Install SonarQube on Ubuntu 20.04

0
52
Install SonarQube on Ubuntu 20.04

In this tutorial, you will learn how to install SonarQube on Ubuntu 20.04. SonarQube® is an automatic code review tool to detect bugs, vulnerabilities, and code smells in your code. It can integrate with your existing workflow to enable continuous code inspection across your project branches and pull requests.

Read more about SonarQube on SonarQube page.

Install SonarQube on Ubuntu 20.04

Prerequisites

There are a number of prerequisites needed to install and run SonarQube on Ubuntu 20.04 as provided below;

System Hardware Requirements

  • Ensure you are running a 64-bit system as SonarQube does not support 32 bit system architecture.
uname -m
x86_64
  • At least 2GB of RAM (16GB + of RAM for enterprise usage) and 2 vCPU cores (8+ vCPU cores for enterprise usage) for small scale usage
  • Disk with excellent read & write performance.
  • Enough disk space depending on how much code you analyze with SonarQube.

Install Java 11 on Ubuntu 20.04

Java 11 can work for both SonarQube server and scanner. Hence, run the command below to install Java 11 on Ubuntu 20.04 (You can choose to install either JRE or OpenJDK;

Note that OpenJDK 11 or JRE 11 is the default version on default Ubuntu 20.04 main repos;

apt update

If you want to use JRE, run the command below to install it on Ubuntu 20.04;

apt install default-jre

If you want to use OpenJDK, run the command below;

apt install default-jdk

Install and Setup Database for SonarQube

SonarQube supports PostgreSQL (version 9.3-9.6, 10-12), Oracle (XE extension, 11G, 12C, 18C 19C) or MSSQL for Windows system.

In this tutorial, we will install and setup SonarQube on Ubuntu 20.04.

Install PostgreSQL 12 on Ubuntu 20.04

Install PostgreSQL 12 on Ubuntu 20.04 by running the command below;

apt install postgresql postgresql-contrib

Login as PostgreSQL superuser and Create SonarQube PostgreSQL Database and Database User

sudo -Hiu postgres
createuser sonaradmin
createdb -O sonaradmin sonarqubedb
psql
ALTER USER sonaradmin WITH ENCRYPTED password 'changeme';
\q
exit

Activate Secure Computing Filter

seccomp filter, required by Elasticsearch, is usually enabled by default on Ubuntu 20.04. To  check if seccomp is available on your kernel with:

grep SECCOMP /boot/config-$(uname -r)

If you see such an output, then seccomp filter is enabled;

CONFIG_SECCOMP=y
CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
CONFIG_SECCOMP_FILTER=y

Executive Report Fonts

Fontconfig and FreeType fonts are required for generating SonarQube executive reports. Install them as follows;

apt install fontconfig-config libfreetype6

Install and Configure SonarQube on Ubuntu 20.04

Once all the prerequisites are met, proceed to install SonarQube on Ubuntu 20.04.

Download SonarQube Archive file

There are different editions of the SonarQube. In this setup, we will be installing the community version. As such, navigate to SonarQube downloads page and grab the SonarQube zip file.

You can as well get the download link from SonarQube binaries page and pull it using wget or curl command

wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.7.0.41497.zip

Install SonarQube on Ubuntu 20.04

Extract SonarQube to some directory, e.g the /opt directory.

apt install zip
unzip sonarqube-8.7.0.41497.zip -d /opt/

Rename the SonarQube directory to remove the version number;

mv /opt/sonarqube{-8.7.0.41497,}

Create SonarQube System User Account

SonarQube should not be run as root. As such, you can create an non admin account for running SonarQube as follows;

useradd -M -d /opt/sonarqube/ -r -s /bin/bash sonarqube

Set the ownership of the /opt/sonarqube to sonar user created above.

chown -R sonarqube: /opt/sonarqube

Configure SonarQube

Set database connection details as per your PostgreSQL setup above.

vim /opt/sonarqube/conf/sonar.properties
# DATABASE
...
# User credentials.
...
sonar.jdbc.username=sonaradmin
sonar.jdbc.password=changeme
...
#----- PostgreSQL 9.3 or greater
# By default the schema named "public" is used. It can be overridden with the parameter "currentSchema".
#sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube?currentSchema=my_schema
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqubedb

Save and exit the file.

The above changes are enough to run SonarQube on Ubuntu 20.04 in its basic setup.

Running SonarQube on Ubuntu 20.04

As much as you can start SonarQube in standalone mode using the /opt/sonarqube/bin/linux-x86-64/sonar.sh script by passing the start option as in /opt/sonarqube/bin/linux-x86-64/sonar.sh start, it is better to use the systemd service unit.

Create SonarQube Systemd Service Unit file;

cat > /etc/systemd/system/sonarqube.service << 'EOL'
[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=simple
User=sonarqube
Group=sonarqube
PermissionsStartOnly=true
ExecStart=/bin/nohup java -Xms32m -Xmx32m -Djava.net.preferIPv4Stack=true -jar /opt/sonarqube/lib/sonar-application-8.7.0.41497.jar
StandardOutput=syslog
LimitNOFILE=131072
LimitNPROC=8192
TimeoutStartSec=5
Restart=always
SuccessExitStatus=143

[Install]
WantedBy=multi-user.target
EOL

Be sure to replace the path, /opt/sonarqube/lib/sonar-application-8.7.0.41497.jar, accordingly.

