By Arslan Ud Din Shafiq, Alibaba Cloud Tech Share Author. Tech Share is Alibaba Cloud's incentive program to encourage the sharing of technical knowledge and best practices within the cloud community.
SonarQube is a leading open source code quality inspection system. With SonarQube, you can inspect code for more than 20 programming languages including Java, PHP, C#, C and C++, Python, JavaScript, and Swift. SonarQube is available for free, however, there is also a paid version for enterprises available. The support for certain languages is available only in the paid or commercial version of SonarQube.
SonarQube can find security vulnerabilities, detect bugs, and code smells by static analysis of code. It performs automatic reviews and shows the health of an application. SonarQube highlights errors introduced recently and has a Quality Gate where you can fix leaks. It allows you to analyze pull requests in which analyses will be run on feature branches before it has been pushed to SonarQube. In this way, you will get the opportunity to fix issue before it reaches SonarQube.
Branch Analysis is done to ensure that the code is clean and approved for merging in master. SonarQube allows you to dig into issues so that you may analyze and locate the issues in code and who did these mistakes in the code. SonarQube visualizes the history of a project and explores all execution paths.
In short, SonarQube will help you to maintain your code by detecting issues, security vulnerabilities and code smells and provide results in form of reports. To use SonarQube, you will be required to install analysis engine application to your developer's computer and a centralized server for reporting and records. This centralizes the code quality reports because the server application will be accessed by multiple developer's computers.
In this tutorial, we will be installing and configuring SonarQube on an Alibaba Cloud Elastic Compute Service (ECS) instance with Ubuntu 16.04.
Before proceeding with installation of any kind of package, use the following command to update your Ubuntu system. To execute this command, remember to login from non-root user with sudo privileges.
# sudo apt update && sudo apt upgrade
For installation of Oracle JDK, you will need to add a repository. But to add that repository, you will have to install add-apt-repository to add repository in apt package. To do this, execute the following command.
# sudo apt-get install -y software-properties-common
Now you have to setup Java JDK environment. SonarQube requires Oracle JDK. To install Oracle JDK, follow the steps below.
Step 1: Add the required repository in apt repository by executing the command below.
# sudo add-apt-repository ppa:webupd8team/java
Step 2: Now update the apt repository by executing the command below.
# sudo apt-get update
Step 3: Proceed with the installation of JDK. At the time of writing, SonarQube supports only JDK 8, so remember to use this version only. Don't use any other version for now.
# sudo apt install oracle-java8-installer
You will be required to unzip the compressed zip folder of SonarQube, for this purpose, you will have to install unzip. To install, execute the command:
# sudo apt-get install unzip
SonarQube supports PostgreSQL, MySQL, MSSQL and Oracle. In this tutorial, I will use PostgreSQL as MySQL is not recommended for large instances. For using MySQL, you can only use bundled mysql-connector-java. InnoDB engine is a must in MySQL. To avoid such restrictions, I strongly recommend using PostgreSQL. Follow the steps below to install PostgreSQL.
Step 1: Install PostgreSQL repo.
# sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
# wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -
Step 2: Now install the PostgreSQL server by executing the command below.
# sudo apt-get -y install postgresql postgresql-contrib
Step 3: Execute the following command to start and enable PostgreSQL server so that it can start automatically after reboot.
# sudo systemctl start postgresql
# sudo systemctl enable postgresql
To install SonarQube for continues quality inspection of code, follow the steps below.
Step 1: Create a directory named sonar. You can give your desired name to directory but you will require to follow your own directory path for next steps in installation of SonarQube.
# sudo mkdir /opt/sonar
Step 2: Now you will have to give permissions to your username for created directory so that you may make changes. For this purpose, execute the following command. Remember to replace aareez with your own username.
# sudo chown -R aareez:aareez /opt/sonar
Now that you have already set up your server and installed a PostgreSQL database, it's time for us to install SonarQube. To download and install SonarQube, follow the steps below.
Step 1: Navigate to directory /opt/sonar that you created for SonarQube.
# cd /opt/sonar
Step 2: Now you will have to download a copy of SonarQube from its official website. To do so, execute the following command.
# sudo wget https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-7.2.1.zip
Step 3: Now you can see compressed zip folder in your CLI by executing the command.
# ls -li
Extract the files from compressed folder by unzipping it. To do so, execute the following command.
# sudo unzip sonarqube-7.2.1.zip
To create and configure database, follow the steps below.
