License Finder cannot analyze maven projects with versions of java that are not pre-installed

Summary

License Finder has an environment variable (ASDF_JAVA_VERSION) for selecting a version of java not installed in the docker image. However, the analyzer crashes when a new version is specified because the analyzer doesn't install maven alongside java. The analyzer needs maven since it runs the org.codehaus.mojo:license-maven-plugin:aggregate-download-licenses task when getting licenses.

Steps to reproduce

set ASDF_JAVA_VERSION to adoptopenjdk-16.0.0+36 (not currently packaged with docker container)
run license finder on a maven project

Example Project

https://gitlab.com/gitlab-org/security-products/tests/java-maven/

Relevant logs and/or screenshots

Command:

LM_JAVA_VERSION="99" ASDF_JAVA_VERSION=adoptopenjdk-16.0.0+36 /run.sh

Outputs (when debugging locally and outputting all commands):

cmd: [:mvn, "-e", "org.codehaus.mojo:license-maven-plugin:aggregate-download-licenses", "-Dlicense.excludedScopes=development,develop,test", "-Dorg.slf4j.simpleLogger.log.org.codehaus.mojo.license=debug", "-DskipTests"]
capture
true
[v3.31.0] asdf: No preset version installed for command mvn
Please install the missing version by running one of the following:

asdf install java adoptopenjdk-16.0.0+36

Possible fixes

Set maven to the pre-installed version in the image.
Install a corresponding version of maven for the requested ASDF_JAVA_VERSION (see: https://gitlab.com/gitlab-org/security-products/analyzers/license-finder/-/blob/main/config/software/asdf_maven.rb)

Edited Aug 30, 2021 by Igor Frenkel