From cebb38483737295757e86ac1070ac22b9b40f894 Mon Sep 17 00:00:00 2001
From: Jan Dusil <jan.dusil@wultra.com>
Date: Tue, 8 Aug 2023 16:10:10 +0200
Subject: [PATCH 1/5] Fix #31 Force codeql analysis to use internal repos  -
 Add JAVA_TOOL_OPTIONS for the codeql autobuild

---
 .github/workflows/codeql-analysis.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 8a10fb8..2158c43 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -43,6 +43,8 @@ jobs:
 
       - name: Autobuild
         uses: github/codeql-action/autobuild@v2
+        env:
+          JAVA_TOOL_OPTIONS: '-DuseInternalRepo=true'
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2

From cc36f90379cff4f939dd93ea076141e088cc09b7 Mon Sep 17 00:00:00 2001
From: Jan Dusil <jan.dusil@wultra.com>
Date: Tue, 15 Aug 2023 14:52:59 +0200
Subject: [PATCH 2/5] Fix #31 Force codeql analysis to use internal repos  -
 Add MAVEN_ARGS for the codeql autobuild  - Add jfrog credentials

---
 .github/workflows/codeql-analysis.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 2158c43..a772f6f 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -34,6 +34,9 @@ jobs:
         with:
           java-version: ${{ inputs.java-version }}
           distribution: 'temurin'
+          server-id: ${{inputs.server-id}} #server id has to be passed this way it will not work via env in the test step
+          server-username: INTERNAL_USERNAME
+          server-password: INTERNAL_PASSWORD
           cache: maven
 
       - name: Initialize CodeQL
@@ -44,7 +47,10 @@ jobs:
       - name: Autobuild
         uses: github/codeql-action/autobuild@v2
         env:
-          JAVA_TOOL_OPTIONS: '-DuseInternalRepo=true'
+          MAVEN_ARGS: '-DuseInternalRepo=true'
+          # those are not environmental secret, but global secret - for readonly access to artifactory, credentials has to be passed this way
+          INTERNAL_USERNAME: ${{ secrets.JFROG_USERNAME }}
+          INTERNAL_PASSWORD: ${{ secrets.JFROG_PASSWORD }}
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2

From 0ad615069409c7fdc89252ac7c86f0452bc6655f Mon Sep 17 00:00:00 2001
From: Jan Dusil <jan.dusil@wultra.com>
Date: Tue, 15 Aug 2023 14:57:33 +0200
Subject: [PATCH 3/5] Fix #31 Force codeql analysis to use internal repos  -
 Add input for server-id

---
 .github/workflows/codeql-analysis.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index a772f6f..e842e3b 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -10,6 +10,11 @@ on:
         required: false
         type: string
         default: '17'
+      server-id:
+        type: string
+        description: server for reading the artifacts, should be always jfrog-central
+        default: jfrog-central
+        required: false
 
 jobs:
   analyze:

From b07d1c9f98c3c0ccf308bddf36143a052d9bccae Mon Sep 17 00:00:00 2001
From: Jan Dusil <jan.dusil@wultra.com>
Date: Tue, 15 Aug 2023 15:07:51 +0200
Subject: [PATCH 4/5] Fix #31 Force codeql analysis to use internal repos  -
 Switch back to JAVA TOOL OPTIONS

---
 .github/workflows/codeql-analysis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index e842e3b..648b6ba 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -52,7 +52,7 @@ jobs:
       - name: Autobuild
         uses: github/codeql-action/autobuild@v2
         env:
-          MAVEN_ARGS: '-DuseInternalRepo=true'
+          JAVA_TOOL_OPTIONS: '-DuseInternalRepo=true'
           # those are not environmental secret, but global secret - for readonly access to artifactory, credentials has to be passed this way
           INTERNAL_USERNAME: ${{ secrets.JFROG_USERNAME }}
           INTERNAL_PASSWORD: ${{ secrets.JFROG_PASSWORD }}

From 756bde6dac67041ce755ff3dd01cfbfc370f8117 Mon Sep 17 00:00:00 2001
From: Jan Dusil <jan.dusil@wultra.com>
Date: Tue, 15 Aug 2023 15:26:43 +0200
Subject: [PATCH 5/5] Fix #31 Force codeql analysis to use internal repos  -
 Cleanup

---
 .github/workflows/codeql-analysis.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 648b6ba..b5f334f 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -53,7 +53,6 @@ jobs:
         uses: github/codeql-action/autobuild@v2
         env:
           JAVA_TOOL_OPTIONS: '-DuseInternalRepo=true'
-          # those are not environmental secret, but global secret - for readonly access to artifactory, credentials has to be passed this way
           INTERNAL_USERNAME: ${{ secrets.JFROG_USERNAME }}
           INTERNAL_PASSWORD: ${{ secrets.JFROG_PASSWORD }}