Code Analysis Tool Integration Practice — SonarQube Installation

SonarQube 是一款非常知名的Code Analysis工具，它可以幫助你找出程式中Code Reliability, Application Security, Technical Debt 等方面的問題，目前已經支援了Java, C#, JavaScript, TypeScript, Python, C/C++, Ruby, Kotlin, Go等27種程式語言，今天就要來跟大家分享如何安裝SonarQube。

1. Install postgreSQL 9.6 (SonarQube v7.9 we will no longer support MySQL )

1.1 Download and install

sudo rpm — httpproxy http://pkg.proxy.prod.jp.local:10080 -ivh http://yum.postgresql.org/9.6/redhat/rhel-7.3-x86_64/pgdg-centos96-9.6-3.noarch.rpm
yum update
sudo yum install postgresql96 postgresql96-server postgresql96-contrib
sudo /usr/pgsql-9.6/bin/postgresql96-setup initdb

1.2 Change the access method to md5

sudo vim /var/lib/pgsql/9.6/data/pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
# “local” is for Unix domain socket connections only local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 ident
#host replication postgres ::1/128 ident

1.3 Enable and start service

sudo systemctl enable postgresql-9.6.service
sudo systemctl start postgresql-9.6.service

2. Configure postgreSQL

2.1 Change the password for the default PostgreSQL user

sudo passwd postgres
su — postgres

2.2 Create a new user by typing

createuser sonar

2.3 Switch to the PostgreSQL shell

psql

2.4 Set up DB

ALTER USER sonar WITH ENCRYPTED password ‘P@ssw0rd’;
CREATE DATABASE sonar OWNER sonar;
GRANT ALL PRIVILEGES ON DATABASE sonar TO sonar;
\q
2.5 Switch back to the sudo user by running the exit command
exit

3. Install SonarQube

3.1 Download and unzip

https_proxy=http://pkg.proxy.prod.jp.local:10080 wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.9.zip
sudo unzip sonarqube-7.9.zip -d /home/$USER_NAME
chown -R $USER_NAME:$USER_GROUP /home/$USER_NAME
cd /home/$USER_NAME

3.2 Edit the sonar.sh configuration file

vim sonarqube-7.9/bin/linux-x86–64/sonar.sh
//add option RUN_AS_USER=USER_NAME in this file

3.3 Edit the sonar.properties configuration file

vim sonarqube-7.9/conf/sonar.properties
//Configure the following options
sonar.jdbc.username=sonar
sonar.jdbc.password=P@ssw0rd’
sonar.jdbc.url=jdbc:postgresql://localhost/sonar
sonar.web.javaAdditionalOpts=-server
sonar.web.host=0.0.0.0

3.4 increase the resource SonarQube needed

sudo vim /etc/sysctl.conf
//Add the following line at the end
vm.max_map_count=262144
sudo vim /etc/security/limits.conf
//Add the following lines
* soft nproc 65536
* hard nproc 65536
* soft nofile 65536
* hard nofile 65536

4. Configure Systemd service

4.1 Setup a Systemd unit file for SonarQube

sudo vim /etc/systemd/system/sonar.service
//Populate the file with:
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/home/$USER_NAME/sonarqube-7.9/bin/linux-x86–64/sonar.sh start
ExecStop=/home/$USER_NAME/sonarqube-7.9/bin/linux-x86–64/sonar.sh stop
User=cloud-user
Group=rakuten
LimitNOFILE=65536
Restart=always
[Install]
WantedBy=multi-user.target

4.2 Enable and start service

sudo systemctl enable sonar
sudo systemctl start sonar

4.3 Open SonarQube web UI on http://$HOST:9000/

看到這邊希望大家也已經成功把SonarQube安裝完成了，之後還會再分享SonarQube和 Jenkins 還有 SonarLint 的整合，期待下次見囉。 👋