Skip to main content

Configuring SonarQube for Use with Proxy

This section explains how to configure the SonarQube plugin to work with proxy.

Notice

  • The proxy is set in the SonarQube plugin and not in the SonarQube server.

  • The cx.proxyBypass JVM property can be defined to avoid proxy usage for SAST communication from MVN. This applies to the Sonar scanner and the SonarQube Web portal.

Setting the Proxy Using the SonarQube CLI Scanner

To set up the proxy:

  1. Verify that SonarQube is up and running and that the Checkmarx plugins are located in sonarqube-versionxx\extensions\plugins\.

  2. Verify that the proxy server is set up.

  3. Open the command line interface (CMD) and enter the following command:

    set SONAR_SCANNER_OPTS=-Dhttp.proxyHost="10.32.5.159" -Dhttp.proxyPort=11110

    Parameter

    Description

    Dhttp.proxyHost

    The host name of the proxy server

    Dhttp.proxyPort

    The port number configured in the squid configuration

    C:\Users\rihank\Downloads\BookStore_Small_CLI>set SONAR_SCANNER_OPTS=-Dhttp.proxyHost="10.32.5.159" -Dhttp.proxyPort=11110
    C:\Users\rihank\Downloads\BookStore_Small_CLI>cd "C:\Users\rihank\Downloads\BookStore_Small_CLI" && "C:\Users\rihank\Downloads\sonar-scanner-cli-4.3.0.2102-windows\sonar-scanner-4.3.0.2102-windows\bin\sonar-scanner.bat" -Dsonar.projectKey=wer -Dsonar.sources=. -Dsonar.host.url=http://localhost:9000
  4. Execute the SonarQube CLI scanner command without adding the proxy attributes.

  5. Check the proxy logs and verify that the data transfer has been logged.

Setting the Proxy Using the SonarQube Maven Scanner

To set up the proxy:

  1. Verify that the SonarQube project has been created and is linked to the CxSAST server.

  2. Enter the Maven scanner command:

mvn sonar:sonar -Dhttp.proxyHost=<proxy host name> -Dhttp.proxyPort=<proxy http port defined>

Parameter

Description

Dhttp.proxyHost

The proxy host name defined, for example 10.32.5.159

Dhttp.proxyPort

the proxy port defined in the server, for example 11110

The following illustrates and example for a SonarQube Maven scanner:

mvn sonar:sonar -Dhttp.proxyHost=10.32.5.159 -Dhttp.proxyPort=11110