Conenct to SonarQube behind teleport

Must-share information (formatted with Markdown):

• which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  9.9.5
• how is SonarQube deployed: zip, Docker, Helm
  helm
• what are you trying to achieve
  My SonarQube instance is hosted behind a teleport instance, in my GitHub action, when the sonarsource/sonarqube-scan-action@master action is trying to pass information to the SonarQube which is behind the teleport, it cannot access it which is expected

Now when in order to let the sonarsource/sonarqube-scan-action@master job to access the sonarqube, I have to send the requests wich a client certificate and a key, here is an equivalent CURL command for it that works:

curl \
  --cert /root/.tsh/keys/teleport.xyz/aaa/teleport.xyz/sonarqube-x509.pem \
  --key /root/.tsh/keys/teleport.xyz/aaa \
  https://sonarqube.teleport.xyz

How can I pass these to the github action? or the sonar-scanner?

• what have you tried so far to achieve this

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

Hey there.

I think this is what you’re looking for. TLS certificates on client side & SonarQube Docs.

And because it’s not clear in the docs, these properties would get set via a SONAR_SCANNER_OPTS environment variable.

SONAR_SCANNER_OPTS="-Djavax.net.ssl.keyStore =..... -Djavax.net.ssl.trustStorePassword=...."