How can we remove public access of SonarQube server?

  • which versions are you using (SonarQube 9.5, Scanner3.6, Plugin sonar maven plugin, and any relevant extension)
  • what are you trying to achieve- Remove public access of SonarQube server

I am running SonarQube Dev edition 9.5 in container. Have set up github actions workflow for PR decoration. It works only when my SQ server open to public access . When i use my self hosted runner to run workflow it fails to reach server. connection times out. Tried whitelisting runner IP in all possible ways.but no luck…

Question is it mandatory to make SonarQube server publicly accessible ??? what are the ways to limit its access to known IPs when build is running in github actions.

There’s no requirement to have a SonarQube server public as long as your self-hosted runner can access it. It sounds like your GitHub runner simply has trouble communicating with your SonarQube server – have you tried a basic curl command against your SonarQube instance from the runner to see if the connectivity problem extends beyond GitHub actions?

i tried curl on runner machine whitelisting IP its not connecting SQ, when i make SQ server public then curl is successful

In that case, you don’t have a SonarQube problem – you have a network problem. You should talk to your system/network administrators about how to make sure you have connectivity between the runner and your SonarQube server.

it says * SonarQube must be publicly accessible through HTTPS only