You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

The Blueriq Sonar Scanner can be configured by creating an application.properties file and passing it either as an command line argument with --spring.config.location=file:application.properties or placing it next to the Blueriq Sonar Scanner. See Run analysis on how to run an analysis.

Through this property file, both Blueriq Sonar Scanner properties and SonarQube Analysis Parameters can be configured.

Blueriq Sonar Scanner Properties

Property

Required

Default

Description

blueriq.scanner.scanName

Required
The name of the analysis which will be used in SonarQube, A scan name may only contain letters, numbers, underscores and hyphens

blueriq.scanner.repository

Required

Name of the repository

blueriq.scanner.branch

Required

Name of the branch

blueriq.scanner.projectsRequired
A comma separated list of Blueriq project names

blueriq.scanner.studio.managementServiceUrl

Required for management service

Url to the management service, if this property is set then all other management service properties must also be set. If this is not set, then the branch export location must be set.

blueriq.scanner.studio.authenticationType

Required for management serviceBASIC

Since 6.7, choose one of either BASIC, OIDC_PASSWORD or OIDC_CLIENT_CREDENTIALS for this property. BASIC corresponds to the method used before 6.7, but note that BASIC is deprecated and may no longer be supported in a future version.

OIDC_PASSWORD most closely resembles BASIC, like BASIC it requires the username and password of a Studio user. In addition it also requires a tokenUrl, clientId and clientSecret which are used to request an access token on behalf of the user.

OIDC_CLIENT_CREDENTIALS offers an alternative to using the credentials of a regular user. It requires a tokenUrl, clientId and clientSecret. No username or password are required. To use this option, you must have created a client for the BMA Sonar Scanner via User Management (Keycloak). Once that is done, you can connect to the Studio backend using only the client credentials of the BMA client.


blueriq.scanner.studio.tokenUrl

Required for management service when using an OIDC authentication type

Since 6.7, the url from which a token can be requested when using an OIDC authentication type, for example: STUDIO_URL/Keycloak/realms/BlueriqStudio17/protocol/openid-connect/token

blueriq.scanner.studio.clientId

Required for management service when using an OIDC authentication type

Since 6.7, the id of the OIDC client

blueriq.scanner.studio.clientSecret

Required for management service when using an OIDC authentication type

Since 6.7, the secret of the OIDC client

blueriq.scanner.studio.username

Required for management service

Studio username credential

blueriq.scanner.studio.password

Required for management service

Studio password credential

blueriq.scanner.studio.timeoutInSecondsOptional60If the calls to the management service timeout you can increase the timeout via this property.
blueriq.scanner.export.locationRequired for export file
Location of a branch export zip from the studio, if this is set then the managementservice property must not be set. When the export location is set to a relative path, it will loaded from the location of the application.properties
blueriq.scanner.workDirOptionaltargetRelative path inside the executing directory where the BMA plugin creates files to index issues and measures.
blueriq.scanner.debugOptional
Enables the verbose mode of SonarQube for additional debugging information.
sonar.blueriq.licenseOptional
License key string which can be found in the license.aql file.
sonar.blueriq.test-exclusion.business-rulesOptional
A comma separated list of business rule element names to exclude from test coverage.
sonar.blueriq.test-exclusion.decision-tablesOptional
A comma separated list of decision table element names to exclude from test coverage.
sonar.loginRequired
Sonarqube user token or username
sonar.passwordOptional
Password field is deprecated since Sonarqube 9.9 LTS and is going to be removed in next release. It is advised to move to token based login. Sonarqube password when the username instead of user token is used for sonar.login

SonarQube Analysis Parameters

An overview of all SonarQube Analysis Parameters can be found here. These parameters can be added to the same property file as the Blueriq Sonar Scanner properties.

Encrypting the studio password

By passing the password as a command line argument (using --blueriq.scanner.studio.password=PASSWORD where PASSWORD is replaced by the actual password) you can encrypt the password using an external tool in your CI. The following page contains an example on how to configure this in Jenkins using the credentials binding plugin:
Using secrets in Jenkins and other CI tooling should offer similar capabilities. Alternatively, the environment variable BLUERIQ_SCANNER_STUDIO_PASSWORD environment variable can be set instead of a command line argument.

  • No labels