From f4eddd92b811cb2af2c6038945b076c046c51a1d Mon Sep 17 00:00:00 2001 From: Antonio Aversa Date: Fri, 29 Nov 2024 10:45:49 +0100 Subject: [PATCH] SQSCANGHA-54 Improve the README Co-authored-by: Julien HENRY --- README.md | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 0e12d94..dc75636 100644 --- a/README.md +++ b/README.md @@ -106,7 +106,6 @@ jobs: uses: sonarsource/sonarqube-scan-action@ # Ex: v4.1.0, See the latest version at https://github.com/marketplace/actions/official-sonarqube-scan env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: https://sonarcloud.io ``` ## Action parameters @@ -143,6 +142,16 @@ In case you need to add additional analysis parameters, and you do not wish to s -Dsonar.verbose=true ``` +You can also specify the URL where to retrieve the SonarScanner CLI from. +The specified URL overrides the default address: `https://binaries.sonarsource.com/Distribution/sonar-scanner-cli`. +This can be useful when the runner executing the action is self-hosted and has regulated or no access to the Internet: + +```yaml +- uses: sonarsource/sonarqube-scan-action@ + with: + scannerBinariesUrl: https://my.custom.binaries.url.com/Distribution/sonar-scanner-cli/ +``` + More information about possible analysis parameters can be found: * in the [Analysis parameters page](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/analysis-parameters/) of the SonarQube Server documentation * in the [Analysis parameters page](https://docs.sonarsource.com/sonarqube-cloud/advanced-setup/analysis-parameters/) of the SonarQube Cloud documentation @@ -152,9 +161,9 @@ More information about possible analysis parameters can be found: - `SONAR_TOKEN` – **Required** this is the token used to authenticate access to SonarQube. You can read more about security tokens in the documentation of SonarQube [Server](https://docs.sonarsource.com/sonarqube-server/latest/user-guide/managing-tokens/) and [Cloud](https://docs.sonarsource.com/sonarqube-cloud/managing-your-account/managing-tokens/). You can set the `SONAR_TOKEN` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended). - *`GITHUB_TOKEN` – Provided by Github (see [Authenticating with the GITHUB_TOKEN](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/authenticating-with-the-github_token)).* - `SONAR_HOST_URL` – this tells the scanner where SonarQube Server is hosted. You can set the `SONAR_HOST_URL` environment variable in the "Variables" settings page of your repository, or you can add them at the level of your GitHub organization (recommended). Not needed for SonarQube Cloud. -- `SONAR_ROOT_CERT` – Holds an additional root certificate (in PEM format) that is used to validate the certificate of SonarQube Server or of a secured proxy to SonarQube (Server or Cloud). You can set the `SONAR_ROOT_CERT` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended). +- `SONAR_ROOT_CERT` – Holds an additional certificate (in PEM format) that is used to validate the certificate of SonarQube Server or of a secured proxy to SonarQube (Server or Cloud). You can set the `SONAR_ROOT_CERT` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended). -Here is an example of how you can pass a root certificate (in PEM format) to the Java certificate store, when your SonarQube Server uses a self-signed certificate: +Here is an example of how you can pass a certificate (in PEM format) to the Scanner truststore: ```yaml - uses: sonarsource/sonarqube-scan-action@ @@ -187,7 +196,7 @@ This GitHub Action will not work for all technologies. If you are in one of the ## Have questions or feedback? -To provide feedback (requesting a feature or reporting a bug) please post on the [SonarSource Community Forum](https://community.sonarsource.com/tags/c/help/sq/github-actions). +To provide feedback (requesting a feature or reporting a bug) please post on the SonarSource Community Forum page for SonarQube [Server](https://community.sonarsource.com/tags/c/help/sq/github-actions) or [Cloud](https://community.sonarsource.com/tags/c/help/sc/9/github-actions). ## License