name: Gradle Dependency Submission
description: Generates a dependency graph for a Gradle project and submits it via the Dependency Submission API

inputs:
  gradle-version:
    description: |
      Gradle version to use. If specified, this Gradle version will be downloaded, added to the PATH and used for invoking Gradle.
      If not provided, it is assumed that the project uses the Gradle Wrapper.
    required: false
  build-root-directory:
    description: Path to the root directory of the build. Default is the root of the GitHub workspace.
    required: false
  cache-encryption-key:
    description: |
      A base64 encoded AES key used to encrypt the configuration-cache data. The key is exported as 'GRADLE_ENCRYPTION_KEY' for later steps. 
      A suitable key can be generated with `openssl rand -base64 16`.
      Configuration-cache data will not be saved/restored without an encryption key being provided.
    required: false
  dependency-graph:
    description: |
      Specifies how the dependency-graph should be handled by this action. By default a dependency-graph will be generated and submitted.
      Valid values are:
        'generate-and-submit' (default): Generates a dependency graph for the project and submits it in the same Job.
        'generate-and-upload': Generates a dependency graph for the project and saves it as a workflow artifact.
        'download-and-submit': Retrieves a previously saved dependency-graph and submits it to the repository.

      The `generate-and-upload` and `download-and-submit` options are designed to be used in an untrusted workflow scenario,
      where the workflow generating the dependency-graph cannot (or should not) be given the `contents: write` permissions
      required to submit via the Dependency Submission API.
    required: false
    default: 'generate-and-submit'
  additional-arguments:
    description: |
      Additional arguments to pass to Gradle. For example, `--no-configuration-cache --stacktrace`.
    required: false

  build-scan-publish:
    description: |
      Set to 'true' to automatically publish build results as a Build Scan on scans.gradle.com.
      For publication to succeed without user input, you must also provide values for `build-scan-terms-of-use-url` and 'build-scan-terms-of-use-agree'.
    required: false
    default: false
  build-scan-terms-of-use-url:
    description: The URL to the Build Scan® terms of use. This input must be set to 'https://gradle.com/help/legal-terms-of-use'.
    required: false
  build-scan-terms-of-use-agree:
    description: Indicate that you agree to the Build Scan® terms of use. This input value must be "yes".
    required: false

  # DEPRECATED ACTION INPUTS
  build-scan-terms-of-service-url:
    description: The URL to the Build Scan® terms of use. This input must be set to 'https://gradle.com/terms-of-service'.
    required: false
    deprecation-message: The input has been renamed to align with the Develocity API. Use 'build-scan-terms-of-use-url' instead.

  build-scan-terms-of-service-agree:
    description: Indicate that you agree to the Build Scan® terms of use. This input value must be "yes".
    required: false
    deprecation-message: The input has been renamed to align with the Develocity API. Use 'build-scan-terms-of-use-agree' instead.

runs:
  using: "composite"
  steps:
    - name: Check no setup-gradle
      shell: bash
      run: |
        if [ -n "${GRADLE_BUILD_ACTION_SETUP_COMPLETED}" ]; then
          echo "The dependency-submission action cannot be used in the same Job as the setup-gradle action. Please use a separate Job for dependency submission."
          exit 1
        fi
    - name: Generate dependency graph
      if: ${{ inputs.dependency-graph == 'generate-and-submit' || inputs.dependency-graph == 'generate-and-upload' }}
      uses: gradle/actions/setup-gradle@v3.2.0
      with:
        dependency-graph: ${{ inputs.dependency-graph }}
        dependency-graph-continue-on-failure: false
        gradle-version: ${{ inputs.gradle-version }}
        build-root-directory: ${{ inputs.build-root-directory }}
        cache-encryption-key: ${{ inputs.cache-encryption-key }}
        build-scan-publish: ${{ inputs.build-scan-publish }}
        build-scan-terms-of-use-url: ${{ inputs.build-scan-terms-of-use-url || inputs.build-scan-terms-of-service-url }}
        build-scan-terms-of-use-agree: ${{ inputs.build-scan-terms-of-use-agree || inputs.build-scan-terms-of-service-agree }}
        artifact-retention-days: 1
        arguments: |
          -Dorg.gradle.configureondemand=false
          -Dorg.gradle.dependency.verification=off
          -Dorg.gradle.unsafe.isolated-projects=false
          :ForceDependencyResolutionPlugin_resolveAllDependencies
          ${{ inputs.additional-arguments }}
    - name: Download and submit dependency graph
      if: ${{ inputs.dependency-graph == 'download-and-submit' }}
      uses: gradle/actions/setup-gradle@v3.2.0
      with:
        dependency-graph: download-and-submit
        dependency-graph-continue-on-failure: false
        cache-disabled: true