Please update the SonarQube Helm Chart to support referencing a secret for the monitoringPasscode instead of requiring the passcode to be in the values file. I’d like to check our SonarQube values file into our local git repository without exposing the passcode to all users that have access to the repository.
Thank you for the feedback!
This improvement makes sense since there are some cases where we don’t want to expose the monitoringPasscode in the values.yaml file.
I have created a new ticket to track the improvement
Hi, since this is a chart only feature, why was the sonarqube-lts chart excluded in the ticket ?
We are using the sonarqube-lts chart and would appreciate having not to specify the password inline as well.
We consider this change an improvement, and as such, it wasn’t backported to the LTS. Only serious bugs and vulnerabilities are fixed in the LTS.
Hi @ganncamp , thank you for the clarification. Is it then advisable and recommended to use the standard
sonarqube helm chart instead of the
sonarqube-lts helm chart also for rolling out the SonarQube LTS Developer version?
If you need this change, then yes I would upgrade to Latest. But we consider the LTS stable and supported (i.e. bug & vulnerability fixes).
We got around this by specifying a secret for the passcode and setting the env var
SONAR_WEB_SYSTEMPASSCODE the value of the secret.