Private SonarQube installation and GitHub PR Analysis

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • what are you trying to achieve
  • what have you tried so far to achieve this

We are using SonarQube developer edition 8.5. It’s running in our internal network and only reachable from there.
Source code is hosted on GitHub.com and we use PullRequest feedback to get PR decoration.

Now the PR decoration look like:

URLs to our internal SonarQube are correct and links are working. So for an internal developer everything would work, but GitHub is replacing all urls with https://camo.githubusercontent.com/

Obviosly GitHub can not reach our internal URLs therefor no images can be rendered:

  <img src="https://camo.githubusercontent.com/e6e6595dd937d29ae015ba9faceff8abcd09ea2c6c714cbcacc7226324cc3cb6/68747470733a2f2f736f6e6172717562652e7376632e63632e73796e636965722e636c6f75642f7374617469632f646576656c6f7065722d7365727665722f636f6d6d6f6e2f6275672e706e67" alt="Bug" width="16" height="16" data-canonical-src="https://sonarqube.internal.url/static/developer-server/common/bug.png" style="max-width:100%;">

We do not want to make our SonarQube installation available via a public URL, but it would be ok to expose those static images using an external URL.

I know that there is a server base URL, which can be used to configure the external URL of SonarQube.


Is there something similar which can be used just for static content?

So that GitHub would user https://sonarqube.external.url/static/developer-server/common/bug.png instead of https://sonarqube.internal.url/static/developer-server/common/bug.png?

It would be even better if there would be a switch which one could activate that those static images are served from SonarQube infrastructure or a CDN, so that users would not need to expose it at all.

Hi, starting with SonarQube 8.6, we use an external CDN for github.com & gitlab.com (see more here).

2 Likes

That’s pretty cool! Thanks for the info.

1 Like