Friday, November 16, 2018

Install SonarQube Server, SonarQube Scanner on Ubuntu Server and Integrate with Jenkins





SonarQube- It is an Opensource tool that assists us in code quality analysis and reporting.


It scans your source code looking for potential bugs, vulnerabilities, and maintainability issues, and then presents the results in a report which will allow you to identify potential issues in your application.

The SonarQube tool consists of two sub-applications: an analysis engine, which is installed locally on the developer's machine, and a centralized server for record-keeping and reporting. A single SonarQube server instance can support multiple scanners, enabling you to centralize code quality reports from many developers in a single place.

In this blog, I'm going to explain how to install and configure Sonar Qube server and Scanner with Jenkins integration.


Prerequisites:
  • Ubuntu VM
  • A user with sudo access  
  • Installed LAMP
Step 1- Install Jenkins: 
Please follow my previous blog for step by step installation of Jenkins.

Follow this URL:- https://linuxhowtoguide.blogspot.com/2018/09/how-to-install-jenkins-on-ubuntu-1604.html

Step 2- Preparing for the install:
There are few steps that we need to complete before installing SonarQube Server and scanner. let's follow them.
2A- Create SonarQube user:
$ sudo adduser --system --no-create-home --group --disabled-login sonarqube
We will use this user to run Sonar Service only and disabled server login.
Next, create a directory that will keep Sonar Server.
$ sudo mkdir /opt/sonarqube
Now, Change the permission of this Directory and make Sonar user owner.

$ sudo chown -R sonarqube:sonarqube /opt/sonarqube
2B- Create a MySQL database:
We need a database and credentials that SonarQube will use.
$ mysql -u root -p
Create a database:
mysql > create database sonarqube;
Let's create user and grant permission on the above database.
mysql > create user sonarqube@'localhost'  IDENTIFIED BY 'password';

mysql > GRANT ALL ON sonarqube.* to sonarqube@'localhost';
Apply changes and exit from the MySQL.
mysql > flush privileges;
mysql > exit;
Step 3- Download and install Sonar Qube Server:
Change your directory:
$ cd /opt/sonarqube
Download latest SonarQube server from the official sites.
$ sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-6.7.5.zip
Unzip downloaded.
$ sudo unzip sonarqube-6.7.5.zip
Change folder ownership:
sudo chown -R sonarqube:sonarqube /opt/sonarqube
SonarQube Server is ready to configure.

Step 4- Configure SonarQube Server
We'll need to edit a few things in the SonarQube configuration file. Namely:
  • We need to specify the username and password that the SonarQube server will use for the database connection.
  • We also need to tell SonarQube to use MySQL for our backend database.
  • We'll tell SonarQube to run in server mode, which will yield improved performance.
  • We'll also tell SonarQube to only listen on the local network address since we will be using a reverse proxy.
Start by opening the SonarQube configuration file:
$ sudo vi sonarqube-6.7.5/conf/sonar.properties
modify the following lines and update MySQL login details.
..
    sonar.jdbc.username=sonarqube
    sonar.jdbc.password=password
    ...
Next, tell SonarQube to use MySQL and enable the driver.
...

    sonar.jdbc.url=jdbc:mysql://localhost:3306/sonarqube?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false

    ...
Finally, tell SonarQube to run in server mode and only listen to the local address:
 sonar.web.host=127.0.0.1
    sonar.web.javaAdditionalOpts=-server
Save and close the file.
Step 5- Configure SonarQube service.
Create Service file and add the following line into it.
$ sudo vi  /etc/systemd/system/sonarqube.service
Add the following lines.
[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking

ExecStart=/opt/sonarqube/sonarqube-6.7.5/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/sonarqube-6.7.5/bin/linux-x86-64/sonar.sh stop

