010-68421378
sales@cogitosoft.com
Your location:Home>News Center >Industry News

SonarQube:Install the Server

发布时间:2021/12/17 浏览量:944
This section describes a single-node SonarQube instance. For details on clustered setup, see Install the Server as a Cluster.

 

SonarQube:Install the Server

Overview

This section describes a single-node SonarQube instance. For details on clustered setup, see Install the Server as a Cluster.

Instance components

A SonarQube instance comprises three components:

 

Hosts and locations

For optimal performance, the SonarQube server and database should be installed on separate hosts, and the server host should be dedicated. The server and database hosts should be located in the same network.

All hosts must be time-synchronized.

Installing the database

Several database engines are supported. Be sure to follow the requirements listed for your database. They are real requirements not recommendations.

Create an empty schema and a sonarqube user. Grant this sonarqube user permissions to create, update, and delete objects for this schema.

Microsoft SQL Server

Collation MUST be case-sensitive (CS) and accent-sensitive (AS).
READ_COMMITED_SNAPSHOT MUST be set on the SonarQube database.

MS SQL database's shared lock strategy may impact SonarQube runtime. Making sure that is_read_committed_snapshot_on is set to true to prevent SonarQube from facing potential deadlocks under heavy loads.

Example of query to check is_read_committed_snapshot_on:

SELECT is_read_committed_snapshot_on FROM sys.databases WHERE name='YourSonarQubeDatabase';

Example of query to update is_read_committed_snapshot_on:

ALTER DATABASE YourSonarQubeDatabase SET READ_COMMITTED_SNAPSHOT ON WITH ROLLBACK IMMEDIATE;

Integrated Security

To use integrated security:

 

If you're running the SonarQube server from a command prompt, the user under which the command prompt is running should have db_owner database role membership.

sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true

SQL Authentication

To use SQL Authentication, use the following connection string. Also ensure that sonar.jdbc.username and sonar.jdbc.password are set appropriately:

sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar

sonar.jdbc.username=sonarqube

sonar.jdbc.password=mypassword

 

Oracle

If there are two SonarQube schemas on the same Oracle instance, especially if they are for two different versions, SonarQube gets confused and picks the first it finds. To avoid this issue:

Oracle JDBC driver versions 12.1.0.1 and 12.1.0.2 have major bugs, and are not recommended for use with the SonarQube (see more details).

 

PostgreSQL

If you want to use a custom schema and not the default "public" one, the PostgreSQL search_path property must be set:

ALTER USER mySonarUser SET search_path to mySonarQubeSchema

 

Installing SonarQube from the ZIP file

First, check the requirements. Then download and unzip the distribution (do not unzip into a directory starting with a digit).

SonarQube cannot be run as root on Unix-based systems, so create a dedicated user account for SonarQube if necessary.

$SONARQUBE-HOME (below) refers to the path to the directory where the SonarQube distribution has been unzipped.

Setting the Access to the Database

Edit $SONARQUBE-HOME/conf/sonar.properties to configure the database settings. Templates are available for every supported database. Just uncomment and configure the template you need and comment out the lines dedicated to H2:

Example for PostgreSQL

sonar.jdbc.username=sonarqube

sonar.jdbc.password=mypassword

sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube

Adding the JDBC Driver

Drivers for the supported databases (except Oracle) are already provided. Do not replace the provided drivers; they are the only ones supported.

For Oracle, copy the JDBC driver into $SONARQUBE-HOME/extensions/jdbc-driver/oracle.

Configuring the Elasticsearch storage path

By default, Elasticsearch data is stored in $SONARQUBE-HOME/data, but this is not recommended for production instances. Instead, you should store this data elsewhere, ideally in a dedicated volume with fast I/O. Beyond maintaining acceptable performance, doing so will also ease the upgrade of SonarQube.

Edit $SONARQUBE-HOME/conf/sonar.properties to configure the following settings:

sonar.path.data=/var/sonarqube/data

sonar.path.temp=/var/sonarqube/temp

The user used to launch SonarQube must have read and write access to those directories.

