diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
index 8fcb253daf78f3fe65c13f54eab192590b56f170..7177afc848dad9adcb7624df9e73ab8a19a7c91a 100644
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -20,7 +20,7 @@ RUN apt-get update \
&& apt-get -y install --no-install-recommends git procps lsb-release \
#
# Install project-specific tools
- && apt-get -y install --no-install-recommends ca-certificates wget \
+ && apt-get -y install --no-install-recommends ca-certificates wget xz-utils \
#
# Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user.
&& groupadd --gid $USER_GID $USERNAME \
@@ -36,14 +36,18 @@ RUN apt-get update \
&& rm -rf /var/lib/apt/lists/*
# Configure hadolint
-ARG HADOLINT_VERSION=v1.17.1
+ARG HADOLINT_VERSION=v1.17.2
RUN wget -O /usr/local/bin/hadolint https://github.com/hadolint/hadolint/releases/download/${HADOLINT_VERSION}/hadolint-Linux-x86_64 \
&& chmod +x /usr/local/bin/hadolint
# Configure shellcheck
ARG SHELLCHECK_VERSION=latest
-RUN wget -O /usr/local/bin/shellcheck https://shellcheck.storage.googleapis.com/shellcheck-${SHELLCHECK_VERSION}.linux.x86_64.tar.xz \
- && chmod +x /usr/local/bin/shellcheck
+RUN wget -O /opt/shellcheck-${SHELLCHECK_VERSION}.tar.xz https://shellcheck.storage.googleapis.com/shellcheck-${SHELLCHECK_VERSION}.linux.x86_64.tar.xz \
+ && cd /opt \
+ && tar -xf shellcheck-${SHELLCHECK_VERSION}.tar.xz \
+ && rm shellcheck-${SHELLCHECK_VERSION}.tar.xz \
+ && chmod +x /opt/shellcheck-${SHELLCHECK_VERSION}/shellcheck \
+ && ln -s /opt/shellcheck-${SHELLCHECK_VERSION}/shellcheck /usr/local/bin/shellcheck
# Switch back to dialog for any ad-hoc use of apt-get
ENV DEBIAN_FRONTEND=''
diff --git a/.hadolint.yaml b/.hadolint.yaml
index b138ee2ce5e8c80a57702443bacecb6ffab5f6da..08c8a50b7f09ed1ed1c10d692827be2fa5bb7bae 100644
--- a/.hadolint.yaml
+++ b/.hadolint.yaml
@@ -1,3 +1,4 @@
---
ignored:
+ - DL3003
- DL3008
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index d27c2d0adff38e54467e09d4cb2ece4c30e38033..98c25eaf4b3c2a62c8c1ca96e021082deebfbcbe 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,7 +10,7 @@ ARG USER_GID=$USER_UID
# Install packages
RUN apt-get update \
- && apt-get -y install --no-install-recommends ca-certificates git nodejs unzip wget \
+ && apt-get -y install --no-install-recommends ca-certificates git nodejs unzip wget xz-utils \
# Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user.
&& groupadd --gid $USER_GID $USERNAME \
&& useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \
@@ -29,8 +29,12 @@ RUN wget -O sonar-scanner-cli.zip https://binaries.sonarsource.com/Distribution/
# Configure shellcheck
ARG SHELLCHECK_VERSION=latest
-RUN wget -O /usr/local/bin/shellcheck https://shellcheck.storage.googleapis.com/shellcheck-${SHELLCHECK_VERSION}.linux.x86_64.tar.xz \
- && chmod +x /usr/local/bin/shellcheck
+RUN wget -O /opt/shellcheck-${SHELLCHECK_VERSION}.tar.xz https://shellcheck.storage.googleapis.com/shellcheck-${SHELLCHECK_VERSION}.linux.x86_64.tar.xz \
+ && cd /opt \
+ && tar -xf shellcheck-${SHELLCHECK_VERSION}.tar.xz \
+ && rm shellcheck-${SHELLCHECK_VERSION}.tar.xz \
+ && chmod +x /opt/shellcheck-${SHELLCHECK_VERSION}/shellcheck \
+ && ln -s /opt/shellcheck-${SHELLCHECK_VERSION}/shellcheck /usr/local/bin/shellcheck
# Switch back to dialog for any ad-hoc use of apt-get
ENV DEBIAN_FRONTEND=''
@@ -38,9 +42,9 @@ ENV DEBIAN_FRONTEND=''
## Note to editors: Make sure name of USER and its WORKDIR path matches with
## the value of USERNAME above
USER sonar
-WORKDIR /home/sonar
+WORKDIR /home/sonar/workspace
-CMD ["/bin/bash"]
+ENTRYPOINT ["sonar-scanner"]
# Container image metadata
## Note to editors: metadata values for `created`, `version`, and `revision`
diff --git a/README.md b/README.md
index 44549a25a76cb10a213a1a2bfb107f1a7680b078..371a791d0d492bc7cdbb4cd8a9a0bbeeab896290 100644
--- a/README.md
+++ b/README.md
@@ -2,11 +2,57 @@
> Sonar Scanner CLI bundled in a container image.
+## Usage
+
+First, you need to have a SonarScanner properties file (e.g. [`sonar-project.properties`](sonar-project.properties))
+in current working directory. Make sure to avoid putting sensitive information
+or values that might change over time in the properties file such as SonarQube's
+authentication token. Those kind of values and configuration can be passed
+into SonarScanner via CLI prompt.
+
+To run the container image locally using Docker:
+
+```bash
+docker run -v $(pwd):/home/sonar/workspace addianto/sonar-scanner-cli:latest [sonar-scanner options]
+```
+
+Example:
+
+```bash
+docker run -v $(pwd):/home/sonar/workspace addianto/sonar-scanner-cli:latest -Dsonar.host.url=https://pmpl.cs.ui.ac.id/sonarqube -Dsonar.login=[REDACTED]
+```
+
+> Note: It is also possible to pass all possible SonarScanner's properties
+> via CLI options. YMMV.
+
+To use the container image as a base image for a CI job on GitLab CI/CD:
+
+```yaml
+SonarScanner Analysis:
+ image: addianto/sonar-scanner-cli:latest
+ # Ideally you want to run SonarScanner after the test suite has generated
+ # test & coverage report. The following is only an example to run
+ # SonarScanner concurrently with CI job(s) in `test` stage.
+ stage: test
+ script:
+ # Obtain the host and token from GitLab CI environment variables
+ - sonar-scanner
+ -Dsonar.host.url=$SONARQUBE_HOST
+ -Dsonar.login=$SONARQUBE_TOKEN
+ only:
+ # Perform SonarScanner analysis only on `master` branch
+ - master
+```
+
## Maintainers
- [Daya Adianto](https://gitlab.com/addianto)
## License
-Copyright (c) 2019 Faculty of Computer Science Universitas Indonesia. Licensed
-under the [GNU Lesser General Public, Version 3.0](LICENSE).
+[SonarScanner CLI](https://github.com/Sonarsource/sonar-scanner-cli) is a
+product of [SonarSource](https://www.sonarsource.com) and licensed under the
+[GNU Lesser General Public License, Version 3.0](http://www.gnu.org/licenses/lgpl.txt).
+
+The Dockerfiles and associated scripts found in this project are licensed under
+the [GNU Lesser General Public License, Version 3.0](LICENSE).