Colin
March 30, 2023, 8:27am
3
Hey there.
You might want to add your voice here:
We are looking at running SonarQube behind CloudFlare Zero Trust and providing the Zero Trust Service Tokens HTTP headers as parameters to the Sonar Scanner.
The idea would be to allow a GitHub Action that is using sonarsource/sonarqube-scan-action or a developer running the scanner manually to securely connect to SonarQube.
It seems this could be achieved by:
Providing custom headers as props, passed on command line
Retrieving the headers in the Sonar Scanner API ServerConnection::create Se…
The scanne itself runs on Java (and/or .NET Framework if you use the Scanner for .NET). It is possible to pass proxy information through the scanner via the SONAR_SCANNER_OPTS environment variable.
SONAR_SCANNER_OPTS="-Dhttp.proxyHost=proxy.mycompany.com -Dhttp.proxyPort=8080 -Dhttp.proxyUser=someUserName -Dhttp.proxyPassword=somePassword"
Maybe this is helpful?
1 Like