Additional analysis parameters are listed on the Analysis Parameters page.
Since SonarQube 3.7, any user who's granted Execute Analysis permission can run an analysis.
If the Anyone group is not granted Execute Analysis permission or if the SonarQube instance is secured (the
sonar.forceAuthentication property is set to
true), the credentials of a user having been granted Execute Analysis permission have to be provided through the
sonar.password properties. Example:
sonar-runner -Dsonar.login=myLogin -Dsonar.password=myPassword
SonarQube 3.4 to 3.6.3
From SonarQube 3.4 to 3.6.3, if a project cannot be accessed anonymously, the the
sonar.login and and
sonar.password properties properties are required to run an analysis on this project. These properties have to be set to the credentials of a user having the the User role role on this project. You can set them either:
- directly on the command line by adding adding
-Dsonar.login=myUser myLogin -Dsonar.password=myPassword
- or in the pomthe build.xml file
- or in the Maven profile (settings.xml file)
A project cannot be anonymously accessed when either:
- the the
sonar.forceAuthenticationproperty property is set to to
- or the the
sonar.forceAuthenticationproperty property is set to 'false' and the Anyone group to
falseand the Anyone group has not been granted a a User role role on the project
Prior to SonarQube 3.4
There is no security restriction.