aws setup sonarqube instance - devonfw/hangar GitHub Wiki
The scope of this section is to deploy an AWS EC2 instance running SonarQube for further usage from a CI pipeline. A set of scripts and a Terraform recipe have been created in order to assist you in the launch of a SonarQube instance with an embedded database.
-
Have a SSH keypair for the SonarQube instance. You can use an existing one or create a new one with the following command:
aws ec2 create-key-pair --key-name sonarqube --query 'KeyMaterial' --output text > sonarqube.pem|
Important
|
This will create a public key, directly stored in AWS (current region only), and a private key stored in the sonarqube.pem file, that will be necessary if you ever need to access the instance, so be sure you store it securely.
|
-
./sonarqube.shscript to automatically do all the steps in one command execution. -
main.tfcontains declarative definition written in HCL of Cloud infrastructure. -
../common/setup_sonarqube.shscript to be run on an AWS EC2 instance that installs and deploys a container running SonarQube. -
variables.tfcontains variable definition formain.tf. -
terraform.tfvarscontains values (user-changeable) for the variables defined invariables.tf. -
terraform.tfstatecontains current state of the created infrastructure. It is generated after use it and should be stored securely. -
set-terraform-variables.shassists user in setting the values ofterraform.tfvars.
To make it easier to use for non-experienced users, or for those who need only one command to be executed, we provide sonarqube.sh script that executes all the steps automatically.
COMMAND DESCRIPTION
apply Creates or updates infrastructure.
destroy Destroys previously created infrastructure.
output Shows output values from Terraform state. Ignores flags other than '--output-key' or '-k'.
To print only one output value use flag '--output-key <key>' where key is the name of the output variable.-s, --state-folder Folder for saving/importing Terraform configuration.
-k, --output-key [ONLY FOR output] Key of a single Terraform output variable to print.
-q, --quiet Suppress output other than the generated by Terraform command.
-h, --help Displays help message.These variables will be used to update terraform.tfvars (using set-terraform-variables.sh script). They are ignored in output command. Syntax: '--key value' or '--key=value'.
./sonarqube.sh apply --state-folder /secure/location {terraform_vars_example_short}
./sonarqube.sh apply --state-folder /secure/location {terraform_vars_example_full}|
Caution
|
Remember to securely store all the content inside the state folder, otherwise you will not be able to perform any changes in infrastructure, including destroying it, from Terraform. |
First, you need to initialize the working directory containing Terraform configuration files (located at /scripts/sonarqube/aws) and install any required plugins:
terraform initThen, you may need to customize some input variables about the environment. To do so, you can either edit terraform.tfvars file or take advantage of the set-terraform-variables script, which allows you to create or update values for the required variables, passing them as flags.
Configurable variables:
{terraform_vars}Examples of usage:
./set-terraform-variables.sh {terraform_vars_example_short}
./set-terraform-variables.sh {terraform_vars_example_full}|
Warning
|
Unless changed, some of the variables used by default probably do not exist in your environment of AWS. |
Finally, deploy SonarQube instance:
terraform apply --auto-approve|
Caution
|
Remember to securely store terraform.tfstate file, otherwise you will not be able to perform any changes in infrastructure, including detroying it, from Terraform. More insights here.
|
|
Note
|
terraform apply command performs a plan and actually carries out the planned changes to each resource using the relevant infrastructure provider’s API. You can use it to perform changes on the created resources later on.
|
In particular, this will create an AWS EC2 instance based on Ubuntu and deploy a Docker container running SonarQube.
You will get the public URL of the SonarQube instance and an admin token as output. Take note of it, you will need it later on.
As long as you keep the terraform.tfstate file generated when creating the SonarQube instance, you can easily destroy it and all associated resources by executing:
terraform destroyAs long as you keep the terraform.tfstate file generated when creating the SonarQube instance, you can apply changes to the infrastructure deployed by modifying main.tf and executing:
terraform output > terraform.tfoutput
terraform apply|
Important
|
In Windows, when applying any changes, the value of the token is lost if terraform.tfoutput does not exist. Be sure you do not skip the first command.
|
After a few minutes, you will be able to access SonarQube web interface on the public URL provided by Terraform output with the following credentials:
-
Username:
admin -
Password:
admin
|
Important
|
Change the default password promptly. After that, update the password in Terraform configuration: ./set-terraform-variables.sh --sonarqube_password <new password>.
|
This documentation is licensed under the Creative Commons License (Attribution-NoDerivatives 4.0 International).
