Allow flexible use of dependency-graph support

Adds a 'dependency-graph' parameter that has 4 options: 1. 'disabled': no dependency graph files generated (the default) 2. 'generate': dependency graph files will be generated and saved as artifacts. 3. 'generate-and-submit': dependency graph files will be generated, saved as artifacts, and submitted to the Dependency Submission API on job completion. 4. 'download-and-submit': any previously uploaded dependency graph artifacts will be downloaded and submitted to the Dependency Submission API.
2025-09-14 11:42:22 +08:00 · 2023-07-05 12:33:47 -06:00
parent 820b228f28
commit 063cc1c708
5 changed files with 62 additions and 14 deletions
--- a/action.yml
+++ b/action.yml
@@ -58,10 +58,10 @@ inputs:
    required: false
    default: true

-  generate-dependency-graph:
-    description: When 'true', a dependency graph snapshot will be generated for Gradle builds.
+  dependency-graph:
+    description: Specifies if a GitHub dependency snapshot should be generated for each Gradle build, and if so, how. Valid values are 'disabled' (default), 'generate', 'generate-and-submit' and 'download-and-submit'.
    required: false
-    default: false
+    default: 'disabled'

  # EXPERIMENTAL & INTERNAL ACTION INPUTS
  # The following action properties allow fine-grained tweaking of the action caching behaviour.
@@ -80,6 +80,11 @@ inputs:
    required: false
    default: false

+  github-token:
+    description: The GitHub token used to authenticate when submitting via the Dependency Submission API.
+    default: ${{ github.token }}
+    required: false
+
 outputs:
  build-scan-url:
    description: Link to the build scan if any