feat(gradle): support private submodules

.github/workflows/gradle-library-check.yml

@@ -18,6 +18,10 @@ on:
         description: If JUnit test results are expected
         default: true
         type: boolean
+      submodules:
+        # see https://github.com/actions/checkout
+        default: 'false'
+        type: string
       checkout-ref:
         description: Custom ref to check out
         type: string
@@ -46,6 +50,7 @@ jobs:
       java-version: ${{ inputs.java-version }}
       multi-module: ${{ inputs.multi-module }}
       expect-tests: ${{ inputs.expect-tests }}
+      submodules: ${{ inputs.submodules }}
       checkout-ref: ${{ inputs.checkout-ref }}
       skip-scan: ${{ inputs.skip-scan }}
       upload-artifact-path: ${{ inputs.upload-artifact-path }}

.github/workflows/gradle-library-publish.yml

@@ -23,6 +23,10 @@ on:
         description: If JUnit test results are expected
         default: true
         type: boolean
+      submodules:
+        # see https://github.com/actions/checkout
+        default: 'false'
+        type: string
       checkout-ref:
         description: Custom ref to check out
         type: string
@@ -70,6 +74,7 @@ jobs:
       java-version: ${{ inputs.java-version }}
       multi-module: ${{ inputs.multi-module }}
       expect-tests: ${{ inputs.expect-tests }}
+      submodules: ${{ inputs.submodules }}
       checkout-ref: ${{ inputs.checkout-ref }}
       skip-scan: ${{ inputs.skip-scan }}
       upload-artifact-path: ${{ inputs.upload-artifact-path }}

.github/workflows/gradle-library.yml

@@ -108,6 +108,8 @@ jobs:
           persist-credentials: false
           # fetch-depth 0 is required to fetch all tags (and to determine the version based on tags)
           fetch-depth: ${{ inputs.publish-tasks != '' && '0' || '1' }}
+          # provide a token in case submodules are enabled and private (secret is expected to be present)
+          token: ${{ inputs.submodules != 'false' && secrets.GH_PAT || github.token }}
 
       #
       # Login to Docker Hub

.github/workflows/gradle-service-check.yml

@@ -30,6 +30,10 @@ on:
         description: If JUnit test results are expected
         default: true
         type: boolean
+      submodules:
+        # see https://github.com/actions/checkout
+        default: 'false'
+        type: string
       checkout-ref:
         description: Custom ref to check out
         type: string
@@ -55,6 +59,7 @@ jobs:
       image-tag-3: ${{ inputs.image-tag-3 }}
       multi-module: ${{ inputs.multi-module }}
       expect-tests: ${{ inputs.expect-tests }}
+      submodules: ${{ inputs.submodules }}
       checkout-ref: ${{ inputs.checkout-ref }}
       notify-failure: false
     secrets: inherit

.github/workflows/gradle-service-publish.yml

@@ -35,6 +35,10 @@ on:
         description: If JUnit test results are expected
         default: true
         type: boolean
+      submodules:
+        # see https://github.com/actions/checkout
+        default: 'false'
+        type: string
       checkout-ref:
         description: Custom ref to check out
         type: string
@@ -73,6 +77,7 @@ jobs:
       image-tag-3: ${{ inputs.image-tag-3 }}
       multi-module: ${{ inputs.multi-module }}
       expect-tests: ${{ inputs.expect-tests }}
+      submodules: ${{ inputs.submodules }}
       checkout-ref: ${{ inputs.checkout-ref }}
       semantic-release: ${{ inputs.semantic-release }}
       semantic-release-dryrun: ${{ inputs.semantic-release-dryrun }}

.github/workflows/gradle-service.yml

@@ -104,6 +104,8 @@ jobs:
           persist-credentials: false
           # fetch-depth 0 is required to fetch all tags (and to determine the version based on tags)
           fetch-depth: ${{ inputs.publish-tasks != '' && '0' || '1' }}
+          # provide a token in case submodules are enabled and private (secret is expected to be present)
+          token: ${{ inputs.submodules != 'false' && secrets.GH_PAT || github.token }}
 
       # For each environment variable's key-value pair, mask the value from logs.
       - name: Populate custom environment variables