User=sonarqube
Group=sonarqube
Restart=always

[Install]
WantedBy=multi-user.target
Save and close the file then start sonarQube service
$ sudo systemctl start sonarqube.service
Check service status
$ sudo systemctl status sonarqube.service
● sonarqube.service - SonarQube service
   Loaded: loaded (/etc/systemd/system/sonarqube.service; disabled; vendor preset: enabled)
   Active: active (running) since Thu 2018-11-15 15:19:30 UTC; 18h ago
  Process: 7049 ExecStop=/opt/sonarqube/sonarqube-6.7.5/bin/linux-x86-64/sonar.sh stop (code=exited, status=0/SUCCESS)
  Process: 7233 ExecStart=/opt/sonarqube/sonarqube-6.7.5/bin/linux-x86-64/sonar.sh start (code=exited, status=0/SUCCESS)
 Main PID: 7293 (wrapper)
    Tasks: 158 (limit: 4704)
   CGroup: /system.slice/sonarqube.service
           ├─7293 /opt/sonarqube/sonarqube-6.7.5/bin/linux-x86-64/./wrapper /opt/sonarqube/sonarqube-6.7.5/bin/linux-x86-64/../../conf/wrapper.conf wrapper.syslo
           ├─7297 java -Dsonar.wrapped=true -Djava.awt.headless=true -Xms8m -Xmx32m -Djava.library.path=./lib -classpath ../../lib/jsw/wrapper-3.2.3.jar:../../li
           ├─7321 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly
           ├─7420 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/sonarqube-6.7.5/t
           └─7589 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/sonarqube-6.7.5/t

Nov 15 15:19:29 ip-172-31-35-176 systemd[1]: Starting SonarQube service...
Nov 15 15:19:29 ip-172-31-35-176 sonar.sh[7233]: Starting SonarQube...
Nov 15 15:19:30 ip-172-31-35-176 sonar.sh[7233]: Started SonarQube.
Nov 15 15:19:30 ip-172-31-35-176 systemd[1]: Started SonarQube service.
Step 6- Configure the reverse proxy :
Now that we've got SonarQube service is running and listing default port 9000. let's setup Apache reverse proxy and create a URL to access from the outside.
Create a virtual host
$ sudo vi /etc/apache2/sites-available/sonarqube.conf
add the following lines:
<VirtualHost *:80>
    ServerAdmin amarsingh@domain.com
    ServerName sonarqubedomain.com
   ProxyRequests Off
   ProxyPreserveHost On
   ProxyVia Full
   <Proxy *>
      Require all granted
   </Proxy>

   <Location />
      ProxyPass http://localhost:9000/
      ProxyPassReverse http://localhost:9000/
   </Location>
</VirtualHost>
Save and close the file
Enable VirtualHost
$ sudo a2ensite sonarqube.conf
Let's test apache configuration file.
$ sudo apachectl -t 
$ Syntax OK
If you see an error then fix them if out is ok restart apache.
$ sudo systemctl restart apache2.service
Browse your URL (http://sonarqubedomain.com)  to test SonarQube console from the outside. 
Default User and password is admin


Step 7- Setup SonarQube code Scanner:
SonarQube Scanner is separate package that you can install on the separate machine and integrate with SonarQube Server. But in my case, I'm going to install the scanner on the same server. let's follow the steps.

Create a directory that will hold Sonar Scanner and cd to the directory.
$ sudo mkdir /opt/sonarscanner && cd /opt/sonarscanner/
Next, Download the Scanner code.
$ sudo wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip
Unzip code
$ sudo unzip sonar-scanner-cli-3.2.0.1227-linux.zip
Let's modify settings and tell Scanner to use Sonar Server url to store the results.
$ sudo vi sonar-scanner-3.2.0.1227-linux/conf/sonar-scanner.properties
Add Sonar Server URL:
 sonar.host.url=https://sonarqube.domain.com
Save and Exit from the file
Make Sonar scanner executable
$ sudo chmod +x sonar-scanner-3.2.0.1227-linux/bin/sonar-scanner
Then create a symbolic link so that you can call the scanner without specifying the path:
$ sudo ln -s /opt/sonarscanner/sonar-scanner-3.2.0.1227-linux/bin/sonar-scanner /usr/local/bin/sonar-scanner
Now that the scanner is set up, we're ready to run our first code scan.
Step 7- Setup SonarQube Server and scanner in Jenkins:
Open Jenkins and follow the steps below for integration:
  • Install the SonarQube plugin:
Manage Jenkins > Manage Plugins > Search "SonarQube Scanner" > Select and install 



After installation
  •  let's enable configuration.
Go to > Manage Jenkins Configure System > go to SonarQube Servers list
add following details:
Apply > Save your chages.
SonarQube Server configuration has enabled. 
  • let's enable SonarQube Scanner setting.
Go to > Manage Jenkins > Configure Tool configuration > 
Add Sonar Scanner path directory as in below picture:
Apply & Save your changes. 
Now you can use Sonnar Scanner in your project and review the result on Sonnar console.

SonarQube Server & Scanner installation and Jenkins integration completed successfully. 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)