Spotbugs support for Custom Certs not working as expected
Summary
Spotbugs support for custom certs using $ADDITIONAL_CA_CERT_BUNDLE
does not work as expected.
This regression was likely introduced with the switch to asdf for version management with https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs/-/blob/master/CHANGELOG.md#v2120 which refactored java version management
Steps to reproduce
Attempt to use custom certs to build application using spotbugs
Example Project
What is the current bug behavior?
Certs are not copied to $JAVA_HOME
as expected
What is the expected correct behavior?
Certs should be copied to $JAVA_HOME
as expected
Output of checks
This bug happens on GitLab.com
Possible fixes
Copy certs to $JAVA_HOME
path after SetupSystemJava
instead of within start.sh
See gitlab-org/security-products/analyzers/spotbugs!43 (merged) for original testing steps
Edited by Lucas Charles