void 0, function* () {
const { distributionName, jdkFile, architecture, packageType, checkLatest, toolchainIds } = options;
const { distributionName, jdkFile, architecture, packageType, checkLatest, toolchainIds, updateToolchainsOnly, overwriteSettings, updateEnvJavaHome, addToEnvPath } = options;
const installerOptions = {
version,
architecture,
packageType,
checkLatest,
version
updateEnvJavaHome,
addToEnvPath
};
const distribution = (0, distribution_factory_1.getJavaDistribution)(distributionName, installerOptions, jdkFile);
if (!distribution) {
throw new Error(`No supported distribution was found for input ${distributionName}`);
}
const result = yield distribution.setupJava();
yield toolchains.configureToolchains(version, distributionName, result.path, toolchainIds[toolchainId]);
yield toolchains.configureToolchains(version, distributionName, result.path, overwriteSettings || updateToolchainsOnly, toolchainIds[toolchainId]);
core.info('');
core.info('Java configuration:');
core.info(` Distribution: ${distributionName}`);
@ -125468,15 +125706,13 @@ const path = __importStar(__nccwpck_require__(71017));
const core = __importStar(__nccwpck_require__(42186));
const io = __importStar(__nccwpck_require__(47351));
const constants = __importStar(__nccwpck_require__(69042));
const util_1 = __nccwpck_require__(92629);
const xmlbuilder2_1 = __nccwpck_require__(70151);
function configureToolchains(version, distributionName, jdkHome, toolchainId) {
function configureToolchains(version, distributionName, jdkHome, updateToolchains, toolchainId) {
return __awaiter(this, void 0, void 0, function* () {
const vendor = core.getInput(constants.INPUT_MVN_TOOLCHAIN_VENDOR) || distributionName;
const id = toolchainId || `${vendor}_${version}`;
const settingsDirectory = core.getInput(constants.INPUT_SETTINGS_PATH) ||
path.join(os.homedir(), constants.M2_DIR);
const overwriteSettings = (0, util_1.getBooleanInput)(constants.INPUT_OVERWRITE_SETTINGS, true);
yield createToolchainsSettings({
jdkInfo: {
version,
@ -125485,20 +125721,20 @@ function configureToolchains(version, distributionName, jdkHome, toolchainId) {
jdkHome
},
settingsDirectory,
overwriteSettings
updateToolchains
});
});
}
exports.configureToolchains = configureToolchains;
function createToolchainsSettings({ jdkInfo, settingsDirectory, overwriteSettings }) {
function createToolchainsSettings({ jdkInfo, settingsDirectory, updateToolchains }) {
return __awaiter(this, void 0, void 0, function* () {
core.info(`Creating ${constants.MVN_TOOLCHAINS_FILE} for JDK version ${jdkInfo.version} from ${jdkInfo.vendor}`);
core.info(`Adding a toolchain entry in ${constants.MVN_TOOLCHAINS_FILE} for JDK version ${jdkInfo.version} from ${jdkInfo.vendor}`);
// when an alternate m2 location is specified use only that location (no .m2 directory)
// otherwise use the home/.m2/ path
yield io.mkdirP(settingsDirectory);
const originalToolchains = yield readExistingToolchainsFile(settingsDirectory);
const updatedToolchains = generateToolchainDefinition(originalToolchains, jdkInfo.version, jdkInfo.vendor, jdkInfo.id, jdkInfo.jdkHome);
yield writeToolchainsFileToDisk(settingsDirectory, updatedToolchains, overwriteSettings);
yield writeToolchainsFileToDisk(settingsDirectory, updatedToolchains, updateToolchains);
});
}
exports.createToolchainsSettings = createToolchainsSettings;
@ -125564,18 +125800,18 @@ function readExistingToolchainsFile(directory) {
return '';
});
}
function writeToolchainsFileToDisk(directory, settings, overwriteSettings) {
function writeToolchainsFileToDisk(directory, settings, updateToolchains) {
return __awaiter(this, void 0, void 0, function* () {
const location = path.join(directory, constants.MVN_TOOLCHAINS_FILE);
const settingsExists = fs.existsSync(location);
if (settingsExists && overwriteSettings) {
core.info(`Overwriting existing file ${location}`);
const toolchainsExists = fs.existsSync(location);
if (toolchainsExists && updateToolchains) {
core.info(`Updating existing file ${location}`);
}
else if (!settingsExists) {
core.info(`Writing to ${location}`);
else if (!toolchainsExists) {
core.info(`Creating file ${location}`);
}
else {
core.info(`Skipping generation of ${location} because file already exists and overwriting is not enabled`);
core.info(`Skipping update of ${location} since file already exists and updating is not enabled`);
return;
}
return fs.writeFileSync(location, settings, {

