# ci-image: MAVEN settings handling

This image supports injecting a Maven `settings.xml` at container start via environment variables.

Environment variables
- `MAVEN_SETTINGS_BASE64` (preferred): base64-encoded contents of the `settings.xml`. If present, the entrypoint will decode it and write it to `~/.m2/settings.xml`.
- `MAVEN_SETTINGS`: raw contents of the `settings.xml`. Used only if `MAVEN_SETTINGS_BASE64` is not set.

- `MAVEN_SETTINGS_PATH`: path to the `settings.xml` inside the container (exported by the entrypoint). Typically `/home/ci/.m2/settings.xml` or `~/.m2/settings.xml` depending on the user; use this variable in scripts to locate the file reliably.

Notes
- The entrypoint will create `~/.m2` if it does not exist and set the `settings.xml` file to mode `644`.
- Use `MAVEN_SETTINGS_BASE64` when your CI system has trouble preserving newlines or special characters in environment variables.

Examples

Build the image:

```bash
docker build -t my-ci-image .
```

Provide raw settings (works if your CI preserves newlines):

```bash
docker run --rm -e MAVEN_SETTINGS="$(cat ~/.m2/settings.xml)" my-ci-image bash -lc 'cat ~/.m2/settings.xml'
```

Provide base64-encoded settings (recommended to avoid newline issues):

```bash
docker run --rm -e MAVEN_SETTINGS_BASE64="$(base64 -w0 ~/.m2/settings.xml)" my-ci-image bash -lc 'cat ~/.m2/settings.xml'
```

GitHub Actions (example)

If you store the plain `settings.xml` as a secret, encode it before setting a secret value (locally):

```bash
# encode locally then paste into GitHub secret value
base64 -w0 ~/.m2/settings.xml
```

Then in your workflow use the secret as-is:

```yaml
env:
  MAVEN_SETTINGS_BASE64: ${{ secrets.MAVEN_SETTINGS_BASE64 }}
uses: docker://my-ci-image
```

If your CI runner can pass multiline env vars safely, you can instead set `MAVEN_SETTINGS` to the raw XML.