Skip to content
This repository was archived by the owner on Feb 21, 2025. It is now read-only.
This repository was archived by the owner on Feb 21, 2025. It is now read-only.

Incorrect endpoint used to submit Dependency Graph on GitHub Enterprise #885

Closed
Closed
Incorrect endpoint used to submit Dependency Graph on GitHub Enterprise#885
Labels
bugSomething isn't working
Milestone
2.8.1
@n0rdy

Description

@n0rdy
n0rdy
opened on Sep 13, 2023

Hello there!

Thanks for the development of this plugin, and especially for the recent Dependency Graph Submission feature - it's pretty useful to make Dependabot work with Gradle.

While configuring the workflow, I experienced the issue that happens in the post-action stage:

Warning: Unhandled error in Gradle post-action - job will continue: HttpError: Not Found
HttpError: Not Found
    at /runner/_work/_actions/gradle/gradle-build-action/v2/dist/post/index.js:50[98]
    at processTicksAndRejections (node:internal/process/task_queues:96:5)

Some context:

  • it happens for the GitHub Enterprise Server (we using v.3.8.1)
  • our workflow setup looks like this:
name: Gradle Dependency Submission
on:
  push:
    branches:
         - main

jobs:
  gradle-action-detection:
    runs-on: [ ubuntu-latest ]
    permissions:
      contents: write
    steps:
      - name: 'Checkout Repository'
        uses: actions/checkout@v4

      - name: Setup Java 17
        uses: actions/setup-java@v3
        with:
          java-version: '17'
          distribution: corretto

      - name: Setup Gradle to generate and submit dependency graphs
        uses: gradle/gradle-build-action@v2
        with:
          dependency-graph: generate-and-submit

      - name: Run a build, generating the dependency graph snapshot which will be submitted
        run: ./gradlew build

The provided error happens for the Post Setup Gradle to generate and submit dependency graphs step.

Based on the logs, I can see that the error is originated here:

await submitDependencyGraphs(await uploadDependencyGraphs())

when the submitDependencyGraphs method is called.

I noticed that there is the exact endpoint hardcoded, so I wonder whether that could be somehow related to the differences between the regular GitHub and GitHub Enterprise: according to the GitHub Docs, there is a slight diff:

  • regular GitHub: https://api.github.com/repos/OWNER/REPO/dependency-graph/snapshots
  • GitHub Enterprise: http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dependency-graph/snapshots

Maybe, it seems like this might be somehow resolved by the Octokit library you are using under the hood. However, I didn't manage to find the answer while browsing the codebase.

Also, I double-checked that:

  • the Dependency Submission endpoint is available within our GitHub server
  • tried calling it with different scenarios via curl (without a token, without /api/v3, with the wrong token), and I can't get a Not found response from it - so it doesn't seem to be some permissions-related issue.

Question:
Is it me doing something wrong, or is it something that is not supported by this action?

Any help here is appreciated.
Thanks a lot!

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      pFad - Phonifier reborn

      Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

      Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


      Alternative Proxies:

      Alternative Proxy

      pFad Proxy

      pFad v3 Proxy

      pFad v4 Proxy