View File

@ -531,7 +531,7 @@ steps:
Supported files are .java-version and .tool-versions.
In .java-version file, only the version should be specified (e.g., 17.0.7).
In .tool-versions file, java version should be preceded by the java keyword (e.g., java 17.0.7).
The `.java-version` file recognizes all variants of the version description according to [jenv](https://github.com/jenv/jenv). Similarly, the `.tool-versions` file supports version specifications in accordance with [asdf](https://github.com/asdf-vm/asdf) standards, adhering to Semantic Versioning (semver).
The `.java-version` file recognizes all variants of the version description according to [jenv](https://github.com/jenv/jenv). Similarly, the `.tool-versions` file supports version specifications in accordance with [asdf](https://github.com/asdf-vm/asdf) standards, adhering to Semantic Versioning ([semver](https://semver.org/)).
If both java-version and java-version-file inputs are provided, the java-version input will be used.

20
package-lock.json generated
View File

@ -2249,12 +2249,12 @@
}
},
"node_modules/braces": {
"version": "3.0.2",
"resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
"integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
"integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
"dev": true,
"dependencies": {
"fill-range": "^7.0.1"
"fill-range": "^7.1.1"
},
"engines": {
"node": ">=8"
@ -3102,9 +3102,9 @@
}
},
"node_modules/fill-range": {
"version": "7.0.1",
"resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
"integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
"version": "7.1.1",
"resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
"integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
"dev": true,
"dependencies": {
"to-regex-range": "^5.0.1"
@ -5338,9 +5338,9 @@
}
},
"node_modules/undici": {
"version": "5.28.3",
"resolved": "https://registry.npmjs.org/undici/-/undici-5.28.3.tgz",
"integrity": "sha512-3ItfzbrhDlINjaP0duwnNsKpDQk3acHI3gVJ1z4fmwMK31k5G9OVIAMLSIaP6w4FaGkaAkN6zaQO9LUvZ1t7VA==",
"version": "5.28.4",
"resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz",
"integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==",
"dependencies": {
"@fastify/busboy": "^2.0.0"
},

View File

@ -10,17 +10,13 @@ import * as constants from './constants';
import * as gpg from './gpg';
import {getBooleanInput} from './util';
export async function configureAuthentication() {
export async function configureAuthentication(overwriteSettings: boolean) {
const id = core.getInput(constants.INPUT_SERVER_ID);
const username = core.getInput(constants.INPUT_SERVER_USERNAME);
const password = core.getInput(constants.INPUT_SERVER_PASSWORD);
const settingsDirectory =
core.getInput(constants.INPUT_SETTINGS_PATH) ||
path.join(os.homedir(), constants.M2_DIR);
const overwriteSettings = getBooleanInput(
constants.INPUT_OVERWRITE_SETTINGS,
true
);
const gpgPrivateKey =
core.getInput(constants.INPUT_GPG_PRIVATE_KEY) ||
constants.INPUT_DEFAULT_GPG_PRIVATE_KEY;

View File

@ -11,6 +11,9 @@ export const INPUT_SERVER_USERNAME = 'server-username';
export const INPUT_SERVER_PASSWORD = 'server-password';
export const INPUT_SETTINGS_PATH = 'settings-path';
export const INPUT_OVERWRITE_SETTINGS = 'overwrite-settings';
export const INPUT_UPDATE_TOOLCHAINS_ONLY = 'update-toolchains-only';
export const INPUT_UPDATE_JAVA_HOME = 'update-env-javahome';
export const INPUT_ADD_TO_PATH = 'add-to-env-path';
export const INPUT_GPG_PRIVATE_KEY = 'gpg-private-key';
export const INPUT_GPG_PASSPHRASE = 'gpg-passphrase';

