Works fine when I just curl https://detect.synopsys.com/detect9.sh but when I try to use synopsys-sig/synopsys-action@v1.7.0 in my GitHub action, it can't connect. I'd rather not trust all certs by default (I know BLACKDUCK_TRUST_CERT: true is an option).
Is there a way to use synopsys-sig in my GitHub action with a custom truststore?
I'm trying to configure a Java truststore to connect to a BlackDuckHub instance. I've set these Java options as environment variable:
DETECT_JAVA_OPTS: "-Djavax.net.ssl.trustStore=./blackduck.truststore -Djavax.net.ssl.trustStorePassword=${{ secrets.BLACKDUCK_TRUSTSTORE_PASSWORD }}"Works fine when I just
curl https://detect.synopsys.com/detect9.shbut when I try to usesynopsys-sig/synopsys-action@v1.7.0in my GitHub action, it can't connect. I'd rather not trust all certs by default (I knowBLACKDUCK_TRUST_CERT: trueis an option).Is there a way to use synopsys-sig in my GitHub action with a custom truststore?