Hi!
Due to security concerns within our organization all of our CI/CD build systems run in an air-gapped environment, where they can only access pre-approved artifacts through a JFrog Artifactory mirror. We are currently looking to create an RPM-packaging of the SonarScanner CLI tool for internal use, and are able to download the SonarScanner CLI through a mirror we have set up for https://binaries.sonarsource.com/Distribution/
However, we would like to be able to always package new versions when they arrive, and as such need a way to determine what the current latest version is. This is of course specified in the documentation here - SonarScanner CLI - but as this is a documentation page it poses a problem to access it through our mirror.
Other projects, such as Helm/Kubernetes, tend to provide a version.json file or similar in the distributions repository, which contains the current latest version number. This can then be used by the build system in order to know which version to download. This allows the build system to determine the latest version by solely relying on the distribution repository mirror, rather than having to look it up through different means.
I could not find a similar apparoach for the SonarScanner CLI. I also tried removing the version number from the download URLs provided here - SonarScanner CLI - hoping that it would result in me receiving the latest version. This was however not the case.
Is there any way to determine version information solely based on information contained in https://binaries.sonarsource.com/Distribution/ ? If not, would it be possible to start adding a version.json or other similar solution in order to better support customer packaging pipelines?