View File

@ -10,7 +10,11 @@ import {
JavaInstallerOptions,
JavaInstallerResults
} from './base-models';
import {MACOS_JAVA_CONTENT_POSTFIX} from '../constants';
import {
MACOS_JAVA_CONTENT_POSTFIX,
INPUT_UPDATE_JAVA_HOME,
INPUT_ADD_TO_PATH
} from '../constants';
import os from 'os';
export abstract class JavaBase {
@ -20,6 +24,8 @@ export abstract class JavaBase {
protected packageType: string;
protected stable: boolean;
protected checkLatest: boolean;
protected updateEnvJavaHome: boolean;
protected addToEnvPath: boolean;
constructor(
protected distribution: string,
@ -36,6 +42,8 @@ export abstract class JavaBase {
this.architecture = installerOptions.architecture || os.arch();
this.packageType = installerOptions.packageType;
this.checkLatest = installerOptions.checkLatest;
this.updateEnvJavaHome = installerOptions.updateEnvJavaHome;
this.addToEnvPath = installerOptions.addToEnvPath;
}
protected abstract downloadTool(
@ -163,8 +171,18 @@ export abstract class JavaBase {
protected setJavaDefault(version: string, toolPath: string) {
const majorVersion = version.split('.')[0];
if (this.updateEnvJavaHome) {
core.exportVariable('JAVA_HOME', toolPath);
} else {
core.info(
`Skip updating env.JAVA_HOME according to ${INPUT_UPDATE_JAVA_HOME}`
);
}
if (this.addToEnvPath) {
core.addPath(path.join(toolPath, 'bin'));
} else {
core.info(`Skip adding to env.PATH according to ${INPUT_ADD_TO_PATH}`);
}
core.setOutput('distribution', this.distribution);
core.setOutput('path', toolPath);
core.setOutput('version', version);

View File

@ -3,6 +3,8 @@ export interface JavaInstallerOptions {
architecture: string;
packageType: string;
checkLatest: boolean;
updateEnvJavaHome: boolean;
addToEnvPath: boolean;
}
export interface JavaInstallerResults {

View File

@ -13,6 +13,19 @@ import * as path from 'path';
import {getJavaDistribution} from './distributions/distribution-factory';
import {JavaInstallerOptions} from './distributions/base-models';
interface IInstallerInputsOptions {
architecture: string;
packageType: string;
checkLatest: boolean;
distributionName: string;
jdkFile: string;
toolchainIds: Array<string>;
updateToolchainsOnly: boolean;
overwriteSettings: boolean;
updateEnvJavaHome: boolean;
addToEnvPath: boolean;
}
async function run() {
try {
const versions = core.getMultilineInput(constants.INPUT_JAVA_VERSION);
@ -28,6 +41,23 @@ async function run() {
constants.INPUT_CACHE_DEPENDENCY_PATH
);
const checkLatest = getBooleanInput(constants.INPUT_CHECK_LATEST, false);
const updateToolchainsOnly = getBooleanInput(
constants.INPUT_UPDATE_TOOLCHAINS_ONLY,
false
);
const overwriteSettings = getBooleanInput(
constants.INPUT_OVERWRITE_SETTINGS,
!updateToolchainsOnly
);
const updateEnvJavaHome = getBooleanInput(
constants.INPUT_UPDATE_JAVA_HOME,
!updateToolchainsOnly
);
const addToEnvPath = getBooleanInput(
constants.INPUT_ADD_TO_PATH,
!updateToolchainsOnly
);
let toolchainIds = core.getMultilineInput(constants.INPUT_MVN_TOOLCHAIN_ID);
core.startGroup('Installed distributions');
@ -40,13 +70,17 @@ async function run() {
throw new Error('java-version or java-version-file input expected');
}
const installerInputsOptions: installerInputsOptions = {
const installerInputsOptions: IInstallerInputsOptions = {
architecture,
packageType,
checkLatest,
distributionName,
jdkFile,
toolchainIds
toolchainIds,
updateToolchainsOnly,
overwriteSettings,
updateEnvJavaHome,
addToEnvPath
};
if (!versions.length) {
@ -78,7 +112,7 @@ async function run() {
const matchersPath = path.join(__dirname, '..', '..', '.github');
core.info(`##[add-matcher]${path.join(matchersPath, 'java.json')}`);
await auth.configureAuthentication();
await auth.configureAuthentication(overwriteSettings);
if (cache && isCacheFeatureAvailable()) {
await restore(cache, cacheDependencyPath);
}
@ -91,7 +125,7 @@ run();
async function installVersion(
version: string,
options: installerInputsOptions,
options: IInstallerInputsOptions,
toolchainId = 0
) {
const {
@ -100,14 +134,20 @@ async function installVersion(
architecture,
packageType,
checkLatest,
toolchainIds
toolchainIds,
updateToolchainsOnly,
overwriteSettings,
updateEnvJavaHome,
addToEnvPath
} = options;
const installerOptions: JavaInstallerOptions = {
version,
architecture,
packageType,
checkLatest,
version
updateEnvJavaHome,
addToEnvPath
};
const distribution = getJavaDistribution(
@ -126,6 +166,7 @@ async function installVersion(
version,
distributionName,
result.path,
overwriteSettings || updateToolchainsOnly,
toolchainIds[toolchainId]
);
@ -136,12 +177,3 @@ async function installVersion(
core.info(` Path: ${result.path}`);
core.info('');
}
interface installerInputsOptions {
architecture: string;
packageType: string;
checkLatest: boolean;
distributionName: string;
jdkFile: string;
toolchainIds: Array<string>;
}

