Building SonarQube - linux-on-ibm-z/docs GitHub Wiki

Building SonarQube

The instructions provided below specify the steps to run SonarQube 25.4.0 on Linux on IBM Z for the following distributions:

  • RHEL (8.8, 8.10, 9.2, 9.4, 9.5)
  • SLES 15 SP6
  • Ubuntu (22.04, 24.04, 24.10)

General Notes:

  • When following the steps below please use a standard permission user unless otherwise specified.
  • A directory /<source_root>/ will be referred to in these instructions, this is a temporary writable directory anywhere you'd like to place it.

1. Build and Install SonarQube

1.1. Build using script

If you want to build SonarQube using manual steps, go to STEP 1.2.

Use the following commands to build sonarqube using the build script. Please make sure you have wget installed.

wget -q https://raw.githubusercontent.com/linux-on-ibm-z/scripts/master/SonarQube/25.4.0/build_sonarqube.sh

# Build sonarqube
bash build_sonarqube.sh  [Provide -t option for executing build with tests, -j option to use Java from (Temurin_17, OpenJDK_17, Temurin_21, OpenJDK_21). If no -j specified, Temurin_17 will be installed]

If the build completes successfully, go to STEP 3. In case of error, check logs for more details or go to STEP 1.2 to follow manual build steps.

1.2. Install dependencies

export SOURCE_ROOT=/<source_root>/
  • RHEL (8.8, 8.10, 9.2, 9.4, 9.5)
sudo yum install -y wget git unzip tar which net-tools curl gzip patch make gcc gcc-c++ jq procps iproute --allowerasing
  • SLES (15 SP6)
sudo zypper install -y git wget unzip tar which gzip xz net-tools curl patch make gcc gcc-c++ jq procps gawk iproute2
  • Ubuntu (22.04, 24.04, 24.10)
sudo apt-get update
sudo apt-get install -y wget git unzip tar net-tools xz-utils curl gzip patch locales make gcc g++ jq procps iproute2
sudo locale-gen en_US.UTF-8

1.3. Install Java

  • With Eclipse Adoptium Temurin Runtime

    • Download and install Eclipse Adoptium Temurin Runtime (Java 17) from here.
    • Download and install Eclipse Adoptium Temurin Runtime (Java 21) from here.

  • With OpenJDK 17

    • RHEL (8.8, 8.10, 9.2, 9.4, 9.5) 
      sudo yum install -y java-17-openjdk-devel
    • SLES 15 SP6 
      sudo zypper install -y java-17-openjdk java-17-openjdk-devel
    • Ubuntu (22.04, 24.04, 24.10) 
      sudo apt-get install -y openjdk-17-jdk

  • With OpenJDK 21

    • RHEL (8.8, 8.10, 9.2, 9.4, 9.5) 
      sudo yum install -y java-21-openjdk-devel
    • SLES 15 SP6 
      sudo zypper install -y java-21-openjdk java-21-openjdk-devel
    • Ubuntu (22.04, 24.04, 24.10) 
      sudo apt-get install -y openjdk-21-jdk

Note:

  • Environment variable JAVA_HOME and PATH needs to be updated for the installed Java version.
  • At the time of creating these build instructions, SonarQube was verified with: Eclipse Adoptium Temurin Runtime (build jdk-17.0.14+7 and build jdk-21.0.6+7).

2. Build Elasticsearch

SonarQube needs Elasticsearch and the package includes it. However, it does not work properly on s390x therefore we need to build it from source and replace the provided package. Please check this link for more details of building Elasticsearch.

cd $SOURCE_ROOT
PATCH_URL="https://raw.githubusercontent.com/linux-on-ibm-z/scripts/master/SonarQube/25.4.0/patch"
export LANG="en_US.UTF-8"
export ES_JAVA_HOME=$JAVA_HOME

git clone -b v8.16.3 https://github.com/elastic/elasticsearch
cd elasticsearch

curl -sSL $PATCH_URL/elasticsearch.diff | git apply -

git fetch --tags
latest_tag=$(git tag | sort -V | tail -n1)
latest_tag="${latest_tag:1}-SNAPSHOT"
sed -i 's|${project.version}|'"${latest_tag}"'|g' $SOURCE_ROOT/elasticsearch/x-pack/plugin/ml/build.gradle

mkdir -p $SOURCE_ROOT/elasticsearch/distribution/packages/s390x-rpm/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/packages/s390x-deb/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/archives/linux-s390x-tar/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/ubi-docker-s390x-export/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/cloud-docker-s390x-export/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/cloud-ess-docker-s390x-export/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/docker-s390x-export/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/ironbank-docker-s390x-export/
./gradlew :distribution:archives:linux-s390x-tar:assemble --max-workers=`nproc`  --parallel

# save the artifact link to an env variable.
export elasticsearch=`pwd`/distribution/archives/linux-s390x-tar/build/distributions/elasticsearch-8.16.3-SNAPSHOT-linux-s390x.tar.gz

