Update dependency-submission parameter for consistency

Instead of using 'dependency-graph-action' with some slightly better
values, we now use 'dependency-graph' as the parameter name with a subset
of the options available to 'setup-gradle'.

.github/workflows/dependency-submission-save.yml

@@ -20,6 +20,6 @@ jobs:
       uses: ./dependency-submission
       with:
         build-root-directory: .github/workflow-samples/groovy-dsl
-        dependency-graph-action: generate-and-save
+        dependency-graph: generate-and-upload
       env:
         GITHUB_DEPENDENCY_GRAPH_REF: 'refs/tags/v0.0.1' # Use a different ref to avoid updating the real dependency graph for the repository

.github/workflows/dependency-submission-submit.yml

@@ -20,4 +20,4 @@ jobs:
     - name: Download and submit dependency graph
       uses: ./dependency-submission
       with:
-        dependency-graph-action: retrieve-and-submit
+        dependency-graph: download-and-submit

dependency-submission/README.md

@@ -62,7 +62,7 @@ jobs:
         cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
 
         # Do not attempt to submit the dependency-graph. Save it as a workflow artifact.
-        dependency-graph-action: generate-and-save
+        dependency-graph: generate-and-upload
 ```
 
 ## Integrating the `dependency-review-action`
@@ -107,8 +107,8 @@ This `contents: write` permission is [not available for any workflow that is tri
 This limitation is designed to prevent a malicious pull request from effecting repository changes.
 
 Because of this restriction, we require 2 separate workflows in order to generate and submit a dependency graph:
-1. The first workflow runs directly against the pull request sources and will `generate-and-save` the dependency graph.
-2. The second workflow is triggered on `workflow_run` of the first workflow, and will `retrieve-and-submit` the previously saved dependency graph.
+1. The first workflow runs directly against the pull request sources and will `generate-and-upload` the dependency graph.
+2. The second workflow is triggered on `workflow_run` of the first workflow, and will `download-and-submit` the previously saved dependency graph.
 
 ***Main workflow file***
 ```yaml
@@ -125,15 +125,15 @@ jobs:
     steps:
     - name: Checkout sources
       uses: actions/checkout@v4
-    - name: Generate and submit dependency graph
+    - name: Generate and save dependency graph
       uses: gradle/actions/dependency-submission@v3-beta
       with:
-        dependency-graph-action: generate-and-save
+        dependency-graph: generate-and-upload
 ```
 
 ***Dependent workflow file***
 ```yaml
-name: Retrieve and submit dependency graph
+name: Download and submit dependency graph
 
 on:
   workflow_run:
@@ -147,10 +147,10 @@ jobs:
   submit-dependency-graph:
     runs-on: ubuntu-latest
     steps:
-    - name: Retrieve and submit dependency graph
+    - name: Download and submit dependency graph
       uses: gradle/actions/dependency-submission@v3-beta
       with:
-        dependency-graph-action: retrieve-and-submit # Download saved dependency-graph and submit
+        dependency-graph: download-and-submit # Download saved dependency-graph and submit
 ```
 
 ### Integrating `dependency-review-action` for pull requests from public forked repositories
@@ -180,7 +180,7 @@ jobs:
         retry-on-snapshot-warnings-timeout: 600
 ```
 
-The `retry-on-snapshot-warnings-timeout` (in seconds) needs to be long enough to allow the entire `Generate and save dependency graph` and `Retrieve and submit dependency graph` workflows (above) to complete.
+The `retry-on-snapshot-warnings-timeout` (in seconds) needs to be long enough to allow the entire `Generate and save dependency graph` and `Download and submit dependency graph` workflows (above) to complete.
 
 ## Gradle version compatibility
 

dependency-submission/action.yml

@@ -16,13 +16,13 @@ inputs:
       A suitable key can be generated with `openssl rand -base64 16`.
       Configuration-cache data will not be saved/restored without an encryption key being provided.
     required: false
-  dependency-graph-action:
+  dependency-graph:
     description: |
       Specifies how the dependency-graph should be handled by this action. By default a dependency-graph will be generated and submitted.
       Valid values are:
         'generate-and-submit' (default): Generates a dependency graph for the project and submits it in the same Job.
-        'generate-and-save': Generates a dependency graph for the project and saves it as a workflow artifact.
-        'retrieve-and-submit': Retrieves a previously saved dependency-graph and submits it to the repository.
+        'generate-and-upload': Generates a dependency graph for the project and saves it as a workflow artifact.
+        'download-and-submit': Retrieves a previously saved dependency-graph and submits it to the repository.
 
       The `generate-and-upload` and `download-and-submit` options are designed to be used in an untrusted workflow scenario,
       where the workflow generating the dependency-graph cannot (or should not) be given the `contents: write` permissions
@@ -50,28 +50,11 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - name: Generate and submit dependency graph
-      if: ${{ inputs.dependency-graph-action == 'generate-and-submit' }}
+    - name: Generate dependency graph
+      if: ${{ inputs.dependency-graph == 'generate-and-submit' || inputs.dependency-graph == 'generate-and-upload' }}
       uses: gradle/actions/setup-gradle@v3-beta
       with:
-        dependency-graph: 'generate-and-submit'
-        dependency-graph-continue-on-failure: false
-        gradle-version: ${{ inputs.gradle-version }}
-        build-root-directory: ${{ inputs.build-root-directory }}
-        cache-encryption-key: ${{ inputs.cache-encryption-key }}
-        build-scan-publish: ${{ inputs.build-scan-publish }}
-        build-scan-terms-of-service-url: ${{ inputs.build-scan-terms-of-service-url }}
-        build-scan-terms-of-service-agree: ${{ inputs.build-scan-terms-of-service-agree }}
-        arguments: |
-          --no-configure-on-demand
-          --dependency-verification=off
-          :ForceDependencyResolutionPlugin_resolveAllDependencies
-          ${{ inputs.additional-arguments }}
-    - name: Generate and save dependency graph
-      if: ${{ inputs.dependency-graph-action == 'generate-and-save' }}
-      uses: gradle/actions/setup-gradle@v3-beta
-      with:
-        dependency-graph: generate-and-upload
+        dependency-graph: ${{ inputs.dependency-graph }}
         dependency-graph-continue-on-failure: false
         gradle-version: ${{ inputs.gradle-version }}
         build-root-directory: ${{ inputs.build-root-directory }}
@@ -85,7 +68,7 @@ runs:
           :ForceDependencyResolutionPlugin_resolveAllDependencies
           ${{ inputs.additional-arguments }}
     - name: Download and submit dependency graph
-      if: ${{ inputs.dependency-graph-action == 'retrieve-and-submit' }}
+      if: ${{ inputs.dependency-graph == 'download-and-submit' }}
       uses: gradle/actions/setup-gradle@v3-beta
       with:
         dependency-graph: download-and-submit