Add Maven settings.xml with JFrog mirror configuration

Hardened runners terminate SSL handshakes to repo.maven.apache.org,
so Maven needs an explicit mirror pointing to JFrog Artifactory.
Generate ~/.m2/settings.xml with OIDC credentials from the JFrog
setup step.

Author: mihaimitrea-db

.github/actions/setup-build-environment/action.yml

@@ -1,5 +1,5 @@
 name: Setup build environment
-description: Set up JDK with JFrog OIDC authentication for hardened runners
+description: Set up JDK with JFrog Artifactory as Maven mirror for hardened runners
 
 inputs:
   java-version:
@@ -11,6 +11,7 @@ runs:
   steps:
     - name: Setup JFrog CLI with OIDC
       if: runner.os != 'macOS'
+      id: jfrog
       uses: jfrog/setup-jfrog-cli@279b1f629f43dd5bc658d8361ac4802a7ef8d2d5 # v4.9.1
       env:
         JF_URL: https://databricks.jfrog.io
@@ -21,3 +22,29 @@ runs:
       uses: actions/setup-java@b6e674f4b717d7b0ae3baee0fbe79f498905dfde # v1.4.4
       with:
         java-version: ${{ inputs.java-version }}
+
+    - name: Configure Maven for JFrog
+      if: runner.os != 'macOS'
+      shell: bash
+      run: |
+        mkdir -p ~/.m2
+        cat > ~/.m2/settings.xml << EOF
+        <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd">
+          <mirrors>
+            <mirror>
+              <id>jfrog-maven</id>
+              <url>https://databricks.jfrog.io/artifactory/db-maven/</url>
+              <mirrorOf>*</mirrorOf>
+            </mirror>
+          </mirrors>
+          <servers>
+            <server>
+              <id>jfrog-maven</id>
+              <username>${{ steps.jfrog.outputs.oidc-user }}</username>
+              <password><![CDATA[${{ steps.jfrog.outputs.oidc-token }}]]></password>
+            </server>
+          </servers>
+        </settings>
+        EOF