In this tutorial, you will learn how to install SonarQube on Ubuntu 20.04. SonarQube® is an automatic code review tool to detect bugs, vulnerabilities, and code smells in your code. It can integrate with your existing workflow to enable continuous code inspection across your project branches and pull requests.
Read more about SonarQube on SonarQube page.
Installing SonarQube on Ubuntu 20.04
Prerequisites
There are a number of prerequisites needed to install and run SonarQube on Ubuntu 20.04 as provided below;
System Hardware Requirements
- Ensure you are running a 64-bit system as SonarQube does not support 32 bit system architecture.
uname -mx86_64- At least 2GB of RAM (16GB + of RAM for enterprise usage) and 2 vCPU cores (8+ vCPU cores for enterprise usage) for small scale usage
- Disk with excellent read & write performance.
- Enough disk space depending on how much code you analyze with SonarQube.
Install Java 11 on Ubuntu 20.04
Java 11 can work for both SonarQube server and scanner. Hence, run the command below to install Java 11 on Ubuntu 20.04 (You can choose to install either JRE or OpenJDK;
Note that OpenJDK 11 or JRE 11 is the default version on default Ubuntu 20.04 main repos;
apt updateIf you want to use JRE, run the command below to install it on Ubuntu 20.04;
apt install default-jreIf you want to use OpenJDK, run the command below;
apt install default-jdkInstall and Setup Database for SonarQube
SonarQube supports PostgreSQL (version 9.3-9.6, 10-12), Oracle (XE extension, 11G, 12C, 18C 19C) or MSSQL for Windows system.
In this tutorial, we will install and setup SonarQube on Ubuntu 20.04.
Install PostgreSQL 12 on Ubuntu 20.04
Install PostgreSQL 12 on Ubuntu 20.04 by running the command below;
apt install postgresql postgresql-contribLogin as PostgreSQL superuser and Create SonarQube PostgreSQL Database and Database User
sudo -Hiu postgrescreateuser sonaradmincreatedb -O sonaradmin sonarqubedbpsqlALTER USER sonaradmin WITH ENCRYPTED password 'changeme';\qexitActivate Secure Computing Filter
seccomp filter, required by Elasticsearch, is usually enabled by default on Ubuntu 20.04. To check if seccomp is available on your kernel with:
grep SECCOMP /boot/config-$(uname -r)If you see such an output, then seccomp filter is enabled;
CONFIG_SECCOMP=y
CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
CONFIG_SECCOMP_FILTER=yExecutive Report Fonts
Fontconfig and FreeType fonts are required for generating SonarQube executive reports. Install them as follows;
apt install fontconfig-config libfreetype6Install and Configure SonarQube on Ubuntu 20.04
Once all the prerequisites are met, proceed to install SonarQube.
Download SonarQube Archive file
There are different editions of the SonarQube. In this setup, we will be installing the community version. As such, navigate to SonarQube downloads page and grab the SonarQube zip file.
You can as well get the download link from SonarQube binaries page and pull it using wget or curl command
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.7.0.41497.zipInstall SonarQube
Extract SonarQube to some directory, e.g the /opt directory.
apt install zipunzip sonarqube-8.7.0.41497.zip -d /opt/Rename the SonarQube directory to remove the version number;
mv /opt/sonarqube{-8.7.0.41497,}Create SonarQube System User Account
SonarQube should not be run as root. As such, you can create an non admin account for running SonarQube as follows;
useradd -M -d /opt/sonarqube/ -r -s /bin/bash sonarqubeSet the ownership of the /opt/sonarqube to sonar user created above.
chown -R sonarqube: /opt/sonarqubeConfigure SonarQube
Set database connection details as per your PostgreSQL setup above.
vim /opt/sonarqube/conf/sonar.properties# DATABASE
...
# User credentials.
...
sonar.jdbc.username=sonaradmin
sonar.jdbc.password=changeme
...
#----- PostgreSQL 9.3 or greater
# By default the schema named "public" is used. It can be overridden with the parameter "currentSchema".
#sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube?currentSchema=my_schema
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqubedbSave and exit the file.
The above changes are enough to run SonarQube on Ubuntu 20.04 in its basic setup.
Running SonarQube on Ubuntu 20.04
As much as you can start SonarQube in standalone mode using the /opt/sonarqube/bin/linux-x86-64/sonar.sh script by passing the start option as in /opt/sonarqube/bin/linux-x86-64/sonar.sh start, it is better to use the systemd service unit.
