Merge branch '33727-airgap' into 'master'v3.1.0

Scan maven projects with dependencies from a custom repository

See merge request gitlab-org/security-products/license-management!120

1 files changed, 25 insertions, 0 deletions

diff --git a/spec/integration/java/maven_spec.rb b/spec/integration/java/maven_spec.rb
index 6e1752f..8d1ad20 100644
--- a/spec/integration/java/maven_spec.rb
+++ b/spec/integration/java/maven_spec.rb
@@ -2,4 +2,29 @@ require 'spec_helper'
 
 RSpec.describe "maven" do
   include_examples "each report version", "java", "maven"
+
+  describe "When the maven dependencies come from a custom public maven repository" do
+    it 'is able to detect some of the licenses' do
+      runner.add_file('pom.xml', fixture_file_content('pom-public-gitlab-repository.xml'))
+
+      report = runner.scan(env: { 'CI_PROJECT_ID' => '17523603' })
+
+      expect(report).to match_schema(version: '2.0')
+      expect(report[:dependencies]).to match_array([{ name: 'mvn-spike', url: '', description: '', paths: ['.'], licenses: ['MIT'] }])
+    end
+
+    it 'downloads packages from by using a custom `settings.xml`' do
+      runner.add_file('pom.xml', fixture_file_content('pom-public-gitlab-repository.xml'))
+      runner.add_file('my_settings.xml', fixture_file_content('custom-maven-settings.xml'))
+
+      report = runner.scan(env: {
+        'CI_DEBUG_TRACE' => 'true',
+        'CI_PROJECT_ID' => 'invalid',
+        'MAVEN_CLI_OPTS' => "--settings my_settings.xml"
+      })
+
+      expect(report).to match_schema(version: '2.0')
+      expect(report[:dependencies]).to match_array([{ name: 'mvn-spike', url: '', description: '', paths: ['.'], licenses: ['MIT'] }])
+    end
+  end
 end