Add 'dependency-graph-action' input param

.github/workflows/dependency-submission-save.yml

@@ -0,0 +1,30 @@
+name: Test dependency-submission save
+
+on:
+  workflow_dispatch:
+  push:
+
+permissions:
+  contents: read
+
+env:
+  GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
+
+jobs:
+  dependency-submission-save:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@v4
+    - name: Checkout gradle-build-action for samples
+      uses: actions/checkout@v4
+      with:
+        repository: gradle/gradle-build-action
+        path: gradle-build-action
+    - name: Generate and save dependency graph
+      uses: ./dependency-submission
+      with:
+        build-root-directory: gradle-build-action/.github/workflow-samples/groovy-dsl
+        dependency-graph-action: generate-and-upload
+      env:
+        GITHUB_DEPENDENCY_GRAPH_REF: 'refs/tags/v0.0.1' # Use a different ref to avoid updating the real dependency graph for the repository

.github/workflows/dependency-submission-submit.yml

@@ -0,0 +1,23 @@
+name: Test dependency-submission submit
+
+on:
+  workflow_run:
+    workflows: ['Test dependency-submission save']
+    types: [completed]
+
+permissions:
+  contents: write
+
+env:
+  GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
+
+jobs:
+  dependency-submission-submit:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@v4
+    - name: Download and submit dependency graph
+      uses: ./dependency-submission
+      with:
+        dependency-graph-action: download-and-submit

.github/workflows/dependency-submission.yml

@@ -1,4 +1,4 @@
-name: Smoke test dependency-submission
+name: Test dependency-submission
 
 on:
   workflow_dispatch:

.github/workflows/setup-gradle.yml

@@ -1,4 +1,4 @@
-name: Smoke test setup-gradle
+name: Test setup-gradle
 
 on:
   workflow_dispatch:

dependency-submission/action.yml

@@ -16,13 +16,26 @@ inputs:
       A suitable key can be generated with `openssl rand -base64 16`.
       Configuration-cache data will not be saved/restored without an encryption key being provided.
     required: false
+  dependency-graph-action:
+    description: |
+      Specifies how the dependency-graph should be handled by this action. By default a dependency-graph will be generated and submitted.
+      Valid values are:
+        'generate-and-submit' (default): Generates a dependency graph for the project and submits it in the same Job.
+        'generate-and-upload': Generates a dependency graph for the project and saves it as a workflow artifact.
+        'download-and-submit': Downloads a previously saved dependency-graph and submits it to the repository.
+
+      The `generate-and-upload` and `download-and-submit` options are designed to be used in an untrusted workflow scenario,
+      where the workflow generating the dependency-graph cannot (or should not) be given the `contents: write` permissions
+      required to submit via the Dependency Submission API.
+    required: false
+    default: 'generate-and-submit'
 
 runs:
   using: "composite"
   steps:
     - uses: gradle/gradle-build-action@v3-beta
       with:
-        dependency-graph: generate-and-submit
+        dependency-graph: ${{ inputs.dependency-graph-action }}
         dependency-graph-continue-on-failure: false
         gradle-version: ${{ inputs.gradle-version }}
         build-root-directory: ${{ inputs.build-root-directory }}