Fix #31 Force codeql analysis to use internal repos (#32)

* Fix #31 Force codeql analysis to use internal repos - Add JAVA_TOOL_OPTIONS for the codeql autobuild - Add jfrog credentials - Add input for server-id - Cleanup
wultra · Aug 15, 2023 · 817ff85 · 817ff85
1 parent 08f4f59
commit 817ff85
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -10,6 +10,11 @@ on:
         required: false
         type: string
         default: '17'
+      server-id:
+        type: string
+        description: server for reading the artifacts, should be always jfrog-central
+        default: jfrog-central
+        required: false
 
 jobs:
   analyze:
@@ -34,6 +39,9 @@ jobs:
         with:
           java-version: ${{ inputs.java-version }}
           distribution: 'temurin'
+          server-id: ${{inputs.server-id}} #server id has to be passed this way it will not work via env in the test step
+          server-username: INTERNAL_USERNAME
+          server-password: INTERNAL_PASSWORD
           cache: maven
 
       - name: Initialize CodeQL
@@ -43,6 +51,10 @@ jobs:
 
       - name: Autobuild
         uses: github/codeql-action/autobuild@v2
+        env:
+          JAVA_TOOL_OPTIONS: '-DuseInternalRepo=true'
+          INTERNAL_USERNAME: ${{ secrets.JFROG_USERNAME }}
+          INTERNAL_PASSWORD: ${{ secrets.JFROG_PASSWORD }}
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2