Use separate steps in composite action

2025-08-18 23:01:27 +08:00 · 2024-01-22 11:13:02 -07:00 · 2024-01-22 11:13:02 -07:00 · d731f29856
commit d731f29856
parent 23b4b1d03b
3 changed files with 29 additions and 6 deletions
--- a/.github/workflows/dependency-submission-save.yml
+++ b/.github/workflows/dependency-submission-save.yml
@ -25,6 +25,6 @@ jobs:
      uses: ./dependency-submission
      with:
        build-root-directory: gradle-build-action/.github/workflow-samples/groovy-dsl
-        dependency-graph-action: generate-and-upload
+        dependency-graph-action: generate-and-save
      env:
        GITHUB_DEPENDENCY_GRAPH_REF: 'refs/tags/v0.0.1' # Use a different ref to avoid updating the real dependency graph for the repository
--- a/.github/workflows/dependency-submission-submit.yml
+++ b/.github/workflows/dependency-submission-submit.yml
@ -20,4 +20,4 @@ jobs:
    - name: Download and submit dependency graph
      uses: ./dependency-submission
      with:
-        dependency-graph-action: download-and-submit
+        dependency-graph-action: retrieve-and-submit
--- a/dependency-submission/action.yml
+++ b/dependency-submission/action.yml
@ -21,8 +21,8 @@ inputs:
      Specifies how the dependency-graph should be handled by this action. By default a dependency-graph will be generated and submitted.
      Valid values are:
        'generate-and-submit' (default): Generates a dependency graph for the project and submits it in the same Job.
-        'generate-and-upload': Generates a dependency graph for the project and saves it as a workflow artifact.
-        'download-and-submit': Downloads a previously saved dependency-graph and submits it to the repository.
+        'generate-and-save': Generates a dependency graph for the project and saves it as a workflow artifact.
+        'retrieve-and-submit': Retrieves a previously saved dependency-graph and submits it to the repository.

      The `generate-and-upload` and `download-and-submit` options are designed to be used in an untrusted workflow scenario,
      where the workflow generating the dependency-graph cannot (or should not) be given the `contents: write` permissions
@ -33,9 +33,11 @@ inputs:
 runs:
  using: "composite"
  steps:
-    - uses: gradle/gradle-build-action@v3-beta
+    - name: Generate and submit dependency graph
+      if: ${{ inputs.dependency-graph-action == 'generate-and-submit' }}
+      uses: gradle/gradle-build-action@v3-beta
      with:
-        dependency-graph: ${{ inputs.dependency-graph-action }}
+        dependency-graph: 'generate-and-submit'
        dependency-graph-continue-on-failure: false
        gradle-version: ${{ inputs.gradle-version }}
        build-root-directory: ${{ inputs.build-root-directory }}
@ -45,3 +47,24 @@ runs:
          --dependency-verification=off
          --stacktrace
          :ForceDependencyResolutionPlugin_resolveAllDependencies
+    - name: Generate and save dependency graph
+      if: ${{ inputs.dependency-graph-action == 'generate-and-save' }}
+      uses: gradle/gradle-build-action@v3-beta
+      with:
+        dependency-graph: generate-and-upload
+        dependency-graph-continue-on-failure: false
+        gradle-version: ${{ inputs.gradle-version }}
+        build-root-directory: ${{ inputs.build-root-directory }}
+        cache-encryption-key: ${{ inputs.cache-encryption-key }}
+        arguments: |
+          --no-configure-on-demand
+          --dependency-verification=off
+          --stacktrace
+          :ForceDependencyResolutionPlugin_resolveAllDependencies
+    - name: Download and submit dependency graph
+      if: ${{ inputs.dependency-graph-action == 'retrieve-and-submit' }}
+      uses: gradle/gradle-build-action@v3-beta
+      with:
+        dependency-graph: download-and-submit
+        dependency-graph-continue-on-failure: false
+        cache-disabled: true