KAFKA-18454 Publish build scans to develocity.apache.org (#18539)

This patch includes some maintenance updates for Develocity.

* Publish build scans to develocity.apache.org
* Update Develocity Gradle plugin to to 3.19
* Use `DEVELOCITY_ACCESS_KEY` to authenticate to `develocity.apache.org`

Reviewers: Chia-Ping Tsai <chia7712@gmail.com>, David Arthur <mumrah@gmail.com>

.github/scripts/develocity_reports.py

@@ -790,15 +790,12 @@ def main():
     token = None
     if os.environ.get("DEVELOCITY_ACCESS_TOKEN"):
         token = os.environ.get("DEVELOCITY_ACCESS_TOKEN")
-    elif os.environ.get("GE_ACCESS_TOKEN"):
-        # Special case for when we run in GHA
-        token = os.environ.get("GE_ACCESS_TOKEN").removeprefix("ge.apache.org=")
     else:
         print("No auth token was specified. You must set DEVELOCITY_ACCESS_TOKEN to your personal access token.")
         exit(1)
 
     # Configuration
-    BASE_URL = "https://ge.apache.org"
+    BASE_URL = "https://develocity.apache.org"
     PROJECT = "kafka"
     QUARANTINE_THRESHOLD_DAYS = 7
     MIN_FAILURE_RATE = 0.1

.github/workflows/build.yml

@@ -103,7 +103,7 @@ jobs:
           java-version: 23
           gradle-cache-read-only: ${{ !inputs.is-trunk }}
           gradle-cache-write-only: ${{ inputs.is-trunk }}
-          develocity-access-key: ${{ secrets.GE_ACCESS_TOKEN }}
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
       - name: Compile and validate
         env:
           SCAN_ARG: ${{ inputs.is-public-fork && '--no-scan' || '--scan' }}
@@ -168,7 +168,7 @@ jobs:
           java-version: ${{ matrix.java }}
           gradle-cache-read-only: ${{ !inputs.is-trunk }}
           gradle-cache-write-only: ${{ inputs.is-trunk }}
-          develocity-access-key: ${{ secrets.GE_ACCESS_TOKEN }}
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
 
       # If the load-catalog job failed, we won't be able to download the artifact. Since we don't want this to fail
       # the overall workflow, so we'll continue here without a test catalog.

.github/workflows/ci-complete.yml

@@ -30,7 +30,7 @@ run-name: Build Scans for ${{ github.event.workflow_run.display_title}}
 #
 # This "workflow_run" triggered workflow is run in a privileged context and so does have access to
 # the repository secrets. Here we can download the build scan files produced by a PR and publish
-# them to ge.apache.org.
+# them to develocity.apache.org.
 #
 # If we need to do things like comment on, label, or otherwise modify PRs from public forks. This
 # workflow is the place to do it. PR number is ${{ github.event.workflow_run.pull_requests[0].number }}
@@ -59,7 +59,7 @@ jobs:
         uses: ./.github/actions/setup-gradle
         with:
           java-version: ${{ matrix.java }}
-          develocity-access-key: ${{ secrets.GE_ACCESS_TOKEN }}
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
       - name: Download build scan archive
         id: download-build-scan
         uses: actions/download-artifact@v4

.github/workflows/deflake.yml

@@ -50,7 +50,7 @@ jobs:
         with:
           java-version: ${{ inputs.java-version }}
           gradle-cache-read-only: true
-          develocity-access-key: ${{ secrets.GE_ACCESS_TOKEN }}
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
       - name: Test
         timeout-minutes: 60
         id: junit-test

settings.gradle

@@ -14,7 +14,7 @@
 // limitations under the License.
 
 plugins {
-    id 'com.gradle.develocity' version '3.17.6'
+    id 'com.gradle.develocity' version '3.19'
     id 'com.gradle.common-custom-user-data-gradle-plugin' version '2.0.2'
 }
 
@@ -22,7 +22,7 @@ def isGithubActions = System.getenv('GITHUB_ACTIONS') != null
 def currentJvm = JavaVersion.current()
 
 develocity {
-    server = "https://ge.apache.org"
+    server = "https://develocity.apache.org"
     projectId = "kafka"
     buildScan {
         uploadInBackground = !isGithubActions