Installing and Running a Sonar Server - cloudeguru/How-To-Install GitHub Wiki
In this document we will see a step by step guide on how to install Sonatype and run a sonar server on Ubuntu OS
What is SonarQube?
SonarQube is an open-source platform used for continuous inspection of code quality to perform automatic reviews with static code analysis to detect bugs, code smells, and security vulnerabilities in your codebase. It provides insights into the health and maintainability of your code, helping teams deliver better software.
Role of SonarQube in CI/CD:
In a CI/CD pipeline, SonarQube plays several crucial roles:
Code Quality Analysis:
SonarQube analyzes your codebase and provides detailed reports on code quality metrics, such as code duplication, complexity, and maintainability.
Bugs and Vulnerabilities Detection:
SonarQube identifies potential bugs, security vulnerabilities, and code smells in your code, allowing developers to address them early in the development process.
Integration with CI/CD Tools:
SonarQube integrates seamlessly with popular CI/CD tools like Jenkins, GitLab CI/CD, and Azure DevOps, enabling automatic code analysis as part of the build and deployment process.
Continuous Feedback:
By integrating SonarQube into CI/CD pipelines, teams receive continuous feedback on code quality, allowing them to make informed decisions and prioritize technical debt reduction efforts.
Installation Steps:
-
Run a ubuntu instance and login to it.
-
Update the repositories by running
sudo apt-get update
- Install Open JDK 17 using below command.
sudo apt-get install openjdk-17-jre
-
SonarQube needs a database . We will install PostgreSQL .
-
First add GPG key of PostgreSQL repository by running following command
`wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -` -
Add the PostgreSQL repository for Ubuntu
`sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'`
3. Now let's update ubuntu repository package index `sudo apt-get update`-
Let's install PostgreSQl 15 by running below command
`sudo apt install postgresql-15` -
Check if Postgresql service is enabled by running below command. It should show enabled
`sudo systemctl is-enabled postgresql` -
Check if Postgresql service status running below command. It should show the status
`sudo systemctl status postgresql`
-
7. Now we need to create database and user for SonarQube. Let's login to to the PostgreSQL shell using below command.
`sudo -u postgres psql`
-
Now, run the following PostgreSQL queries to create a new database and user for SnonarQube. In this example, you will create the PostgreSQL database and user 'sonarqube'.
`CREATE USER sonarqube WITH PASSWORD 'Password';` `CREATE DATABASE sonarqube OWNER sonarqube;` `GRANT ALL PRIVILEGES ON DATABASE sonarqube TO sonarqube;` -
Now lets check the database and users
` \l` ` \du`
-
Logout from PostgreSQL shell using below command.
\q -
Now lets install SonarQube
-
SonarQube needs dedicated user. Run below command to create a User
sudo useradd -b /opt/sonarqube -s /bin/bash sonarqube -
The SonarQube required the kernel parameter vm.max_map_count to be greater than '524288' and the fx.file-max to be greater than '131072'. Lets open the /etc/sysctl.conf file in VIM editor and add below properties and save the file.
sudo vim /etc/sysctl.conf
Properties: vm.max_map_count=524288 fs.file-max=131072
-
Run the sysctl command below to apply new changes on the '/etc/sysctl.conf' file.
sudo sysctl --system
-
Create a new config file '/etc/security/limits.d/99-sonarqube.conf' using the following command.
sudo vim /etc/security/limits.d/99-sonarqube.conf
and add below configuration to that file
sonarqube - nofile 131072
sonarqube - nproc 8192
-
Install unzip and wget using below command.
sudo apt-get install unzip wget
-
Download SonarQube package using below command
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-9.9.5.90363.zip
- Unzip Sonarqube zip file
sudo unzip sonarqube-9.6.1.59531.zip
- Move the directory 'sonarqube-9.6.1.59531' to the '/opt/sonarqube' using the below command.
sudo mv sonarqube-9.6.1.59531 /opt/sonarqube
-
Change the ownership of the SonarQube installation directory '/opt/sonarqube' to the user 'sonarqube' via the chown command as below.
sudo chown -R sonarqube:sonarqube /opt/sonarqube
-
First lets add the Postgre database details into SonarQube properties by editing /opt/sonarqube/conf/sonar.properties
sudo vim /opt/sonarqube/conf/sonar.properties
and add below details
sonar.jdbc.username=sonarqube sonar.jdbc.password=Password
sonar.jdbc.url=jdbc:postgresql://localhost:5432/sonarqube
comment below property #sonar.search.javaOpts
Uncomment below properties
sonar.web.host=127.0.0.1 sonar.web.port=9000 sonar.web.javaAdditionalOpts=-server
sonar.log.level=INFO sonar.path.logs=logs
11. Now, we will set up the systemd service file for SonarQube by using the systemctl command. Run the following command to create a new systemd service file '/etc/systemd/system/sonarqube.service'. `sudo vim /etc/systemd/system/sonarqube.service`add the below content to the file.
