- Which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
SonarQube 7.3 Developer Edition
- What are you trying to achieve
I am trying to build Docker images of Developer Edition (7.3) based on the Dockefiles from https://github.com/SonarSource/docker-sonarqube. One issue I’m running into is that I cannot find an ASC signature (*.asc) file from https://www.sonarqube.org/downloads/. The Dockerfiles use the .asc file to verify the SQ binary before install. Does SonarSource provide ASC signature files for commercial releases?
- What have you tried so far to achieve this
For the moment I have commented out the verification step to build the Docker image but I would prefer to have the ability to verify the binary during the image build.
gteshome (Gash Teshome) #1
ColinHMueller (Colin Mueller) #3
Indeed, the ASC signatures are available. Checkout https://sonarsource.bintray.com/CommercialDistribution/sonarqube-developer/ where you can find the ASC signature for the Developer Edition of 7.3.
gteshome (Gash Teshome) #4
Excellent! Thank you!