sonar-scanner-npm
sonar-scanner-npm copied to clipboard
bellingard
Connect to SonarQube over https
Hello,
We have a self hosted SonarQube server and the sonarqube-scanner in our JavaScript project. All worked fine untill we upgraded out network to use https. We thought we could solve this by installing our self issued certificate and but unfortunately this doesn't work.
We think we need to provide the certificate to the Java executable that this package is installing somewhere in your home directory. Can anyone guide us on how to solve this?
Thanks and kind regards.
Alright, we have a work around and a possible solution direction.
While browsing for a sonarqube scanner in a Dockerfile we were inspired by this Dockerfile. Mostly this line here:
RUN sed -i 's/use_embedded_jre=true/use_embedded_jre=false/g' /usr/lib/sonar-scanner/bin/sonar-scanner
The line above does basically a find and replace in the sonar-scanner script to disable the embedded JRE. So we went ahead and did the same on our environment after we added a JRE to our container. Of course we installed the certificate globally as well. This works well as a work around.
The solution direction here might be to expose the use_embedded_jre to the npm package somehow. In the script it already is a variable so it might not me too much work to expose it. Or, to pass it the certificate.
If I could add to this, as I'm also encountering this on Jenkins...
I am able to run the scanner perfectly fine on my development environment
Sonar Server is my own at https:// Mac OSX Angular application with sonar-scanner npm package installed using sonar-project.properties to define server url and login using my token
On Jenkins however (container running on Java) I'm getting the same issue as @zwik.
Hi @zwik and @vb-software,
Don't know if you still care about this. Anyway, I created a list of potential improvements and mentioned this topic:
- #165
I'll close this issue for now. Feel free to reopen if you want to create a PR ;)