Support Cloudflare Zero Trust Service Tokens in the CLI Scanner

We are looking at running SonarQube behind CloudFlare Zero Trust and providing the Zero Trust Service Tokens HTTP headers as parameters to the Sonar Scanner.

The idea would be to allow a GitHub Action that is using sonarsource/sonarqube-scan-action or a developer running the scanner manually to securely connect to SonarQube.

It seems this could be achieved by:

Does this look like a possible solution?

1 Like