Step 1: Change the password for postgres user and switch to postgres user. To change password execute the command.
# sudo passwd postgres
Now execute the command below to switch to postgres user.
# su - postgres
Step 2: Now create new user by executing the following command.
# createuser sqube
Step 3: Now open Postgres shell for executing queries. To open, execute the command.
# psql
Step 4: Execute the following queries. First query will create password for user, second query will create database and assign database privileges to user and the third query will exit from MySQL server.
ALTER USER sqube WITH ENCRYPTED password '654321Ab';
CREATE DATABASE sqube OWNER sqube;
\q
Step 5: Execute the following command to switch back to sudo user.
# exit
To start using SonarQube, you will need to do some basic configurations including setting up database settings and running in server mode.
Open sonar.properties file to configure username and password for database and tell about driver to be used by SonarQube for database connection. Execute the following command to open file.
# cd /opt/sonar
# sudo nano sonarqube-7.2.1/conf/sonar.properties
After executing the above command, a document will be opened. You will see the following area. Remove # from start of both lines and write your MySQL username and password, you set while creating database.
Find the following section, sonar.jdbc.url, and remove # to uncomment the line. This makes SonarQube use PostgreSQL where sonar should be changed with sqube, which is name of database:
Now find sonar.web.host, uncomment this line by removing # and change IP to 127.0.0.1
Now find sonar.web.javaAdditionalOpts, uncomment the line by removing # and change the value to -server.
After making changes, press Ctrl + X, type Y and hit Enter key to save the settings.
SonarQube listens to port 9000 by default on localhost. To access it via standard HTTP 80 port, you will need to setup reverse proxy.
Follow the steps below for configurations.
Step 1: Enable proxy mode by executing commands.
# sudo a2enmod proxy
# sudo a2enmod proxy_http
Step 2: Proceed to set up a virtual host. Execute the following command to proceed towards creation of virtual host.
# sudo nano /etc/apache2/sites-available/softpedia.xyz.conf
Step 3: Add the following text in opened file, then press Ctrl + X, type Y and hit Enter key to save the file.
ProxyRequests Off
ProxyPreserveHost On
<VirtualHost *:80>
ServerName www.softpedia.xyz
ServerAdmin admin@softpedia.xyz
ProxyPreserveHost On
ProxyPass / http://localhost:9000/
ProxyPassReverse / http://www.softpedia.xyz/
</VirtualHost>
Step 4: Now you will have to enable your newly created virtual host and then start and enable your apache server. To do so, execute the command.
# sudo a2ensite softpedia.xyz.conf
# sudo systemctl start apache2
# sudo systemctl enable apache2
Step 5: Add a non-root user named sonar.
# sudo adduser sonar
Assign permissions to sonar user for directory /opt/sonar
# sudo chown -R sonar:sonar /opt/sonar
Now open the bash file to assign RUN_AS_USER.
# sudo nano /opt/sonar/sonarqube-7.2.1/bin/linux-x86-64/sonar.sh
Locate RUN_AS_USER in opened file, remove # sign to uncomment the line and add value as sonar, then press Ctrl + X, type Y and hit Enter key to save the file.
To start SonarQube, execute the command below.
# opt/sonar/sonarqube-7.2.1/bin/linux-x86-64/sonar.sh start
To start SonarQube, execute the command below.
# /opt/sonar/sonarqube-7.2.1/bin/linux-x86-64/sonar.sh stop
Here you go! You have successfully installed and configured SonarQube. You can access it easily by using your domain name. In my case, I have used www.softpedia.xyz.
How to Migrate WooCommerce to Alibaba Cloud ECS with Let's Encrypt
2,599 posts | 764 followers
FollowAlibaba Clouder - June 4, 2019
Alibaba Clouder - June 10, 2019
Alibaba Clouder - June 5, 2019
Alibaba Cloud Community - March 23, 2022
Alibaba Cloud Community - March 28, 2022
Alibaba Clouder - August 28, 2020
2,599 posts | 764 followers
FollowElastic and secure virtual cloud servers to cater all your cloud hosting needs.
Learn MoreAn all-in-one service for log-type data
Learn MoreAutomate performance monitoring of all your web resources and applications in real-time
Learn MoreMore Posts by Alibaba Clouder
Raja_KT March 21, 2019 at 2:38 pm
There was a proposal for use of SonarCube in one GDPR project. I am not sure how much value additions it can be . It can be an overhead to project.