- Checkmarx Documentation
- SAST/SCA Integrations
- CI/CD Plugins
- SonarQube Plugin
- Configuring the SonarQube Plugin
- Configuring SonarQube for Use with Proxy
Configuring SonarQube for Use with Proxy
This section explains how to configure the SonarQube plugin to work with proxy.
Notice
The proxy is set in the SonarQube plugin and not in the SonarQube server.
The cx.proxyBypass JVM property can be defined to avoid proxy usage for SAST communication from MVN. This applies to the Sonar scanner and the SonarQube Web portal.
Setting the Proxy Using the SonarQube CLI Scanner
To set up the proxy:
Verify that SonarQube is up and running and that the Checkmarx plugins are located in sonarqube-versionxx\extensions\plugins\.
Verify that the proxy server is set up.
Open the command line interface (CMD) and enter the following command:
set SONAR_SCANNER_OPTS=-Dhttp.proxyHost="10.32.5.159" -Dhttp.proxyPort=11110
Parameter
Description
Dhttp.proxyHost
The host name of the proxy server
Dhttp.proxyPort
The port number configured in the squid configuration
C:\Users\rihank\Downloads\BookStore_Small_CLI>set SONAR_SCANNER_OPTS=-Dhttp.proxyHost="10.32.5.159" -Dhttp.proxyPort=11110 C:\Users\rihank\Downloads\BookStore_Small_CLI>cd "C:\Users\rihank\Downloads\BookStore_Small_CLI" && "C:\Users\rihank\Downloads\sonar-scanner-cli-4.3.0.2102-windows\sonar-scanner-4.3.0.2102-windows\bin\sonar-scanner.bat" -Dsonar.projectKey=wer -Dsonar.sources=. -Dsonar.host.url=http://localhost:9000
Execute the SonarQube CLI scanner command without adding the proxy attributes.
Check the proxy logs and verify that the data transfer has been logged.
Setting the Proxy Using the SonarQube Maven Scanner
To set up the proxy:
Verify that the SonarQube project has been created and is linked to the CxSAST server.
Enter the Maven scanner command:
mvn sonar:sonar -Dhttp.proxyHost=<proxy host name> -Dhttp.proxyPort=<proxy http port defined>
Parameter | Description |
|---|---|
Dhttp.proxyHost | The proxy host name defined, for example 10.32.5.159 |
Dhttp.proxyPort | the proxy port defined in the server, for example 11110 |
The following illustrates and example for a SonarQube Maven scanner:
mvn sonar:sonar -Dhttp.proxyHost=10.32.5.159 -Dhttp.proxyPort=11110