Difference between revisions of "Sonar"

Line 11: Line 11:
=Requirements: database server=
=Requirements: PostgreSQL database server=
You need to have a MySQL server available.
Create an empty DB and MySQL user "sonarqube"
<syntaxhighlight lang="sql">
mysql -u root -p
CREATE USER 'sonarqube'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON sonarqube.* TO 'sonarqube'@'localhost';
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 53: Line 32:
===Remote access===
==Remote access==
Adjust configuration to enable remote access
Adjust configuration to enable remote access
Line 86: Line 65:
===start PSQL===
==start PSQL==
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 114: Line 93:
===Centos firewall===
==Centos firewall==
For Debian IPTABLES just open the port TCP 5234
For Debian IPTABLES just open the port TCP 5234
Line 147: Line 126:
=Setup SONARQUBE service=
I advise you to use the manual set-up and update. Experience proved that it can be cumbersome to upgrade SonarQube.  
I advise you to use the manual set-up and update. Experience proved that it can be cumbersome to upgrade SonarQube.  
==Get SonarQube and SonarRunner==
==Get SonarQube==
* '''SonarQube''' == Application to detect issues and display them (web-based)
* '''SonarRunner''' == Command line tool to interact with SonarQube. This is required for Jenkins and other tools.
Line 164: Line 140:
# SonarQube
# SonarQube
wget https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-5.1.2.zip
# 2019-05: current version is 7.7
unzip sonarqube-5.1.2.zip
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.7.zip
ln -s /opt/sonarqube-5.1.2 /opt/sonarqube
unzip sonarqube-7.7.zip
ln -s /opt/sonarqube-7.7 /opt/sonarqube
# SonarRunner
wget http://repo1.maven.org/maven2/org/codehaus/sonar/runner/sonar-runner-dist/2.4/sonar-runner-dist-2.4.zip
unzip sonar-runner-dist-2.4.zip
ln -s /opt/sonar-runner-2.4/ /opt/sonar-runner
# Make the SonarRunner available from anywhere
ln -s /opt/sonar-runner/bin/sonar-runner /usr/bin/sonar-runner
Line 198: Line 167:
# postgreSQL
Line 347: Line 317:
=Sonar Runner=
Edit the Sonar-Runner configuration file
<syntaxhighlight lang="bash">
vim /opt/sonar-runner/conf/sonar-runner.properties
Enable MySQL database:
!! (i) note that I'm using '''sonarqube''' instead of ''sonar'' !!
<syntaxhighlight lang="apache">
==Environment variable==
Create a new environment variable <code>SONAR_RUNNER_HOME</code>
<syntaxhighlight lang="bash">
vim /etc/environment
<syntaxhighlight lang="apache">
Line 425: Line 357:
update-rc.d sonarqube defaults
update-rc.d sonarqube defaults
=Sonar application configuration=

Revision as of 15:03, 7 May 2019

The following instructions are for Ubuntu.

  • 2016-12-25 : update for Ubuntu 16.10
  • 2019-03-26 : update for SonarQube 7.x on CentOs 7.x ; with PostgreSQL server

You can find all these instructions and more on the Official how-to

Requirements: PostgreSQL database server


# Add repository
sudo wget https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-7-x86_64/pgdg-centos11-11-2.noarch.rpm -P /tmp
sudo yum install /tmp/pgdg-centos11-11-2.noarch.rpm epel-release
sudo yum update

# Setup server
sudo yum install postgresql11-server postgresql11-contrib postgresql11

# Init Postgres database
#   > default user: postgres
 sudo /usr/pgsql-11/bin/postgresql-11-setup initdb

Remote access

Adjust configuration to enable remote access


sudo cp /var/lib/pgsql/11/data/postgresql.conf /var/lib/pgsql/11/data/postgresql.conf.backup
sudo vim /var/lib/pgsql/11/data/postgresql.conf


listen_addresses = '*'


sudo cp /var/lib/pgsql/11/data/pg_hba.conf /var/lib/pgsql/11/data/pg_hba.conf.backup
sudo vim /var/lib/pgsql/11/data/pg_hba.conf
# IPv4 local connections:
host    all             all                  md5
# IPv6  local connections:
host    all             all             ::/0                    md5

start PSQL

# Start Postgres server
sudo systemctl enable postgresql-11.service
sudo systemctl start postgresql-11.service

# Set 'postgres' LINUX user password (recommandation: postgres)
sudo passwd postgres

# ... Set 'postgres' SQL DB ADMIN user password (recommandation: postgres)
# Prepare home folder
sudo mkdir -p /home/postgres
sudo chmod -R 777 /home/postgres
sudo chown -R postgres:users /home/postgres
# Change password
cd /home/postgres
sudo -u postgres bash -c "psql -d template1 -c \"ALTER USER postgres WITH PASSWORD 'newPassword';\""
cd $localFolder

