From 53eb69ed1bb7bb91c0573604f5214b4c7f97beb3 Mon Sep 17 00:00:00 2001 From: Saad BENBOUZID Date: Tue, 19 Apr 2022 17:15:18 -0400 Subject: [PATCH] add MVN_REPO_URL envvar as an alternative repository manager to download the jar from. Issue #18 --- README.md | 12 ++++++++++++ entrypoint.sh | 12 ++++++++---- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 7cb9751..94297c2 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,16 @@ With the scan deleted automatically, you can create subsequent scans without hav **Optional** STRING - Allows specifying the version of the Java API Wrapper used by the script to call the Veracode APIs. The default is to use the latest released version of the Veracode Java API Wrapper, as [published in Maven Central](https://search.maven.org/search?q=a:vosp-api-wrappers-java). An example of the version string format is `22.5.10.1`. +## Environment variables + +### Optional envvars + +### `MVN_REPO_URL` + +**Optional** STRING - Set to use an alternative maven repository. + +If `MVN_REPO_URL` is set then the jar wrapper is downloaded from this url. Otherwise the default central will be used (`https://repo1.maven.apache.org/maven2`). + ## Example usage The following example will compile and build a Java web applicatin (.war file) from the main branch of the source code repository using Maven. The compiled .war file is then uploaded to Veracode and a static analysis scan is run. @@ -133,6 +143,8 @@ jobs: - name: Veracode Upload And Scan uses: veracode/veracode-uploadandscan-action@0.2.1 +# env: +# MVN_REPO_URL: "https://my.company.com/repository/central" with: appname: 'VeraDemo' createprofile: false diff --git a/entrypoint.sh b/entrypoint.sh index 13319b9..7593485 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -231,16 +231,20 @@ fi echo " -createprofile \"$createprofile\"" >> runJava.sh +if [ ! -n "$MVN_REPO_URL" ]; then + MVN_REPO_URL="https://repo1.maven.apache.org/maven2" +fi + if [ "$javawrapperversion" ] -then +then javawrapperversion=$javawrapperversion else #fetch latest wrapper version from Maven - javawrapperversion=$(curl https://repo1.maven.org/maven2/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/maven-metadata.xml | grep latest | cut -d '>' -f 2 | cut -d '<' -f 1) -fi + javawrapperversion=$(curl $MVN_REPO_URL/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/maven-metadata.xml | grep latest | cut -d '>' -f 2 | cut -d '<' -f 1) +fi echo "javawrapperversion: $javawrapperversion" -curl -sS -o VeracodeJavaAPI.jar "https://repo1.maven.org/maven2/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/$javawrapperversion/vosp-api-wrappers-java-$javawrapperversion.jar" +curl -sS -o VeracodeJavaAPI.jar "$MVN_REPO_URL/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/$javawrapperversion/vosp-api-wrappers-java-$javawrapperversion.jar" chmod 777 runJava.sh cat runJava.sh ./runJava.sh