[Unit] Description=SonarQube service After=syslog.target network.target [Service] Type=forking ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop User=sonarqube Group=sonarqube Restart=always LimitNOFILE=65536 LimitNPROC=4096[Install] WantedBy=multi-user.target
-
Reload the systemd manager by using the following command.
sudo systemctl daemon-reload -
Start the SonarQube service by running below command
`sudo systemctl start sonarqube.service`- Enable the service
`sudo systemctl enable sonarqube.service`- Check the status of SonarQube by running below command
`sudo systemctl status sonarqube`- Open your browser and type http:host-ip:9000. You should something like below if your sonar-server is up and running.
-
- The default username and password is admin/admin. Login using admin/admin and reset your password.
To install sonar along with postgresql and a proxy server Nginx use below shell script in your AWS instance user data.
#!/bin/bash
cp /etc/sysctl.conf /root/sysctl.conf_backup
cat <<EOT> /etc/sysctl.conf
vm.max_map_count=262144
fs.file-max=65536
ulimit -n 65536
ulimit -u 4096
EOT
cp /etc/security/limits.conf /root/sec_limit.conf_backup
cat <<EOT> /etc/security/limits.conf
sonarqube - nofile 65536
sonarqube - nproc 409
EOT
sudo apt-get update -y
sudo apt-get install openjdk-11-jdk -y
sudo update-alternatives --config java
java -version
sudo apt update
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
sudo apt install postgresql postgresql-contrib -y
sudo systemctl enable postgresql.service
sudo systemctl start postgresql.service
sudo echo "postgres:admin123" | chpasswd
runuser -l postgres -c "createuser sonar"
sudo -i -u postgres psql -c "ALTER USER sonar WITH ENCRYPTED PASSWORD 'admin123';"
sudo -i -u postgres psql -c "CREATE DATABASE sonarqube OWNER sonar;"
sudo -i -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;"
systemctl restart postgresql
netstat -tulpena | grep postgres
sudo mkdir -p /sonarqube/
cd /sonarqube/
sudo curl -O https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.3.0.34182.zip
sudo apt-get install zip -y
sudo unzip -o sonarqube-8.3.0.34182.zip -d /opt/
sudo mv /opt/sonarqube-8.3.0.34182/ /opt/sonarqube
sudo groupadd sonar
sudo useradd -c "SonarQube - User" -d /opt/sonarqube/ -g sonar sonar
sudo chown sonar:sonar /opt/sonarqube/ -R
cp /opt/sonarqube/conf/sonar.properties /root/sonar.properties_backup
cat <<EOT> /opt/sonarqube/conf/sonar.properties
sonar.jdbc.username=sonar
sonar.jdbc.password=admin123
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube
sonar.web.host=0.0.0.0
sonar.web.port=9000
sonar.web.javaAdditionalOpts=-server
sonar.search.javaOpts=-Xmx512m -Xms512m -XX:+HeapDumpOnOutOfMemoryError
sonar.log.level=INFO
sonar.path.logs=logs
EOT
cat < /etc/systemd/system/sonarqube.service [Unit] Description=SonarQube service After=syslog.target network.target
[Service] Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
User=sonar
Group=sonar
Restart=always
LimitNOFILE=65536
LimitNPROC=4096
[Install]
WantedBy=multi-user.target
EOT
systemctl daemon-reload
systemctl enable sonarqube.service
#systemctl start sonarqube.service
#systemctl status -l sonarqube.service
apt-get install nginx -y
rm -rf /etc/nginx/sites-enabled/default rm -rf /etc/nginx/sites-available/default cat < /etc/nginx/sites-available/sonarqube server{ listen 80; server_name sonarqube.groophy.in;
access_log /var/log/nginx/sonar.access.log;
error_log /var/log/nginx/sonar.error.log;
proxy_buffers 16 64k;
proxy_buffer_size 128k;
location / {
proxy_pass http://127.0.0.1:9000;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
}
} EOT ln -s /etc/nginx/sites-available/sonarqube /etc/nginx/sites-enabled/sonarqube systemctl enable nginx.service #systemctl restart nginx.service sudo ufw allow 80,9000,9001/tcp
echo "System reboot in 30 sec" sleep 30 reboot