sonarqube.md

SonarQube

Leading open source code quality tool.

https://www.sonarsource.com/open-source-editions/sonarqube-community-edition/

• Config
  • SonarCloud
• SonarQube on Kubernetes
• SonarQube Plugins
• Sonar Scanner CLI
  • Download Sonar Scanner
  • Create sonar-project.properties from template
  • Back up the config first
  • Replace the sonar.host.url with the docker address
  • Run Sonar Scanner

Config

The sonar.properties config should be at the top of a repo - example configs:

HariSekhon/lib-java sonar-project.properties

Nagios-Plugin-Kafka - sonar-project.properties

HariSekhon/Nagios-Plugins - sonar-project.properties

HariSekhon/DevOps-Bash-tools - sonar-project.properties

HariSekhon/DevOps-Python-tools - sonar-project.properties

SonarCloud

.sonarcloud.properties - also at the top of repo:

sonar.host.url=https://sonarcloud.io

https://docs.sonarqube.org/10.0/devops-platform-integration/github-integration/

SonarQube on Kubernetes

HariSekhon/Kubernetes-configs - sonarqube

Comparison to last triggered only for pull between branches - everyone has to develop on their own branch.

SonarLint plugin in IntelliJ for on-the-fly feedback of new bugs and quality issues.

Default username/password: admin/admin

Free hosted instance:

https://sonarqube.com/dashboard/index

Local Docker instance:

docker run -d --name sonar-postgres \
              -e POSTGRES_USER=sonar \
              -e POSTGRES_PASSWORD=sonarpw \
              postgres

Don't map -p 5432 in case we have more than one postgres container, so check via temporary container psql:

docker run -ti --rm --link sonar-postgres postgres sh \
      -c 'exec psql -h "$SONAR_POSTGRES_PORT_5432_TCP_ADDR" -p "$SONAR_POSTGRES_PORT_5432_TCP_PORT" -U sonar'

This would run with in-built H2 database which is not recommended

#docker run -d --name sonarqube \
            -p 9000:9000 \
            -p 9092:9092 \
            sonarqube # :5.1

docker run -d --name sonarqube \
              --link sonar-postgres:pgsonar \
              -p 1026:9000 \
              -e SONARQUBE_JDBC_URL=jdbc:postgresql://pgsonar:5432/sonar \
              -e SONARQUBE_JDBC_USERNAME=sonar \
              -e SONARQUBE_JDBC_PASSWORD=sonarpw \
              sonarqube # :5.1

SonarQube Plugins

Administration -> System -> Update Center -> Available:

• CheckStyle
• Findbugs
• Groovy
• Java Properties
• PMD
• Puppet
• Python
• XML

-> Restart button at top to install plugins

Scoverage plugin?

Sonar Scanner CLI

Download Sonar Scanner

export SONAR_VERSION=2.6.1 &&
cd /usr/local &&
wget "https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-$SONAR_VERSION.zip" &&
unzip "sonar-scanner-$SONAR_VERSION" &&
ln -sv sonar-scanner "sonar-scanner-$SONAR_VERSION"

Create sonar-project.properties from template

https://github.com/HariSekhon/Templates/blob/master/sonar-project.properties

wget -nc https://raw.githubusercontent.com/HariSekhon/Templates/master/sonar-project.properties

Back up the config first

cp -av sonar-scanner/conf/sonar-scanner.properties{,.bak.$(date '+%F_%H%S')}

Replace the sonar.host.url with the docker address

sed -i 's/#sonar.host.url.*/sonar.host.url=http:\/\/docker:1026/' sonar-scanner/conf/sonar-scanner.properties

Optional arg:

-Dsonar.verbose=true

Run Sonar Scanner

sonar-scanner

Now see SonarQube dashboard.

Ported from private Knowledge Base page 2016+