4.8.0.2856 | docker pull icr.io/ibmz/sonar-scanner-cli-docker@sha256:9473d8ab39c42e1fee0f7f3980f8a531ec76120d75406745b2cd52fd84d44a9d | Vulnerability Report | 10-18-2023 | 4.7.0.2747 | docker pull icr.io/ibmz/sonar-scanner-cli-docker@sha256:7496f957afbf575bfcb0bc7d83c36ffadb5f9d2e98c8a11ec7ad4eca5315ee5c | Vulnerability Report | 10-18-2023 |
Version | Pull String | Security (IBM Cloud) | Created |
---|---|---|---|
Start a icr.io/ibmz/sonarqube:8.5.1.38104 container.
Wait about 40 seconds for SonarQube to be ready before attempting to perform static code analysis.
Create a Docker volume place your source code, and a sonar-project.properties file in the root directory of that volume.docker volume namedvolume
Contents of sonar-project.properties
sonar.projectKey=arbitrary.project.key
sonar.projectName=name of your project
sonar.sources=/usr/src
sonar.language=Language the source code is written in
sonar.sourceEncoding=encoding (ie., UTF-8)>
Check that SonarQube is ready.
curl -u admin:admin http://[host/ip where sonarqube is running]:[port]/api/system/health
Example Results
Total % Received % Xferd Average Speed Time Time Current
Dload Upload Total Spent Speed
100 30 100 30 0 0 41 0 --:--:-- --:--:-- 41{"health":"GREEN","causes":[]}
Run SonarScanner CLI to perform static code analysis on your code.
docker run --rm \
-e SONAR_HOST_URL="http://[host/ip where sonarqube is running]:[port]" \
-v [namedvolume]:/usr/src \
icr.io/ibmz/sonar-scanner-cli-docker:[tag]