Update deps and switch to autogen docs

README.md

@@ -59,7 +59,9 @@ jobs:
 
 ## Inputs
 
--   `secrets`: (Required) The list of secrets to access and inject into the
+<!-- BEGIN_AUTOGEN_INPUTS -->
+
+-   <a name="secrets"></a><a href="#user-content-secrets"><code>secrets</code></a>: _(Required)_ The list of secrets to access and inject into the
     environment. Due to limitations with GitHub Actions inputs, this is
     specified as a string.
 
@@ -87,39 +89,47 @@ jobs:
     <project-id>/<secret-id>
     ```
 
-- `min_mask_length`: (Optional, default: "4") Minimum line length for a secret
-  to be masked. Extremely short secrets (e.g. "{" or "a") can make GitHub
-  Actions log output unreadable. This is especially important for multi-line
-  secrets, since each line of the secret is masked independently.
+-   <a name="min_mask_length"></a><a href="#user-content-min_mask_length"><code>min_mask_length</code></a>: _(Optional, default: `4`)_ Minimum line length for a secret to be masked. Extremely short secrets
+    (e.g. `{` or `a`) can make GitHub Actions log output unreadable. This is
+    especially important for multi-line secrets, since each line of the secret
+    is masked independently.
+
+-   <a name="export_to_environment"></a><a href="#user-content-export_to_environment"><code>export_to_environment</code></a>: _(Optional)_ Make the fetched secrets additionally available as environment variables.
+
+
+<!-- END_AUTOGEN_INPUTS -->
 
 
 ## Outputs
 
-Each secret is prefixed with an output name. The secret's resolved access value
-will be available at that output in future build steps.
+<!-- BEGIN_AUTOGEN_OUTPUTS -->
 
-For example:
+-   `secrets`: Each secret is prefixed with an output name. The secret's resolved access
+    value will be available at that output in future build steps. For example:
 
-```yaml
-jobs:
-  job_id:
-    steps:
-    - id: 'secrets'
-      uses: 'google-github-actions/get-secretmanager-secrets@v2'
-      with:
-        secrets: |-
-          token:my-project/docker-registry-token
-```
+    ```yaml
+    jobs:
+      job_id:
+        steps:
+        - id: 'secrets'
+          uses: 'google-github-actions/get-secretmanager-secrets@v2'
+          with:
+            secrets: |-
+              token:my-project/docker-registry-token
+    ```
 
-will be available in future steps as the output "token":
+    will be available in future steps as the output "token":
 
-```yaml
-# other step
-- id: 'publish'
-  uses: 'foo/bar@v1'
-  env:
-    TOKEN: '${{ steps.secrets.outputs.token }}'
-```
+    ```yaml
+    # other step
+    - id: 'publish'
+      uses: 'foo/bar@v1'
+      env:
+        TOKEN: '${{ steps.secrets.outputs.token }}'
+    ```
+
+
+<!-- END_AUTOGEN_OUTPUTS -->
 
 
 ## Authorization

action.yml

@@ -21,26 +21,77 @@ description: |-
 inputs:
   secrets:
     description: |-
-      Comma-separated or newline-separated list of secrets to fetch. Secrets
-      must be of the format <project>/<secret> or <project>/<secret>/<version>.
+      The list of secrets to access and inject into the
+      environment. Due to limitations with GitHub Actions inputs, this is
+      specified as a string.
+
+      You can specify multiple secrets by putting each secret on its own line:
+
+      ```yaml
+      secrets: |-
+        output1:my-project/my-secret1
+        output2:my-project/my-secret2
+      ```
+
+      Secrets can be referenced using the following formats:
+
+      ```text
+      # Long form
+      projects/<project-id>/secrets/<secret-id>/versions/<version-id>
+
+      # Long form - "latest" version
+      projects/<project-id>/secrets/<secret-id>
+
+      # Short form
+      <project-id>/<secret-id>/<version-id>
+
+      # Short form - "latest" version
+      <project-id>/<secret-id>
+      ```
     required: true
 
   min_mask_length:
     description: |-
       Minimum line length for a secret to be masked. Extremely short secrets
-      (e.g. "{" or "a") can make GitHub Actions log output unreadable. This is
+      (e.g. `{` or `a`) can make GitHub Actions log output unreadable. This is
       especially important for multi-line secrets, since each line of the secret
       is masked independently.
     required: false
     default: '4'
 
   export_to_environment:
     description: |-
-      This makes the fetched secrets available as environment variables. The
-      secrets will still be available as output, if you enable this.
+      Make the fetched secrets additionally available as environment variables.
     required: false
     default: false
 
+outputs:
+  secrets:
+    description: |-
+      Each secret is prefixed with an output name. The secret's resolved access
+      value will be available at that output in future build steps. For example:
+
+      ```yaml
+      jobs:
+        job_id:
+          steps:
+          - id: 'secrets'
+            uses: 'google-github-actions/get-secretmanager-secrets@v2'
+            with:
+              secrets: |-
+                token:my-project/docker-registry-token
+      ```
+
+      will be available in future steps as the output "token":
+
+      ```yaml
+      # other step
+      - id: 'publish'
+        uses: 'foo/bar@v1'
+        env:
+          TOKEN: '${{ steps.secrets.outputs.token }}'
+      ```
+
 branding:
   icon: 'lock'
   color: 'blue'