Reload the systemd configurations;

systemctl daemon-reload

Set the maximum number of memory maps for elasticsearch;

echo 'vm.max_map_count=262144' >> /etc/sysctl.conf
sysctl -p

Start and enable SonarQube service on Ubuntu 20.04;

systemctl enable --now sonarqube

Check the status;

systemctl status sonarqube.service
● sonarqube.service - SonarQube service
     Loaded: loaded (/etc/systemd/system/sonarqube.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2021-02-16 19:36:45 UTC; 2min 23s ago
   Main PID: 34811 (java)
      Tasks: 118 (limit: 2282)
     Memory: 1.4G
     CGroup: /system.slice/sonarqube.service
             ├─34811 java -Xms32m -Xmx32m -Djava.net.preferIPv4Stack=true -jar /opt/sonarqube/lib/sonar-application-8.7.0.41497.jar
             ├─34834 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -Djava.io>
             ├─34921 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp -XX:-OmitStackTraceInF>
             └─34980 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp -XX:-OmitStackTraceInF>

Feb 16 19:36:47 ubuntu20 nohup[34811]: OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future rel>
Feb 16 19:37:27 ubuntu20 nohup[34811]: 2021.02.16 19:37:27 INFO  app[][o.s.a.SchedulerImpl] Process[es] is up
Feb 16 19:37:27 ubuntu20 nohup[34811]: 2021.02.16 19:37:27 INFO  app[][o.s.a.ProcessLauncherImpl] Launch process[[key='web', ipcIndex=2, logFilenamePrefix=web]] from [/opt>
Feb 16 19:37:47 ubuntu20 nohup[34811]: 2021.02.16 19:37:47 WARN  app[][startup] ###########################################################################################>
Feb 16 19:37:47 ubuntu20 nohup[34811]: 2021.02.16 19:37:47 WARN  app[][startup] Default Administrator credentials are still being used. Make sure to change the password or>
Feb 16 19:37:47 ubuntu20 nohup[34811]: 2021.02.16 19:37:47 WARN  app[][startup] ###########################################################################################>
Feb 16 19:37:48 ubuntu20 nohup[34811]: 2021.02.16 19:37:48 INFO  app[][o.s.a.SchedulerImpl] Process[web] is up
Feb 16 19:37:48 ubuntu20 nohup[34811]: 2021.02.16 19:37:48 INFO  app[][o.s.a.ProcessLauncherImpl] Launch process[[key='ce', ipcIndex=3, logFilenamePrefix=ce]] from [/opt/s>
Feb 16 19:37:55 ubuntu20 nohup[34811]: 2021.02.16 19:37:55 INFO  app[][o.s.a.SchedulerImpl] Process[ce] is up
Feb 16 19:37:55 ubuntu20 nohup[34811]: 2021.02.16 19:37:55 INFO  app[][o.s.a.SchedulerImpl] SonarQube is up

You can find all the logs under, /opt/sonarqube/logs directory.

ls /opt/sonarqube/logs
access.log  ce.log  es.log  README.txt  sonar.log  web.log

Accessing SonarQube Web Interface

In order to access SonarQube Web interface, you need to install and setup a web server to proxy the requests to SonarQube running locally.

You can either use Apache or Nginx web server. We use the later in this guide.

apt install nginx -y

Create SonarQube Nginx site configuration with proxy setup.

cat > /etc/nginx/sites-available/sonarqube << 'EOL' 
server{
    listen      80;
    server_name sonarqube.kifarunix-demo.com;

    access_log  /var/log/nginx/sonarqube.access.log;
    error_log   /var/log/nginx/sonarqube.error.log;

    proxy_buffers 16 64k;
    proxy_buffer_size 128k;

    location / {
        proxy_pass  http://127.0.0.1:9000;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;

        proxy_set_header    Host            $host;
        proxy_set_header    X-Real-IP       $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto http;
    }
}
EOL

Check Nginx syntax errors;

nginx -t

If you get such an output, you are good to go;

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Enable SonarQube Nginx site;

ln -s /etc/nginx/sites-available/sonarqube /etc/nginx/sites-enabled/

Restart Nginx;

systemctl restart nginx

Open port 80/tcp on firewall or port 443/tcp depending on your setup;

ufw allow "Nginx Full"

The access SonarQube using the address http://sonarqube-server-host-IP-or-hostname.

You will be prompted to enter login details.

Default authentication creds are Username: admin Password: admin

install SonarQube on Ubuntu 20.04

When prompted, reset the password and proceed to SonarQube web interface.

Install SonarQube on Ubuntu 20.04

And there you go. You have learnt how to install SonarQube on Ubuntu 20.04.

Reference

Installing SonarQube

Further Reading

SonarQube Documentation

Other Tutorials

Install Nexus Repository Manager on Ubuntu 20.04

Install and setup GVM 20.08 on Debian 10

Install Signal Messenger on Ubuntu 20.04

Install NoMachine on Ubuntu 20.04

Install and Setup GVM 20.08 on Ubuntu 20.04

LEAVE A REPLY

Please enter your comment!
Please enter your name here