# make sure the file exists:
ls -l $elasticsearch

3. Download and extract SonarQube and sonar-scanner-cli

cd $SOURCE_ROOT
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-25.4.0.105899.zip
unzip -q sonarqube-25.4.0.105899.zip
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.1.0.4889-linux-x64.zip
unzip -q sonar-scanner-cli-7.1.0.4889-linux-x64.zip

4. Replace elasticsearch in SonarQube package

rm $SOURCE_ROOT/sonarqube-25.4.0.105899/bin/elasticsearch
rm -rfd $SOURCE_ROOT/sonarqube-25.4.0.105899/elasticsearch/*
tar -xzf $elasticsearch -C $SOURCE_ROOT/sonarqube-25.4.0.105899/elasticsearch --strip-components 1
cp $SOURCE_ROOT/sonarqube-25.4.0.105899/elasticsearch/bin/elasticsearch $SOURCE_ROOT/sonarqube-25.4.0.105899/bin/

5. Run SonarQube

sudo groupadd sonarqube      # If group is not already created
sudo usermod -aG sonarqube $(whoami)
sudo chown $(whoami):sonarqube -R $SOURCE_ROOT/sonarqube-25.4.0.105899
export PATH=$PATH:$SOURCE_ROOT/sonarqube-25.4.0.105899/bin/linux-x86-64
export SONAR_JAVA_PATH=$JAVA_HOME/bin/java
sonar.sh start
echo 'use `sonar.sh stop` to stop sonarqube'

Note: SonarQube cannot be run as root on Unix-based systems, so create a dedicated user account to use for SonarQube if necessary which has standard permission rights, hence we have changed the owner in the above step. Click here to know more about configuration.

6. Run Testcases which cover Java, JavaScript, Python, PHP and more (Optional)

Modify $SOURCE_ROOT/sonar-scanner-7.1.0.4889-linux-x64/bin/sonar-scanner to use system JVM.

sed -i 's/use_embedded_jre=true/use_embedded_jre=false/g' $SOURCE_ROOT/sonar-scanner-7.1.0.4889-linux-x64/bin/sonar-scanner

Modify SonarScanner CLI settings:

echo 'sonar.host.url=http://localhost:9000' >> "$SOURCE_ROOT"/sonar-scanner-7.1.0.4889-linux-x64/conf/sonar-scanner.properties
echo 'sonar.scanner.skipJreProvisioning=true' >> "$SOURCE_ROOT"/sonar-scanner-7.1.0.4889-linux-x64/conf/sonar-scanner.properties

Clone sample test cases

cd $SOURCE_ROOT/
git clone https://github.com/SonarSource/sonar-scanning-examples.git

Note: SonarQube no longer supports scanner operations using username and password. A token needs to be generated.

Generate sonar token. A token named my-token can be generated by using below command.

SONAR_TOKEN=$(curl -u admin:admin -X POST "http://localhost:9000/api/user_tokens/generate" -d "name=my-token" | jq -r .token)

Scanner for Java using gradle only needs sonarqube and sonar token.

cd $SOURCE_ROOT/sonar-scanning-examples/sonar-scanner-gradle/gradle-basic
./gradlew -Dsonar.host.url=http://localhost:9000 -Dsonar.token=$SONAR_TOKEN sonar

cd $SOURCE_ROOT/sonar-scanning-examples/sonar-scanner-gradle/gradle-multimodule
./gradlew -Dsonar.host.url=http://localhost:9000 -Dsonar.token=$SONAR_TOKEN sonar

cd $SOURCE_ROOT/sonar-scanning-examples/sonar-scanner-gradle/gradle-multimodule-coverage
./gradlew clean build codeCoverageReport -Dsonar.host.url=http://localhost:9000 -Dsonar.token=$SONAR_TOKEN sonar

For other languages, you can follow the following. For instance, for python, you can do:

cd $SOURCE_ROOT/sonar-scanning-examples/sonar-scanner/src/python
$SOURCE_ROOT/sonar-scanner-7.1.0.4889-linux-x64/bin/sonar-scanner -Dsonar.projectKey=myproject -Dsonar.sources=. --Dsonar.token=$SONAR_TOKEN

Once the scanner completes, its analysis results will be posted to SonarQube server for viewing. Results can be accessed by pointing a supported browser to http://<HOST_IP>:9000/.

Note:

  • You can run scanner for JavaScript, PHP in the same way as above. Just make sure you are in the appropriate base directory of the project you are testing.
  • nodejs is required to run scanner for JavaScript. Download Node.js from here. (At the time of creating these build instructions, nodejs v22.14.0 was verified)
  • In case of errors encountered similar to Unsupported architecture: s390x while scanning the repo, Follow below steps :
    After starting the server, navigate to the UI, then to Administration > General Settings > Languages. From the list, choose Kubernetes and disable the option for Activate Kubernetes analysis.
    Alternative, if you want for specific scan, can add -Dsonar.kubernetes.activate=false flag to the command.
    Reference: https://community.sonarsource.com/t/gradle-sonar-arm64-support/107629

References:

The information provided in this article is accurate at the time of writing, but on-going development in the open-source projects involved may make the information incorrect or obsolete. Please open issue or contact us on IBM Z Community if you have any questions or feedback.

⚠️ **GitHub.com Fallback** ⚠️