Part 3 CI: Setting up SonarQube
The goal of this guide is to setup SonarQube in the local environment and integrate with Gitlab. I am using Xubuntu 23.04 with minimal installation for this.
Before start installing packages, run the following apt command to update and refresh your Ubuntu package index repository.
sudo apt update
Then, install the Java OpenJDK using the following apt command.
Input Y when prompted to confirm the installation and press ENTER to proceed.
sudo apt install default-jdk
Installing PostgreSQL Database System
SonarQube supports multiple database systems. For this example, I will be using PostgreSQL as the database for your SonarQube installation.
First, add the GPG key of the PostgreSQL repository using the following command and perform the install
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get -y install postgresql
With the PostgreSQL installed on your server, you are ready to set up a new database and user for the SonarQube via the PostgreSQL shell.
Run the following command to log in to the PostgreSQL shell.
sudo -u postgres psql
Now, run the following PostgreSQL queries to create a new database and user for SnonarQube. In this example, you will create the PostgreSQL database and user 'sonarqube'. And be sure to change the password with a strong password.
CREATE USER sonarqube WITH PASSWORD 'Password123';
CREATE DATABASE sonarqube OWNER sonarqube;
GRANT ALL PRIVILEGES ON DATABASE sonarqube TO sonarqube;
Setting up System
To install SonarQube on a Linux system, you must have a dedicated user that will be running SonarQube and some additional configurations such as ulimit and kernel parameters.
Now, you will create a new user for SonarQube, and set up custom kernel parameters via sysctl.conf file, and set up ulimit.
Run the following command to create a new user 'sonarqube' on your system.
sudo useradd -b /opt/sonarqube -s /bin/bash sonarqube
Next, open the file /etc/sysctl.conf using nano editor.
sudo nano /etc/sysctl.conf
Add the following configuration to the bottom of the line. The SonarQube required the kernel parameter vm.max_map_count to be greater than '524288' and the fx.file-max to be greater than '131072'.
vm.max_map_count=524288
fs.file-max=131072
Save the file and exit the editor when you are finished.
Now, run the sysctl command below to apply new changes on the '/etc/sysctl.conf' file. You will notice the result
sudo sysctl --system
Next, run the following command to set up ulimit for the SonarQube. This will take temporary effects on your system, when the system is rebooted, the ulimits will revert to default.
ulimit -n 131072
ulimit -u 8192
To make ulimit configuration permanently, create a new config file '/etc/security/limits.d/100-sonarqube.conf' using the following command.
sudo nano /etc/security/limits.d/100-sonarqube.conf
Add the following configuration to the file.
sonarqube - nofile 131072
sonarqube - nproc 8192
Save the file and close the editor when you are finished.
Now that you have completed the configuration of your Xubuntu system for SnonarQube installation. You will be downloading the SonarQube package and setting up SonarQube installation in the next step.
Downloading SonarQube Package
The SonarQube can be installed in two different ways, via zip file and Docker image. In this example, you will install the SonarQube via the zip file package that you will download from the official SonarQube download page.
At the time of this writing, the SonarQube latest version sonarqube-10.1.0.73491, which you will be installing in the following steps.
Before downloading the SonarQube package, run the following apt command to install a basic package such as unzip and wget.
sudo apt install unzip software-properties-common wget
Now, download the SonarQube package via the wget command below.
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-10.1.0.73491.zip
Extract the SonarQube package using the unzip command below. You should get a new directory 'sonarqube-10.1.0.73491' where the SonarQube package is stored.
unzip sonarqube-10.1.0.73491.zip
Move the directory 'sonarqube-9.6.1.59531' to the '/opt/sonarqube' using the below command.
mv sonarqube-10.1.0.73491 /opt/sonarqube
Lastly, change the ownership of the SonarQube installation directory '/opt/sonarqube' to the user 'sonarqube' via the chown command as below.
sudo chown -R sonarqube:sonarqube /opt/sonarqube
Configuring SonarQube
After downloading the SonarQube package, you will set up the SonarQUbe installation by editing the default config file '/opt/sonarqube/conf/sonar.properties'.
You will add the PostgreSQL database details, set up the max memory heap for the Elasticsearch process, and set up the web host and port for the SonarQube service via the file '/opt/sonarqube/conf/sonar.properties'. And lastly, you will set up SonarQube as a systemd service.
Now, open the SonarQube configuration file '/opt/sonarqube/conf/sonar.properties' using nano editor.
nano /opt/sonarqube/conf/sonar.properties
For the database configuration, uncomment some of the following options and change the default value using your database details.
sonar.jdbc.username=sonarqube
sonar.jdbc.password=Password123
sonar.jdbc.url=jdbc:postgresql://localhost:5432/sonarqube
Now, uncomment the following configuration to set up the max heap memory size for the elasticsearch process. In his example, the max heap will be 512 MB.
sonar.search.javaOpts=-Xmx512m -Xms512m -XX:MaxDirectMemorySize=256m -XX:+HeapDumpOnOutOfMemoryError
Lastly, uncomment and change the following configurations to set up the IP address and port of the SonarQube will be running. Also, the log level will be 'INFO" and stored in the 'logs' directory of the SonarQube installation directory.
sonar.web.host=127.0.0.1
sonar.web.port=9000
sonar.web.javaAdditionalOpts=-server
sonar.log.level=INFO
sonar.path.logs=logs
Save the file and exit the editor when you are finished.
After you have finished the SonarQube configuration. Now, you will set up the systemd service file for SonarQube. This allows you easily to control the SonarQube process by using the systemctl command.
Run the following command to create a new systemd service file '/etc/systemd/system/sonarqube.service'.
sudo nano /etc/systemd/system/sonarqube.service
Add the following configuration to the file.
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
User=sonarqube
Group=sonarqube
Restart=always
LimitNOFILE=65536
LimitNPROC=4096
[Install]
WantedBy=multi-user.target
Save the file and exit the editor when you are done.
Now, reload the systemd manager by using the following command.
sudo systemctl daemon-reload
After that, start and enable the 'sonarqube.service' via the systemctl command below.
sudo systemctl start sonarqube.service
sudo systemctl enable sonarqube.service
Please restart your machine.
After that launch a browser and you can go ahead and login in SonarQube in localhost:9000. The username: admin and password: admin
Setting hostname
Go to terminal and perform sudo nano /etc/hosts, add the below and save
192.168.1.110 gitlab.testlabs.local
Accepting Gitlab Certificate
From here on, this is one of the most crucial step, if you have miss, please refer to my Part 2 CI series
Launch your Firefox or any browser. Open the https://gitlab.testlabs.local
Click on the cert icon and click on more information
Click on the security tab, click on the View Certificate. There will be a popup on the certificate. Scroll until you see the Download. Click to download the PEM(cert)
Next copy the file to the certificate folder
sudo cp localhost.pem /usr/share/ca-certificates/localhost.pem
sudo nano /etc/ca-certificates.conf
Scroll to the bottom and add the localhost.pem
Once you complete save and in the terminal, type
sudo update-ca-certificates
Setting up Gitlab Personal Access Token
Go to gitlab.{please use yours domain}, your account and create a token, you can tick the top 5, then click on Create Personal access token. Copy the token code
Setting up SonarQube and Gitlab
Go back to your SonarQube url. Login and go to Administration > Configuration > DevOps Platform Integration. Now you can put the token code. The GitLab API URL is https://{your domain}/api/v4
Once completed you are done in setting up the Gitlab and SonarQube link.
Some further topics you can research on
1. Setting up of https which require some knowledge of cert and nginx
2. Setting up of Project and yml file in Gitlab