Save dependency-graph file as workflow artifact

Diagnosing unexpected dependencies in the GitHub Dependency Graph can be difficult. In order to aid with diagnosis, the `dependency-submission` action will now save each dependency-graph file as a workflow artifact. If this is undesirable, the prior behaviour can be restored by explicitly setting `dependency-graph: generate-and-submit`. Fixes #519
2025-11-26 17:09:10 +08:00 · 2025-01-21 11:41:58 -07:00
parent 28ab4dff3a
commit 245c8a24de
7 changed files with 84 additions and 23 deletions
--- a/sources/src/configuration.ts
+++ b/sources/src/configuration.ts
@@ -20,13 +20,15 @@ export class DependencyGraphConfig {
                return DependencyGraphOption.Generate
            case 'generate-and-submit':
                return DependencyGraphOption.GenerateAndSubmit
+            case 'generate-submit-and-upload':
+                return DependencyGraphOption.GenerateSubmitAndUpload
            case 'generate-and-upload':
                return DependencyGraphOption.GenerateAndUpload
            case 'download-and-submit':
                return DependencyGraphOption.DownloadAndSubmit
        }
        throw TypeError(
-            `The value '${val}' is not valid for 'dependency-graph'. Valid values are: [disabled, generate, generate-and-submit, generate-and-upload, download-and-submit]. The default value is 'disabled'.`
+            `The value '${val}' is not valid for 'dependency-graph'. Valid values are: [disabled, generate, generate-and-submit, generate-submit-and-upload, generate-and-upload, download-and-submit].`
        )
    }

@@ -96,6 +98,7 @@ export enum DependencyGraphOption {
    Disabled = 'disabled',
    Generate = 'generate',
    GenerateAndSubmit = 'generate-and-submit',
+    GenerateSubmitAndUpload = 'generate-submit-and-upload',
    GenerateAndUpload = 'generate-and-upload',
    DownloadAndSubmit = 'download-and-submit'
 }
--- a/sources/src/dependency-graph.ts
+++ b/sources/src/dependency-graph.ts
@@ -60,7 +60,10 @@ export async function complete(config: DependencyGraphConfig): Promise<void> {
            case DependencyGraphOption.DownloadAndSubmit: // Performed in setup
                return
            case DependencyGraphOption.GenerateAndSubmit:
-                await findAndSubmitDependencyGraphs(config)
+                await findAndSubmitDependencyGraphs(config, false)
+                return
+            case DependencyGraphOption.GenerateSubmitAndUpload:
+                await findAndSubmitDependencyGraphs(config, true)
                return
            case DependencyGraphOption.GenerateAndUpload:
                await findAndUploadDependencyGraphs(config)
@@ -83,7 +86,7 @@ async function downloadAndSubmitDependencyGraphs(config: DependencyGraphConfig):
    }
 }

-async function findAndSubmitDependencyGraphs(config: DependencyGraphConfig): Promise<void> {
+async function findAndSubmitDependencyGraphs(config: DependencyGraphConfig, uploadAfterSubmit: boolean): Promise<void> {
    if (isRunningInActEnvironment()) {
        core.info('Dependency graph not supported in the ACT environment.')
        return
@@ -100,6 +103,10 @@ async function findAndSubmitDependencyGraphs(config: DependencyGraphConfig): Pro
        }
        throw e
    }
+
+    if (uploadAfterSubmit) {
+        await uploadDependencyGraphs(dependencyGraphFiles, config)
+    }
 }

 async function findAndUploadDependencyGraphs(config: DependencyGraphConfig): Promise<void> {