Skip to content

Implement flexible Maven settings override for dependency scanning

Miki Amos requested to merge 414689-error-when-pulling-plugin-for-maven-project-mirroring-central-repo into master

What does this MR do?

This merge request introduces a new Maven utility to improve our handling of Maven settings and options, particularly in the context of the Gemnasium analyzer.

Changes

  • Implemented a new GetPatchSettingsFile function to patch Maven settings files dynamically.
  • Added ParseMavenOpts and ReconstructMavenOpts functions to handle Maven command-line options better.
  • These utilities are integrated into the Gemnasium-maven analyzer workflow.

Functionality

  1. Settings File Patching:
    • Reads an existing settings.xml file.
    • Adds a local plugin repository configuration.
    • Creates a temporary patched settings file.
  2. Maven Options Parsing:
    • Parses Maven command-line options into a map for easy manipulation.
    • Allows for easy modification of specific options (e.g., changing the settings file path).
  3. Maven Options Reconstruction:
    • Reconstruct the Maven options string from the modified map.
  4. Patch Settings File:
    • Combine all the above functions and return a new temp settings file path; the maven opts to override if needed.

Benefits

  • Improves flexibility in handling Maven configurations, especially in CI/CD environments.
  • Allows for dynamic modification of Maven settings without altering the original files.
  • Enhances the ability to work with local repositories in isolated environments.

Testing

  • Unit tests have been added for PatchSettingsFile new function.

What are the relevant issue numbers?

Error when pulling plugin for maven project mir... (gitlab-org/gitlab#414689)

Does this MR meet the acceptance criteria?

Edited by Miki Amos

Merge request reports