View File

@ -19,6 +19,7 @@ export async function configureToolchains(
version: string,
distributionName: string,
jdkHome: string,
updateToolchains: boolean,
toolchainId?: string
) {
const vendor =
@ -27,10 +28,6 @@ export async function configureToolchains(
const settingsDirectory =
core.getInput(constants.INPUT_SETTINGS_PATH) ||
path.join(os.homedir(), constants.M2_DIR);
const overwriteSettings = getBooleanInput(
constants.INPUT_OVERWRITE_SETTINGS,
true
);
await createToolchainsSettings({
jdkInfo: {
@ -40,21 +37,21 @@ export async function configureToolchains(
jdkHome
},
settingsDirectory,
overwriteSettings
updateToolchains
});
}
export async function createToolchainsSettings({
jdkInfo,
settingsDirectory,
overwriteSettings
updateToolchains
}: {
jdkInfo: JdkInfo;
settingsDirectory: string;
overwriteSettings: boolean;
updateToolchains: boolean;
}) {
core.info(
`Creating ${constants.MVN_TOOLCHAINS_FILE} for JDK version ${jdkInfo.version} from ${jdkInfo.vendor}`
`Adding a toolchain entry in ${constants.MVN_TOOLCHAINS_FILE} for JDK version ${jdkInfo.version} from ${jdkInfo.vendor}`
);
// when an alternate m2 location is specified use only that location (no .m2 directory)
// otherwise use the home/.m2/ path
@ -72,7 +69,7 @@ export async function createToolchainsSettings({
await writeToolchainsFileToDisk(
settingsDirectory,
updatedToolchains,
overwriteSettings
updateToolchains
);
}
@ -147,17 +144,17 @@ async function readExistingToolchainsFile(directory: string) {
async function writeToolchainsFileToDisk(
directory: string,
settings: string,
overwriteSettings: boolean
updateToolchains: boolean
) {
const location = path.join(directory, constants.MVN_TOOLCHAINS_FILE);
const settingsExists = fs.existsSync(location);
if (settingsExists && overwriteSettings) {
core.info(`Overwriting existing file ${location}`);
} else if (!settingsExists) {
core.info(`Writing to ${location}`);
const toolchainsExists = fs.existsSync(location);
if (toolchainsExists && updateToolchains) {
core.info(`Updating existing file ${location}`);
} else if (!toolchainsExists) {
core.info(`Creating file ${location}`);
} else {
core.info(
`Skipping generation of ${location} because file already exists and overwriting is not enabled`
`Skipping update of ${location} since file already exists and updating is not enabled`
);
return;
}