Adding a new costume roles to check if the .env file is encrypted or not!

Casper_LLL · April 12, 2024, 6:43pm

Must-share information (formatted with Markdown):

i am using sonarqube 10.4.1.88267 (docker image)
im trying to add new rule to my sonarqube to check if the enviroments files are encrypted if not its a penalty
im asking if this can be acheived or not…
thank uu

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!
no logs

Colin · April 15, 2024, 8:47am

Hey there.

Are you thinking about the files themselves, or the contents of the files?

Casper_LLL · April 15, 2024, 10:08am

Hi Colin
actually i will care about the content of of the files and check if the content write on format like (x = xstring) this is a penalty

thank u

Colin · April 15, 2024, 12:51pm

SonarQube will raise issues if it finds secrets stored in configuration files. So I suppose in a way, it would raise issues if it finds unencrypted values that match the secrets it wants to detect.

Otherwise, I think a rule that just raised issues on if values in the files are unencrypted would be quite noisy since not all configuration needs to be encrypted (just secrets).

Casper_LLL · April 15, 2024, 12:58pm

actually the enviroment file it will be just one file and will be all encrypted not only a single value ( like using ansible-vault to encrypte the file)

Colin · April 15, 2024, 1:00pm

I don’t think SonarQube will be able to help you here.

Casper_LLL · April 15, 2024, 1:04pm

okey thank u for your help