Sonarqube-scan-action v8.0.0 has no option for proxy

scott-sympli · April 29, 2026, 11:55pm

Using the latest v8.0.0 of the sonarqube-scan-action in our GHA self hosted runners gets timeouts when trying to download the gpg key. I believe it’s because we’re behind a proxy and dirmngr doesn’t use the proxy from the environment by default.

I can’t find any way to configure gpg / dirmngr to use a proxy in this action. For now, we’re using skipSignatureVerification: true but ideally we’d prefer not to use this option.

Thanks

ganncamp · April 30, 2026, 12:51pm

Hi,

Welcome to the community!

Have you tried setting the proxy analysis parameters?

Ann

scott-sympli · April 30, 2026, 11:42pm

Hi Ann,
I haven’t tried them because afaik these only effect the scanner itself, not the download of the gpg key.
I should have pasted the error in my original post, sorry:

Installing Sonar Scanner CLI 8.0.1.6346 for linux-x64…

Downloading from: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-8.0.1.6346-linux-x64.zip

Downloading signature from: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-8.0.1.6346-linux-x64.zip.asc

Importing SonarSource public key from hkps://keyserver.ubuntu.com…

/usr/bin/gpg --homedir /codebuild/output/src3441734381/src/actions-runner/_work/_temp/gpg-home-1777418481391-1719 --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys 679F1EE92B19609DE816FDE81DB198F93525EC1A

gpg: keybox ‘/codebuild/output/src3441734381/src/actions-runner/_work/_temp/gpg-home-1777418481391-1719/pubring.kbx’ created

gpg: keyserver receive failed: Connection timed out

Warning: Failed to import key from hkps://keyserver.ubuntu.com: The process ‘/usr/bin/gpg’ failed with exit code 2

Attempting fallback keyserver hkps://keys.openpgp.org…

/usr/bin/gpg --homedir /codebuild/output/src3441734381/src/actions-runner/_work/_temp/gpg-home-1777418481391-1719 --batch --keyserver hkps://keys.openpgp.org --recv-keys 679F1EE92B19609DE816FDE81DB198F93525EC1A

gpg: keyserver receive failed: Connection timed out

Error: Action failed: Failed to import SonarSource public key from all keyservers. Primary (hkps://keyserver.ubuntu.com): The process ‘/usr/bin/gpg’ failed with exit code 2. Fallback (hkps://keys.openpgp.org): The process ‘/usr/bin/gpg’ failed with exit code 2

ganncamp · May 1, 2026, 12:43pm

Hi,

My knee-jerk reaction was to ask why you’re downloading the scanner fresh each time, but that’s just the way the action works, right?

I’ve flagged this for the team.

Ann

Topic		Replies	Views
Cannot upload analysis behind corporate proxy SonarQube Server / Community Build scanner , bug-no-category	4	935	June 19, 2020
Proxy, SonarCloud, OpenShift, Tekton SonarQube Cloud	10	602	October 20, 2023
I try to upgrade sonarqube-scanner from 3.0.1 to 4.0.1 but i have some issue SonarQube Server / Community Build bump	10	688	November 8, 2024
SonarScanner behind an http proxy SonarQube Server / Community Build scanner , gitlab , ssl	2	7825	April 5, 2022
waitForQualityGate() failing for authentication over proxy \|\| Jenkins - Sonar Integration SonarQube Server / Community Build sonarqube , scanner , jenkins	1	1638	September 17, 2019

Sonarqube-scan-action v8.0.0 has no option for proxy

Related topics