From cc8f13ac23839fa87fb13b4281c0e3df854e4bff Mon Sep 17 00:00:00 2001
From: Pavel Gonchukov <pavel.gonchukov@tradeshift.com>
Date: Wed, 9 Jun 2021 13:39:44 +0300
Subject: [PATCH] Add cacert rule for java 8

Need to add cacerts also for java 8
---
 CODEOWNERS          |  1 +
 dist/setup/index.js | 23 +++++++++++++++--------
 src/maven.ts        | 37 ++++++++++++++++++++++++-------------
 src/setup-java.ts   |  3 ++-
 4 files changed, 42 insertions(+), 22 deletions(-)
 create mode 100644 CODEOWNERS

diff --git a/CODEOWNERS b/CODEOWNERS
new file mode 100644
index 00000000..31c89547
--- /dev/null
+++ b/CODEOWNERS
@@ -0,0 +1 @@
+* @Tradeshift/developer-productivity
\ No newline at end of file
diff --git a/dist/setup/index.js b/dist/setup/index.js
index 9d03de27..b9e6727f 100644
--- a/dist/setup/index.js
+++ b/dist/setup/index.js
@@ -11084,27 +11084,33 @@ function setupMaven(opts) {
             flag: 'w'
         });
         const certDir = path.join(os.homedir(), 'certs');
-        const rooCaPath = path.join(certDir, 'rootca.crt');
+        const rootCaPath = path.join(certDir, 'rootca.crt');
         yield io.mkdirP(certDir);
-        fs.writeFileSync(rooCaPath, btoa(opts.caCert), {
+        fs.writeFileSync(rootCaPath, btoa(opts.caCert), {
             encoding: 'utf-8',
             flag: 'w'
         });
         const p12Path = path.join(certDir, 'certificate.p12');
         fs.writeFileSync(p12Path, Buffer.from(opts.keystore, 'base64'));
         core.exportVariable('MAVEN_OPTS', `-Djavax.net.ssl.keyStore=${p12Path} -Djavax.net.ssl.keyStoreType=pkcs12 -Djavax.net.ssl.keyStorePassword=${opts.password}`);
+        var params = ['-importcert'];
+        // keytool for JAVA 8 has different API
+        if (opts.javaVersion === '8') {
+            params.push('-keystore', `${opts.javaPath}/jre/lib/security/cacerts`);
+        }
+        else {
+            params.push('-cacerts');
+        }
         try {
-            yield exec.exec(path.join(opts.javaPath, 'bin/keytool'), [
-                '-importcert',
-                '-cacerts',
+            yield exec.exec(path.join(opts.javaPath, 'bin/keytool'), params.concat([
                 '-storepass',
                 'changeit',
                 '-noprompt',
                 '-alias',
                 'mycert',
                 '-file',
-                rooCaPath
-            ]);
+                rootCaPath
+            ]));
         }
         catch (e) {
             core.warning(`keytool return an error: ${e.message}`);
@@ -33373,7 +33379,8 @@ function run() {
                 password: core.getInput(constants.INPUT_MAVEN_KEYSTORE_PASSWORD),
                 settings: core.getInput(constants.INPUT_MAVEN_SETTINGS_B64),
                 securitySettings: core.getInput(constants.INPUT_MAVEN_SECURITY_SETTINGS_B64),
-                javaPath: ''
+                javaPath: '',
+                javaVersion: version
             };
             const mvnVersion = core.getInput(constants.INPUT_MAVEN_VERSION);
             const arch = core.getInput(constants.INPUT_ARCHITECTURE, { required: true });
diff --git a/src/maven.ts b/src/maven.ts
index 18dac659..244b94f3 100644
--- a/src/maven.ts
+++ b/src/maven.ts
@@ -13,6 +13,7 @@ export interface MavenOpts {
   settings: string;
   securitySettings: string;
   javaPath: string;
+  javaVersion: string;
 }
 
 export function isValidOptions(mvnOpts: MavenOpts): boolean {
@@ -50,9 +51,9 @@ export async function setupMaven(opts: MavenOpts): Promise<void> {
   );
 
   const certDir = path.join(os.homedir(), 'certs');
-  const rooCaPath = path.join(certDir, 'rootca.crt');
+  const rootCaPath = path.join(certDir, 'rootca.crt');
   await io.mkdirP(certDir);
-  fs.writeFileSync(rooCaPath, btoa(opts.caCert), {
+  fs.writeFileSync(rootCaPath, btoa(opts.caCert), {
     encoding: 'utf-8',
     flag: 'w'
   });
@@ -65,18 +66,28 @@ export async function setupMaven(opts: MavenOpts): Promise<void> {
     `-Djavax.net.ssl.keyStore=${p12Path} -Djavax.net.ssl.keyStoreType=pkcs12 -Djavax.net.ssl.keyStorePassword=${opts.password}`
   );
 
+  var params: string[] = ['-importcert'];
+
+  // keytool for JAVA 8 has different API
+  if (opts.javaVersion === '8') {
+    params.push('-keystore', `${opts.javaPath}/jre/lib/security/cacerts`);
+  } else {
+    params.push('-cacerts');
+  }
+
   try {
-    await exec.exec(path.join(opts.javaPath, 'bin/keytool'), [
-      '-importcert',
-      '-cacerts',
-      '-storepass',
-      'changeit',
-      '-noprompt',
-      '-alias',
-      'mycert',
-      '-file',
-      rooCaPath
-    ]);
+    await exec.exec(
+      path.join(opts.javaPath, 'bin/keytool'),
+      params.concat([
+        '-storepass',
+        'changeit',
+        '-noprompt',
+        '-alias',
+        'mycert',
+        '-file',
+        rootCaPath
+      ])
+    );
   } catch (e) {
     core.warning(`keytool return an error: ${(e as Error).message}`);
   }
diff --git a/src/setup-java.ts b/src/setup-java.ts
index 082137ab..dfa7f3a7 100644
--- a/src/setup-java.ts
+++ b/src/setup-java.ts
@@ -21,7 +21,8 @@ async function run() {
       securitySettings: core.getInput(
         constants.INPUT_MAVEN_SECURITY_SETTINGS_B64
       ),
-      javaPath: ''
+      javaPath: '',
+      javaVersion: version
     };
 
     const mvnVersion = core.getInput(constants.INPUT_MAVEN_VERSION);