How to ovverride sonar.auth.aad.clientSecret.secured value from docker-compose environment variables

manojkumar · November 15, 2023, 9:34am

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) community
how is SonarQube deployed: zip, Docker, Helm using zip
what are you trying to achieve - ovveride azure secret from docker-comspose
what have you tried so far to achieve this - used the docker-compose variables to do it, but it not working

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

manojkumar · November 15, 2023, 9:35am

Please find the docker-compose for the same

version: "3"
services:
  sonarqube:
    image: sonarqube:community
    hostname: sonarqube
    container_name: sonarqube
    depends_on:
      - db
    environment:
      - SONAR_JDBC_URL=jdbc:postgresql://db:5432/sonar
      - SONAR_JDBC_USERNAME=sonar
      - SONAR_JDBC_PASSWORD=sonar
      - SONAR_AUTH_AAD_CLIENT_SECRET_SECURED="<value>"
    volumes:
      - sonarqube_data:/opt/sonarqube/data
      - sonarqube_extensions:/opt/sonarqube/extensions
      - sonarqube_logs:/opt/sonarqube/logs
    ports:
      - "9000:9000"
  db:
    image: postgres:12
    hostname: postgresql
    container_name: postgresql
    environment:
      POSTGRES_USER: sonar
      POSTGRES_PASSWORD: sonar
      POSTGRES_DB: sonar
    volumes:
      - postgresql:/var/lib/postgresql
      - postgresql_data:/var/lib/postgresql/data

volumes:
  sonarqube_data:
  sonarqube_extensions:
  sonarqube_logs:
  postgresql:
  postgresql_data:

ganncamp · November 17, 2023, 7:11pm

Hi,

I suspect that sonar.auth.aad.clientSecret is a UI-set parameter for a 3rd-party plugin. We don’t natively support AAD itself (we do support SAML, LDAP &etc.)

Just generally, server admin values that can be set through the UI, must be set through the UI. If you want to deviate from that, you probably need to work with your plugin provider.

HTH,
Ann