added --maven-settings-file parameter

omerr-cycode · omerr-cycode · commit 3281578844e8 · 2025-07-16T17:42:05.000+03:00
diff --git a/cycode/cli/apps/scan/scan_command.py b/cycode/cli/apps/scan/scan_command.py
@@ -88,6 +88,17 @@ def scan_command(
             rich_help_panel=_SCA_RICH_HELP_PANEL,
         ),
     ] = False,
+    maven_settings_file: Annotated[
+        Optional[Path],
+        typer.Option(
+            '--maven-settings-file',
+            show_default=False,
+            help='When specified, Cycode will use this settings.xml file '
+            'when building the maven dependency tree.',
+            dir_okay=False,
+            rich_help_panel=_SCA_RICH_HELP_PANEL,
+        ),
+    ] = None,
     export_type: Annotated[
         ExportTypeOption,
         typer.Option(
@@ -143,6 +154,7 @@ def scan_command(
     ctx.obj['sync'] = sync
     ctx.obj['severity_threshold'] = severity_threshold
     ctx.obj['monitor'] = monitor
+    ctx.obj['maven_settings_file'] = maven_settings_file
     ctx.obj['report'] = report
 
     scan_client = get_scan_cycode_client(ctx)
diff --git a/cycode/cli/files_collector/sca/maven/restore_maven_dependencies.py b/cycode/cli/files_collector/sca/maven/restore_maven_dependencies.py
@@ -24,7 +24,12 @@ def is_project(self, document: Document) -> bool:
         return path.basename(document.path).split('/')[-1] == BUILD_MAVEN_FILE_NAME
 
     def get_commands(self, manifest_file_path: str) -> list[list[str]]:
-        return [['mvn', 'org.cyclonedx:cyclonedx-maven-plugin:2.7.4:makeAggregateBom', '-f', manifest_file_path]]
+        command = ['mvn', 'org.cyclonedx:cyclonedx-maven-plugin:2.7.4:makeAggregateBom', '-f', manifest_file_path]
+
+        maven_settings_file = self.ctx.obj.get('maven_settings_file')
+        if maven_settings_file:
+            command += ['-s', str(maven_settings_file)]
+        return [command]
 
     def get_lock_file_name(self) -> str:
         return join_paths('target', MAVEN_CYCLONE_DEP_TREE_FILE_NAME)
@@ -46,7 +51,7 @@ def try_restore_dependencies(self, document: Document) -> Optional[Document]:
 
     def restore_from_secondary_command(self, document: Document, manifest_file_path: str) -> Optional[Document]:
         restore_content = execute_commands(
-            commands=create_secondary_restore_commands(manifest_file_path),
+            commands=self.create_secondary_restore_commands(manifest_file_path),
             timeout=self.command_timeout,
             working_directory=self.get_working_directory(document),
         )
@@ -62,15 +67,19 @@ def restore_from_secondary_command(self, document: Document, manifest_file_path:
         )
 
 
-def create_secondary_restore_commands(manifest_file_path: str) -> list[list[str]]:
-    return [
-        [
-            'mvn',
-            'dependency:tree',
-            '-B',
-            '-DoutputType=text',
-            '-f',
-            manifest_file_path,
-            f'-DoutputFile={MAVEN_DEP_TREE_FILE_NAME}',
-        ]
-    ]
+    def create_secondary_restore_commands(self,manifest_file_path: str) -> list[list[str]]:
+        command = [
+                'mvn',
+                'dependency:tree',
+                '-B',
+                '-DoutputType=text',
+                '-f',
+                manifest_file_path,
+                f'-DoutputFile={MAVEN_DEP_TREE_FILE_NAME}',
+            ]
+
+        maven_settings_file = self.ctx.obj.get('maven_settings_file')
+        if maven_settings_file:
+            command += ['-s', str(maven_settings_file)]
+
+        return [command]
