cicd/sonarqube-scan-action
1
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-06-02 15:50:52 +03:00
Code Issues Packages Projects Releases Wiki Activity

SQSCANGHA-146 Add proxy support for GPG keyserver access (#244)

Browse Source 
Co-authored-by: Marius Boden <marius.boden@xebia.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Julien HENRY
2026-05-19 09:11:36 +02:00
committed by GitHub
parent c444753899
commit 56568530ed
13 changed files with 288 additions and 57802 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+2
View File
@@ -213,6 +213,8 @@ By default, the action verifies the OpenPGP signature of the SonarScanner CLI bi
> [!NOTE]
> Signature verification requires `gpg` and `dirmngr` to be installed on the runner. GitHub-hosted runners include both, but some self-hosted runners or containers may not.
>
> If your runner accesses the internet through a proxy, the action automatically picks up the `HTTPS_PROXY` or `https_proxy` environment variable when fetching the public key from the keyserver. `HTTP_PROXY` is intentionally not used as a fallback, since keyservers are accessed over TLS (`hkps://`).
>
> **Version history:**
> - Introduced in **v7.2** with a default value of `true` to avoid breaking existing workflows on runners without `dirmngr`.
> - Changed to `false` by default in **v8** (breaking change). If your runner does not have `gpg` or `dirmngr` installed, set this option to `true` explicitly.