add MVN_REPO_URL envvar as an alternative repository manager to downl…

…oad the jar from. Issue veracode#18
Macadoshis · Jun 20, 2022 · 53eb69e · 53eb69e
1 parent ddbd6a6
commit 53eb69e
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -109,6 +109,16 @@ With the scan deleted automatically, you can create subsequent scans without hav
 
 **Optional** STRING - Allows specifying the version of the Java API Wrapper used by the script to call the Veracode APIs. The default is to use the latest released version of the Veracode Java API Wrapper, as [published in Maven Central](https://search.maven.org/search?q=a:vosp-api-wrappers-java). An example of the version string format is `22.5.10.1`.
 
+## Environment variables
+
+### Optional envvars
+
+### `MVN_REPO_URL`
+
+**Optional** STRING - Set to use an alternative maven repository.
+
+If `MVN_REPO_URL` is set then the jar wrapper is downloaded from this url. Otherwise the default central will be used (`https://repo1.maven.apache.org/maven2`).
+
 ## Example usage
 
 The following example will compile and build a Java web applicatin (.war file) from the main branch of the source code repository using Maven. The compiled .war file is then uploaded to Veracode and a static analysis scan is run.
@@ -133,6 +143,8 @@ jobs:
 
       - name: Veracode Upload And Scan
         uses: veracode/veracode-uploadandscan-action@0.2.1
+#        env:
+#          MVN_REPO_URL: "https://my.company.com/repository/central"
         with:
           appname: 'VeraDemo'
           createprofile: false

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -231,16 +231,20 @@ fi
 
 echo "        -createprofile \"$createprofile\"" >> runJava.sh
 
+if [ ! -n "$MVN_REPO_URL" ]; then
+  MVN_REPO_URL="https://repo1.maven.apache.org/maven2"
+fi
+
 if [ "$javawrapperversion" ]
-then 
+then
     javawrapperversion=$javawrapperversion
 else #fetch latest wrapper version from Maven
-    javawrapperversion=$(curl https://repo1.maven.org/maven2/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/maven-metadata.xml | grep latest |  cut -d '>' -f 2 | cut -d '<' -f 1)
-fi 
+    javawrapperversion=$(curl $MVN_REPO_URL/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/maven-metadata.xml | grep latest |  cut -d '>' -f 2 | cut -d '<' -f 1)
+fi
 
 echo "javawrapperversion: $javawrapperversion"
 
-curl -sS -o VeracodeJavaAPI.jar "https://repo1.maven.org/maven2/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/$javawrapperversion/vosp-api-wrappers-java-$javawrapperversion.jar"
+curl -sS -o VeracodeJavaAPI.jar "$MVN_REPO_URL/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/$javawrapperversion/vosp-api-wrappers-java-$javawrapperversion.jar"
 chmod 777 runJava.sh
 cat runJava.sh
 ./runJava.sh