Create Dockerfile.sonarscanner:3.0.3-alpine

[vyo]

An alpine-variant of the image for people into wanting to reduce disk footprint a tad - it's ~380MB vs the ~840MB of the default one.

Note:

• uses the alpine provided java instead of the bundled one (muslc vs. glibc)
• does not provide a sonar.properties since we run those scans on demand and pass on arguments as needed

Have at it if you're interested, open to suggestions!

[newtmitch]

Thanks for the PR Manuel! I think this will be a great thing to include in the repo - I like the idea of a smaller footprint where possible.

When you pass arguments to the container are you doing so using the same method that I use in my repo's original scanner image? If so, I might make that change to your image as well just to keep the two consistent, as you can always override the values in the properties file at runtime...

[newtmitch]

Okay, I worked out the command line to move this from an included server.properties file (like with my build) to the approach you're taking here. Although I still like having the included server.properties an overriding only those parameters you need to via command line, I should also include this full command line in the README for completeness. Additionally, I should provide an updated version of my Scanner image with a version that matches this new Dockerfile, 3.0.3.

I'll merge this in for now and reorganize the project directory-wise once I decide the best way to go about that while not breaking too much stuff unnecessarily. :)

[newtmitch]

Hey @vyo - not sure what the typical etiquette is here but I left your MAINTAINER line as you provided it. Would that usually be something I'd update to my info since it's in the same repo as mine, or are you fine with me leaving it how it is?

[newtmitch]

Also @vyo - interested if this is standard practice for sonar-scanner itself or what the foundation of this line is so I can figure out if it's something I should do for my builds as well:

#   ensure Sonar uses the provided Java for musl instead of a borked glibc one
RUN sed -i 's/use_embedded_jre=true/use_embedded_jre=false/g' /sonar-scanner-3.0.3.778-linux/bin/sonar-scanner

Using what you did here, I'm adding alpine versions of my 2.5.1 scanner build (for backwards compatibility) as well as updating this Dockerfile to include my premade/easy-bake properties file as a default. Thanks again.

[vyo]

@newtmitch Oh my that was quick! If you want to continue to maintain the Dockerfile I'd suggest you put your name on it; I'd have the occasional look and submit a PR if need be.

The magic sed line is due to sonar-scanner bundling a java binary built against glibc which doesn't work on alpine which is using muslc. Unfortunately the sonar-scanner script forces the use of the bundled incompatible java so I had to force it to not enforce it =P

Thanks for the work, already getting some decent mileage out of it!

[newtmitch]

@vyo Ahh, great detail - thanks for adding that. I redid the project layout a bit as well as updated my Docker Hub repos for this stuff and made the 3.0.3 scanner the default tag for the image. Also included a 2.x alpine build in case anyone still needed the older version.

I noticed the results from 2.x to 3.x were different when I scanned my little sample project locally, so I'm guessing 3.x has some updates to make it more relevant. Good stuff.

I updated the maintainer entries for your alpine Dockerfile, so no worries there, thanks for the guidance/work.

With your info for this note, I need to go back and confirm that my 2.5 scanner build works as it's currently missing that sed call - not sure if the JRE binary in that scanner build is problematic or not, but it should be easy to test out...