Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagenone
sonar-runner

Security

...

SonarQube 3.7+

Since SonarQube 3.7, any user who's granted Execute Analysis permission can run an analysis.

If the Anyone group is not granted Execute Analysis permission or if the SonarQube instance is secured (the sonar.forceAuthentication property is set to true), the credentials of a user having been granted Execute Analysis permission have to be provided through the sonar.login and sonar.password properties. Example: sonar-runner -Dsonar.login=myLogin -Dsonar.password=myPassword

SonarQube 3.4 to 3.6.3

From SonarQube 3.4 to 3.6.3, if a project cannot be accessed anonymously, the  the sonar.login and  and sonar.password properties  properties are required to run an analysis on this project. These properties have to be set to the credentials of a user having the 'the User' role  role on this project. You can set them either:

  • directly on the command line by adding adding -Dsonar.login=myUser myLogin -Dsonar.password=myPassword
  • in the sonar-project.properties project configuration file
  • in the sonar-runner.properties global configuration file
  • or in the build.xml file

A project cannot be anonymously accessed when either:

...

...

  •  property is set

...

  • to true
  • or

...

...

  •  property is set

...

  • to false

...

  •  and the Anyone

...

  •  group has not been granted

...

  • User

...

  •  role on the project
Prior to SonarQube 3.4

There is no security restriction.

Project Samples

To help you get started, simple project samples are available for most languages on github. They can be browsed or downloaded. You'll find them filed under projects/languages.

...