SonarQube is one of the popular static code analysis tools. SonarQube enables developers to write cleaner, safer code. SonarQube is
open-source, Java based tool. SonarQube uses database for storing analysis results. Database can be MS SQL, Oracle or PostgreSQL. We will use PostgreSQL
as it is open source as well.
Please find steps for installing SonarQube on Ubuntu 18.0.4 in AWS Cloud. Make sure port 9000 is opened in security group(firewall rule).
Pre-requisites:
Instance should have at least 2 GB RAM. For AWS, instance should be atleast t2.small
SonarQube Architecture
1. Scanner - This contains scanner and analyser to scan application code.
2. SonarQube server - contains Webserver(UI) and search server
3. DB server - used for storing the analysis reports.
Let us start with java install (skip java install if you already have it installed)
Install Open JDK 11
sudo apt-get update && sudo apt-get install default-jdk -y
Postgres Installation
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/
sudo apt-get -y install postgresql postgresql-contrib
Ignore the message in red color below:
sudo systemctl start postgresql
sudo systemctl enable postgresql
Login as postgres user
sudo su - postgres
Now create a user below by executing below command
sudo su - postgres
createuser sonar
9. Switch to sql shell by entering
psql
9. Switch to sql shell by entering
psql
Execute the below three lines (one by one)
ALTER USER sonar WITH ENCRYPTED password 'password';
CREATE DATABASE sonarqube OWNER sonar;
GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;
\q
type exit to come out of postgres user.
3. Download SonarQube and Install
sudo apt-get -y install unzip
sudo unzip sonarqube*.zip -d /opt
sudo mv /opt/sonarqube-8.6.0.39681 /opt/sonarqube -v
Create Group and User:
sudo groupadd sonarGroup
Now add the user with directory access
sudo useradd -c "user to run SonarQube" -d /opt/sonarqube -g sonarGroup sonar
sudo chown sonar:sonarGroup /opt/sonarqube -R
sudo vi /opt/sonarqube/conf/sonar.prop
uncomment the below lines by removing # and add values highlighted yellow
sonar.jdbc.username=sonar
sonar.jdbc.password=password
sonar.jdbc.url=jdbc:postgresql
Press escape, and enter :wq! to come out of the above screen.
Edit the sonar script file and set RUN_AS_USER
sudo vi /opt/sonarqube/bin/linux-x86-64/sonar.sh
Add enable the below line
RUN_AS_USER=sonar
Create Sonar as a service(this will enable to start automatically when you restart the server)
Execute the below command:
sudo vi /etc/systemd/system/sonar.serv
add the below code in green color:
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/l
ExecStop=/opt/sonarqube/bin/li
LimitNOFILE=131072
LimitNPROC=8192
User=sonar
Group=sonarGroup
Restart=always
[Install]
WantedBy=multi-user.target
Save the file by entering :wq!
Kernel System changes
we must make a few modifications to a couple of kernel system limits files for sonarqube to work.
sudo vi /etc/sysctl.conf
Add the following lines to the bottom of that file:
vm.max_map_count=262144
fs.file-max=65536
Next, we're going to edit limits.conf. Open that file with the command:
sudo vi /etc/security/limits.conf
At the end of this file, add the following:
At the end of this file, add the following:
sonar - nofile 65536
sonar - nproc 4096
Reload system level changes without server boot
sudo sysctl -p
Start SonarQube Now
sudo systemctl start sonar
sudo systemctl enable sonar
sudo systemctl status sonar
type q now to come out of this mode.
Now execute the below command to see if Sonarqube is up and running. This may take a few minutes.
sudo systemctl status sonar
Now execute the below command to see if Sonarqube is up and running. This may take a few minutes.
check the Sonar logs to make sure there is no error:
tail -f /opt/sonarqube/logs/sonar*.log
Make sure you get the below message that says sonarqube is up..
tail -f /opt/sonarqube/logs/sonar*.log
Make sure you get the below message that says sonarqube is up..
Now access sonarQube UI by going to browser and enter public dns name with port 9000
Now to go to browser --> http://your_SonarQube_publicdns_name:9000
Please follow steps for integrating SonarQube with Jenkins
https://www.coachdevops.com/2020/04/how-to-integrate-sonarqube-with-jenkins.html
https://www.coachdevops.com/2020/04/how-to-integrate-sonarqube-with-jenkins.html
