mirror of
https://github.com/SonarSource/sonarqube-scan-action.git
synced 2026-05-30 22:50:04 +03:00
Julien HENRY
f55d92a8a1
Organisations using private Artifactory mirrors require authentication to download the SonarScanner CLI. This adds an optional scannerBinariesAuthHeader input whose value is forwarded as the Authorization HTTP header to both the binary and GPG signature downloads via tc.downloadTool's built-in auth parameter. No new dependencies are introduced. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
41 lines
1.3 KiB
YAML
41 lines
1.3 KiB
YAML
name: Official SonarQube Scan
|
|
# Warning: changing name would change URL in the marketplace
|
|
description: >
|
|
Scan your code with SonarQube Server and Cloud to detect issues in 30+ languages. (Formerly SonarQube and SonarCloud)
|
|
|
|
branding:
|
|
icon: check
|
|
color: green
|
|
inputs:
|
|
args:
|
|
description: Additional arguments to the Sonar Scanner CLI
|
|
required: false
|
|
default: ""
|
|
projectBaseDir:
|
|
description: Set the sonar.projectBaseDir analysis property
|
|
required: false
|
|
default: "."
|
|
scannerVersion:
|
|
description: Version of the Sonar Scanner CLI to use
|
|
required: false
|
|
# to be kept in sync with sonar-scanner-version
|
|
default: 8.1.0.6389
|
|
scannerBinariesUrl:
|
|
description: URL to download the Sonar Scanner CLI binaries from
|
|
required: false
|
|
default: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli
|
|
skipSignatureVerification:
|
|
description: Skip GPG signature verification (not recommended for security)
|
|
required: false
|
|
default: "false"
|
|
scannerBinariesAuthHeader:
|
|
description: >
|
|
Authorization header value to use when downloading the SonarScanner CLI binaries
|
|
(e.g. 'Bearer mytoken' or 'Basic base64creds'). Use this when scannerBinariesUrl
|
|
points to a private server that requires authentication.
|
|
required: false
|
|
default: ""
|
|
runs:
|
|
using: node24
|
|
main: dist/index.js
|