Starting the Web Server

The default port is "9000" and the context path is "/". These values can be changed in $SONARQUBE-HOME/conf/sonar.properties:

sonar.web.host=192.168.0.1

sonar.web.port=80

sonar.web.context=/sonarqube

Execute the following script to start the server:

Adjusting the Java Installation

If there are multiple versions of Java installed on your server, you may need to explicitly define which version of Java is used.

To change the Java JVM used by SonarQube, edit $SONARQUBE-HOME/conf/wrapper.conf and update the following line:

wrapper.java.command=/path/to/my/jdk/bin/java

Advanced Installation Features

Installing SonarQube from the Docker Image

Follow these steps for your first installation:

Create the volumes with the following commands:

$> docker volume create --name sonarqube_data

$> docker volume create --name sonarqube_logs

$> docker volume create --name sonarqube_extensions

Make sure you're using volumes as shown with the above commands, and not bind mounts. Using bind mounts prevents plugins from populating correctly.

 

 

a. Start the SonarQube container with the embedded H2 database:

$ docker run --rm \

    -p 9000:9000 \

    -v sonarqube_extensions:/opt/sonarqube/extensions \

    <image_name>

b. Exit once SonarQube has started properly.

c. Copy the Oracle JDBC driver into sonarqube_extensions/jdbc-driver/oracle.

 

3. Run the image with your database properties defined using the -e environment variable flag:

$> docker run -d --name sonarqube \

    -p 9000:9000 \

    -e SONAR_JDBC_URL=... \

    -e SONAR_JDBC_USERNAME=... \

    -e SONAR_JDBC_PASSWORD=... \

    -v sonarqube_data:/opt/sonarqube/data \

    -v sonarqube_extensions:/opt/sonarqube/extensions \

    -v sonarqube_logs:/opt/sonarqube/logs \

    <image_name>

 

For more configuration environment variables, see the Docker Environment Variables.

Use of the environment variables SONARQUBE_JDBC_USERNAME, SONARQUBE_JDBC_PASSWORD, and SONARQUBE_JDBC_URL is deprecated and will stop working in future releases.

Example Docker Compose configuration

If you're using Docker Compose, use the following example as a reference when configuring your .yml file. Click the heading below to expand the .yml file.

The example below will use the latest version of the SonarQube Docker image. If want to use the LTS version of SonarQube, you need to update the example with the sonarqube:lts-community image tag.

Next Steps

Once your server is installed and running, you may also want to Install Plugins. Then you're ready to begin Analyzing Source Code.

Troubleshooting/FAQ

Failed to connect to the Marketplace via proxy

Double check that settings for proxy are correctly set in $SONARQUBE_HOME/conf/sonar.properties. Note that if your proxy username contains a backslash, then it should be escaped - for example username "domain\user" in file should look like:

http.proxyUser=domain\\user

For some proxies, the exception "java.net.ProtocolException: Server redirected too many times" might mean an incorrect username or password has been configured.

Exception java.lang.RuntimeException: can not run elasticsearch as root

SonarQube starts an Elasticsearch process, and the same account that is running SonarQube itself will be used for the Elasticsearch process. Since Elasticsearch cannot be run as root, that means SonarQube can't be either. You must choose some other, non-root account with which to run SonarQube, preferably an account dedicated to the purpose.

Sonarqube DNS cache

When reporting Quality Gate status to DevOps platforms, SonarQube uses a DNS cache time to live policy of 30 seconds. If necessary, you can change this setting in your JVM:

echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"

Please be aware that low values increases the risk of DNS spoofing attacks.

 

下一篇:5.22 Wolfram 中国第二届在线技术大会详细内容
上一篇:Wolfram|COVID-19-策略模拟器-您能找到理想的策略吗?

© Copyright 2000-2023  COGITO SOFTWARE CO.,LTD. All rights reserved