Saturday, April 11, 2020

Install Sonarqube on Ubuntu - How to install SonarQube on Ubuntu 22.0.4?

SonarQube is one of the popular static code analysis tools. SonarQube is open-source, Java based tool It also needs database as well - Database can be MS SQL, Oracle or PostgreSQL.  We will use PostgreSQL as it is open source as well.
 
Make sure port 9000 is opened in Firewall rules.

Pre-requistes:
Instance should have at least 2 GB RAM. For AWS, instance should new and type should be t2.small. For Azure it should be standard B1ms which is 2 GB RAM.


Let us start with java install (skip java install if you already have it installed)

Java 11 installation steps
sudo apt-get update && sudo apt-get install default-jdk -y

2. Postgres Installation

sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'



sudo wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -



sudo apt-get -y install postgresql postgresql-contrib

Ignore the message in red color below:

sudo systemctl start postgresql
sudo systemctl enable postgresql

Login as postgres user
sudo su - postgres

Now create a user below by executing below command
createuser sonar

9. Switch to sql shell by entering
psql








Execute the below three lines (one by one)

ALTER USER sonar WITH ENCRYPTED password 'password';

CREATE DATABASE sonarqube OWNER sonar;

\q






type exit to come out of postgres user.





3. Now install SonarQube Web App

sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.7.zip

sudo apt-get -y install unzip
sudo unzip sonarqube-7.7.zip -d /opt





sudo mv /opt/sonarqube-7.7 /opt/sonarqube -v



Create Group and User:
sudo groupadd sonar

Now add the user with directory access
sudo useradd -c "user to run SonarQube" -d /opt/sonarqube -g sonar sonar 
sudo chown sonar:sonar /opt/sonarqube -R

Modify sonar.properties file
sudo vi /opt/sonarqube/conf/sonar.properties
uncomment the below lines by removing # and add values highlighted yellow
sonar.jdbc.username=sonar
sonar.jdbc.password=password





Next, uncomment the below line, removing #
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube

Press escape, and enter :wq! to come out of the above screen.

Edit the sonar script file and set RUN_AS_USER
sudo vi /opt/sonarqube/bin/linux-x86-64/sonar.sh
Add enable the below line 
RUN_AS_USER=sonar









Create Sonar as a service(this will enable to start automatically when you restart the server)
Execute the below command:
sudo vi /etc/systemd/system/sonar.service












add the below code in green color:
[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking

ExecStart=/opt/sonarqube/bin/l
inux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/li
nux-x86-64/sonar.sh stop

User=sonar
Group=sonar
Restart=always


[Install]
WantedBy=multi-user.target

sudo systemctl start sonar

sudo systemctl enable sonar

sudo systemctl status sonar
type q now to come out of this mode.
Now execute the below command to see if Sonarqube is up and running. This may take a few minutes.

(Now Restart EC2 instance by going to AWS console and stop/start the EC2 instance)
Once restarted EC2 instance, login again and check the Sonar logs:

tail -f /opt/sonarqube/logs/sonar.log

Make sure you get the below message that says sonarqube is up..

Now access sonarQube UI by going to browser and enter public dns name with port 9000

Please follow steps for integrating SonarQube with Jenkins

https://www.coachdevops.com/2020/04/how-to-integrate-sonarqube-with-jenkins.html

3 comments:

  1. I tried to run it directly without using the service and it shows me `No passwd entry for user sonar` How do i fix that?

    ReplyDelete
    Replies
    1. did the exact same thing but it still shows `app[][o.s.a.p.AbstractProcessMonitor] Process exited with exit value [es]: 143` How do i fix this?

      Delete
  2. Default log-in:
    User: admin
    Pwd: admin

    ReplyDelete

How to Configure GitHub Advanced Security for Azure DevOps | How to Perform Security scan for Azure Repos using GitHub Advanced Security

GitHub Advanced Security for Azure DevOps brings the  secret scanning, dependency scanning  and  CodeQL code scanning  solutions already ava...