SonarQube server with the Checkmarx plugin. Based on the official docker image from here. By default, the image will use an embedded H2 database that is not suited for production. To configure an external DB check the official reference.
No special options are required to build the image: docker build -t cxai/cxsonarqube .
docker run --name sonarqube -d --rm -p 9000:9000 -p 9092:9092 -v sonarqube:/opt/sonarqube/data cxai/cxsonarqube
- Login as admin/admin
- Create a project. Click on the project, go to Administration -> Checkmarx and configure server URL/credentials. Pick the Cx project.
- Get the sonar scanner for your platform
- Create a scan token
- Run the sonarqube scan
sonar-scanner -Dsonar.projectKey=projectKey -Dsonar.sources=. -Dsonar.host.url=http://localhost:9000 -Dsonar.login=yourScanToken