SQSCANGHA-6 Add ability to pass custom PEM certificate to action (#37)

README.md

@@ -63,6 +63,17 @@ If your source code file names contain special characters that are not covered b
         LC_ALL: "ru_RU.UTF-8"
 ```
 
+If your SonarQube server uses a self-signed certificate, you can pass a root certificate (in PEM format) to the java certificate store:
+
+```yaml
+    - name: SonarQube Scan
+      uses: sonarsource/sonarqube-scan-action@master
+      env:
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+        SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }}
+```
+
 You can change the analysis base directory by using the optional input `projectBaseDir` like this:
 
 ```yaml
@@ -91,6 +102,7 @@ More information about possible analysis parameters can be found in [the documen
 
 - `SONAR_TOKEN` – **Required** this is the token used to authenticate access to SonarQube. You can read more about security tokens [here](https://docs.sonarqube.org/latest/user-guide/user-token/). You can set the `SONAR_TOKEN` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
 - `SONAR_HOST_URL` – **Required** this tells the scanner where SonarQube is hosted. You can set the `SONAR_HOST_URL` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
+- `SONAR_ROOT_CERT` – Holds an additional root certificate (in PEM format) that is used to validate the SonarQube server certificate. You can set the `SONAR_ROOT_CERT` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
 
 ## Alternatives for Java, .NET, and C/C++ projects