# Start Postgres on boot
sudo systemctl enable postgresql

Centos firewall

For Debian IPTABLES just open the port TCP 5234


# Register Firewall rules

# Remove previous rules, if any
sudo firewall-cmd --permanent --disable-port=$POSTGRES_DEFAULT_PORT/tcp
sudo firewall-cmd --permanent --remove-port=$POSTGRES_DEFAULT_PORT/tcp
sudo firewall-cmd --permanent --remove-service=postgres --zone=trusted
sudo firewall-cmd --permanent --remove-service=postgres

# Add new rules
sudo firewall-cmd --permanent --new-service=postgres
sudo firewall-cmd --permanent --service=postgres --set-short="Postgresql database server"
sudo firewall-cmd --permanent --service=postgres --set-description="Postgres database server"
sudo firewall-cmd --permanent --service=postgres --add-port=$POSTGRES_DEFAULT_PORT/tcp
sudo firewall-cmd --permanent --add-service=postgres --zone=trusted

sudo firewall-cmd --reload
sudo firewall-cmd --list-all

Some helpful Source: Linode tutorial

Setup SONARQUBE service

I advise you to use the manual set-up and update. Experience proved that it can be cumbersome to upgrade SonarQube.

Get SonarQube

Download the latest version (or the LTS) on http://www.sonarqube.org/downloads/

cd /opt

# SonarQube
# 2019-05: current version is 7.7
wget  https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.7.zip
unzip sonarqube-7.7.zip
ln -s /opt/sonarqube-7.7 /opt/sonarqube

(i) It's always good to use a symlink. This make the update and rollback a bit easier.

Configuration (sonar.properties)

Edit the SonarQube configuration file

vim /opt/sonarqube/conf/sonar.properties


Disable embedded H2DB and enable MySQL database, lines 20 to 40:

# postgreSQL

Port number and root context

Adjust port number and context (~ line 107)

#sonar.web.port:             9000
sonar.web.context:           /sonarqube

!!! This is VERY important that you uncomment and set the sonar.web.context !!! Without it you cannot use Apache2 proxy.

Sonar symlink

The default path to manage SonarQube is, in that example: /opt/sonarqube/bin/linux-x86-64/sonar.sh idem for the logs...

ln -s /opt/sonarqube/bin/linux-x86-64/sonar.sh /usr/bin/sonarqube
ln -s /opt/sonarqube/bin/linux-x86-64/sonar.sh /etc/init.d/sonarqube

mkdir -p /var/log/sonar
ln -s /opt/sonarqube/logs/sonar.log /var/log/sonar/sonar.log
ln -s /opt/sonarqube/logs/access.log /var/log/sonar/access.log

Configuration (wrapper.properties)

There is a new configuration file to edit since 5.x. Edit the WRAPPER configuration file

vim /opt/sonarqube/conf/wrapper.properties

Adjust your JVM path, if required, on the first line. This should point to a JDK.


Apply changes

You must start Sonar to use the new settings.

sonarqube restart

... wait for some times on 1st start (5 to 7 mn) !! Logs are in

Check that Sonar is up:

netstat -pl --numeric | grep 9000

You should have:

tcp        0      0  *               LISTEN      xxxxx/java

Bug fix

If the port 9000 is already used by PHP you must remove PHP7 FPM

sudo apt-get remove php7.0-fpm

Access SonarQube


Apache2 proxy

Instead of opening port 9000, it's better to access Sonar through Apache2 proxy.

To use the proxy rule, the target /sonar must match the root URL (see sonar.properties)

Apache2 configuration

Edit configuration file: module or virtual host

vim /etc/apache2/mods-enabled/proxy.conf


vim /etc/apache2/sites-enabled/mySite.conf

Set the following:

# Proxy to a Java application running over Tomcat, with IP filter
<Location /sonarqube >
	ProxyPass http://localhost:9000/sonarqube/
	ProxyPassReverse http://localhost:9000/sonarsonarqube/

        #Require all denied
        #AllowOverride none
        Require local
        Require ip 192.168.1
        Require host

        #Require all granted
        #Satisfy any

Test Sonar

The default user and password are “admin” and “admin“.


Sonar logs are in:


Start SonarQube on boot

Adjust sonar.sh

(i) you must do that on each update as well

You need to update the SonarQube bin exec so Debian|ubuntu can start it on boot.

vim /opt/sonarqube/bin/linux-x86-64/sonar.sh

Add the following lines right after the #!/bin/sh

# Provides:             sonarqube
# Required-Start:       $all
# Required-Stop:
# Default-Start:        4 5
# Default-Stop:         0 1 6
# Short-Description:    Sonarqube code quality analysis

Register sonarqube to boot sequence

(i) You just need to do that once.

cd /etc/init.d/
update-rc.d sonarqube defaults

Sonar application configuration

Sonar Maven plugin

See http://docs.sonarqube.org/display/SONAR/Installing+and+Configuring+Maven

Upgrade Sonar

Sometimes when there are a lot of changes the new sonar version required some database change.

The service will not be available until you go to http://myServer/sonarqube/setup

You have to agree to the terms and upgrade database