Create SonarQube Systemd Service Unit file;
cat > /etc/systemd/system/sonarqube.service << 'EOL'
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=simple
User=sonarqube
Group=sonarqube
PermissionsStartOnly=true
ExecStart=/bin/nohup java -Xms32m -Xmx32m -Djava.net.preferIPv4Stack=true -jar /opt/sonarqube/lib/sonar-application-8.7.0.41497.jar
StandardOutput=syslog
LimitNOFILE=131072
LimitNPROC=8192
TimeoutStartSec=5
Restart=always
SuccessExitStatus=143
[Install]
WantedBy=multi-user.target
EOLBe sure to replace the path, /opt/sonarqube/lib/sonar-application-8.7.0.41497.jar, accordingly.
Reload the systemd configurations;
systemctl daemon-reloadSet the maximum number of memory maps for elasticsearch;
echo 'vm.max_map_count=262144' >> /etc/sysctl.confsysctl -pStart and enable SonarQube service on Ubuntu 20.04;
systemctl enable --now sonarqubeCheck the status;
systemctl status sonarqube.service● sonarqube.service - SonarQube service
Loaded: loaded (/etc/systemd/system/sonarqube.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-02-16 19:36:45 UTC; 2min 23s ago
Main PID: 34811 (java)
Tasks: 118 (limit: 2282)
Memory: 1.4G
CGroup: /system.slice/sonarqube.service
├─34811 java -Xms32m -Xmx32m -Djava.net.preferIPv4Stack=true -jar /opt/sonarqube/lib/sonar-application-8.7.0.41497.jar
├─34834 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -Djava.io>
├─34921 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp -XX:-OmitStackTraceInF>
└─34980 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp -XX:-OmitStackTraceInF>
Feb 16 19:36:47 ubuntu20 nohup[34811]: OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future rel>
Feb 16 19:37:27 ubuntu20 nohup[34811]: 2021.02.16 19:37:27 INFO app[][o.s.a.SchedulerImpl] Process[es] is up
Feb 16 19:37:27 ubuntu20 nohup[34811]: 2021.02.16 19:37:27 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[[key='web', ipcIndex=2, logFilenamePrefix=web]] from [/opt>
Feb 16 19:37:47 ubuntu20 nohup[34811]: 2021.02.16 19:37:47 WARN app[][startup] ###########################################################################################>
Feb 16 19:37:47 ubuntu20 nohup[34811]: 2021.02.16 19:37:47 WARN app[][startup] Default Administrator credentials are still being used. Make sure to change the password or>
Feb 16 19:37:47 ubuntu20 nohup[34811]: 2021.02.16 19:37:47 WARN app[][startup] ###########################################################################################>
Feb 16 19:37:48 ubuntu20 nohup[34811]: 2021.02.16 19:37:48 INFO app[][o.s.a.SchedulerImpl] Process[web] is up
Feb 16 19:37:48 ubuntu20 nohup[34811]: 2021.02.16 19:37:48 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[[key='ce', ipcIndex=3, logFilenamePrefix=ce]] from [/opt/s>
Feb 16 19:37:55 ubuntu20 nohup[34811]: 2021.02.16 19:37:55 INFO app[][o.s.a.SchedulerImpl] Process[ce] is up
Feb 16 19:37:55 ubuntu20 nohup[34811]: 2021.02.16 19:37:55 INFO app[][o.s.a.SchedulerImpl] SonarQube is upYou can find all the logs under, /opt/sonarqube/logs directory.
ls /opt/sonarqube/logsaccess.log ce.log es.log README.txt sonar.log web.logAccessing SonarQube Web Interface
In order to access SonarQube Web interface, you need to install and setup a web server to proxy the requests to SonarQube running locally.
You can either use Apache or Nginx web server. We use the later in this guide.
apt install nginx -yCreate SonarQube Nginx site configuration with proxy setup.
cat > /etc/nginx/sites-available/sonarqube << 'EOL'
server{
listen 80;
server_name sonarqube.kifarunix-demo.com;
access_log /var/log/nginx/sonarqube.access.log;
error_log /var/log/nginx/sonarqube.error.log;
proxy_buffers 16 64k;
proxy_buffer_size 128k;
location / {
proxy_pass http://127.0.0.1:9000;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
}
}
EOLCheck Nginx syntax errors;
nginx -tIf you get such an output, you are good to go;
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successfulEnable SonarQube Nginx site;
ln -s /etc/nginx/sites-available/sonarqube /etc/nginx/sites-enabled/Restart Nginx;
systemctl restart nginxOpen port 80/tcp on firewall or port 443/tcp depending on your setup;
ufw allow "Nginx Full"The access SonarQube using the address http://sonarqube-server-host-IP-or-hostname.
You will be prompted to enter login details.
Default authentication creds are Username: admin Password: admin
When prompted, reset the password and proceed to SonarQube web interface.
And there you go. You have learnt how to install SonarQube.
Reference
Further Reading
Other Tutorials
Install Nexus Repository Manager on Ubuntu 20.04
Install and setup GVM 20.08 on Debian 10
Install Signal Messenger on Ubuntu 20.04
