docker build --tag scanner-cli-local .With a SonarQube (SQ) running on default configuration (http://localhost:9000), the following will analyze the project in the directory /path/to/project:
docker run -it -v "/path/to/project:/usr/src" --network="host" -e SONAR_HOST_URL=http://localhost:9000 scanner-cli-localTo analyze the project in the current directory:
docker run -it -v "$PWD:/usr/src" --network="host" -e SONAR_HOST_URL=http://localhost:9000 scanner-cli-localCreate a network and boot SonarQube:
docker network create "scanner-sq-network"
docker run --network="scanner-sq-network" --name="sq" -d sonarqubeAnd run the scanner:
# make sure SQ is up and running
docker run -e SONAR_HOST_URL=http://sq:9000 --network="scanner-sq-network" -it -v "/path/to/project:/usr/src" scanner-cli-localOn Mac, host.docker.internal should be used instead of localhost.
To analyze the project located in /path/to/project, execute:
docker run -e SONAR_HOST_URL=http://host.docker.internal:9000 -it -v "/path/to/project:/usr/src" scanner-cli-localTo analyze the project in the current directory, execute:
docker run -e SONAR_HOST_URL=http://host.docker.internal:9000 -it -v "$(pwd):/usr/src" scanner-cli-localCreate a network and boot SonarQube:
docker network create "scanner-sq-network"
docker run --network="scanner-sq-network" --name="sq" -d sonarqubeAnd run the scanner:
# make sure SQ is up and running
docker run -e SONAR_HOST_URL=http://sq:9000 --network="scanner-sq-network" -it -v "/path/to/project:/usr/src" scanner-cli-localThe QA process is handled on .cirrus.yml, which is responsible for the following:
- linting the Dockerfile to make sure it complies with best practices
- build the image
- test the image by running a scan on a sample project
- run scans to find potential vulnerabilities