Configure SSL for SonarQube on Windows


The documentation for SonarQube explains how to configure SSL when you're running on Linux and how to use the native Tomcat functionality for a simple test environment, yet they recommend not to use this functionality in any production like setting.

Instead SonarQube recommends the use of a Reverse Proxy to secure you sonar installation. With the help of IIS and the Url Rewrite module, that's a piece of cake to setup.

What you'll need:

After installing and enabling these features, I had to do an IIS Reset and re-open the IIS Manager for all features to start working.

Next we'll go through the steps to configure the reverse proxy.

Binary promotion of Visual Studio Team Service Extension


When creating a Visual Studio Team Services extension (such as a collection of build tasks), it makes sense to publish it as a private extension first. You can do this by overwriting the extensionid from the commandline, but there is no direct commandline switch to override the visibility of an extension. I used to patch the extension manifest, but today finally uncovered the correct way of doing it.

It turns out that the TFS cross platform commandline (tfx) has a --override option which you can pass a piece of json to which will override any json in the extension.

So if your standard publish command looks like this:

tfx extension publish --extension-id vsts-tfvc-tasks --publisher jessehouwing --vsix package.vsix

Then the command to publish the private test version would look like this:

tfx extension publish --extension-id vsts-tfvc-tasks-TEST --publisher jessehouwing --override "{""gallerySpecs"": [ ""Private"", ""Preview""], ""public"": false }" --share-with jessehouwing

Instead of passing the json on the commandline, you can also specify an --overridesFile.

Or, on the safer side, make the extension-manifest you commit to your source control repository always do a private preview release, and then use the --override option to merge the real publish settings.

Note: ensure you escape every double quote in the JSON by doubling it up.

Now I can setup a Visual Studio Release Management template to publish the tasks, test against my personal account and then promote that vsix unmodified to the marketplace. But that's for the another blog.


Most Reading