Apply maven opts to all command invocations
What does this MR do?
The setup for doing dependency scanning with a private repository described in https://docs.gitlab.com/ee/user/application_security/dependency_scanning/index.html#using-private-maven-repos fails if your project uses a private parent pom, or a parent pom not on Maven Central. The first invocation of maven for resolving the gemnasium plugin fails, likely because maven cannot build the effective pom without access to the private parent pom.
Commit aebbd36e only appends the MAVEN_CLI_OPTS to the invocation of maven that builds the project.
This MR generalizes that behavior and appends the MAVEN_CLI_OPTS to all invocation of maven in analyze.go.
I have created example code demonstrating the bug.
Note the CI build for this branch fails at the QA phase on my fork. I am suspecting this is a setup issue. I manually ran the QA tests on forks of the QA repositories
and they passed when run with the image generated from this branch.
What are the relevant issue numbers?
Dependency scanning fails for projects using parent POM not in Maven Central
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer