From 817ff850ba1a432b390cacd4c51653f75c5ec383 Mon Sep 17 00:00:00 2001
From: Jan Dusil <134381434+jandusil@users.noreply.github.com>
Date: Tue, 15 Aug 2023 15:42:14 +0200
Subject: [PATCH] Fix #31 Force codeql analysis to use internal repos (#32)

* Fix #31 Force codeql analysis to use internal repos
 - Add JAVA_TOOL_OPTIONS for the codeql autobuild
 - Add jfrog credentials
 - Add input for server-id
 - Cleanup
---
 .github/workflows/codeql-analysis.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 8a10fb8..b5f334f 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -10,6 +10,11 @@ on:
         required: false
         type: string
         default: '17'
+      server-id:
+        type: string
+        description: server for reading the artifacts, should be always jfrog-central
+        default: jfrog-central
+        required: false
 
 jobs:
   analyze:
@@ -34,6 +39,9 @@ jobs:
         with:
           java-version: ${{ inputs.java-version }}
           distribution: 'temurin'
+          server-id: ${{inputs.server-id}} #server id has to be passed this way it will not work via env in the test step
+          server-username: INTERNAL_USERNAME
+          server-password: INTERNAL_PASSWORD
           cache: maven
 
       - name: Initialize CodeQL
@@ -43,6 +51,10 @@ jobs:
 
       - name: Autobuild
         uses: github/codeql-action/autobuild@v2
+        env:
+          JAVA_TOOL_OPTIONS: '-DuseInternalRepo=true'
+          INTERNAL_USERNAME: ${{ secrets.JFROG_USERNAME }}
+          INTERNAL_PASSWORD: ${{ secrets.JFROG_PASSWORD }}
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2