What is SonarQube?
- It is open source Static Code analysis tool which is used by developer to manage source code quality and consistency.
- SonarQube work with 25 different languages like Java (including Android), C#, C/C++, JavaScript, TypeScript, Python, Go, Swift, COBOL, Apex, PHP, Kotlin, Ruby, Scala, HTML, CSS, ABAP, Flex, Objective-C, PL/I, PL/SQL, RPG, T-SQL, VB.NET, VB6, and XML. Some of these are only available via a commercial license.
Please find list of Static testing tool given below:
- Finds errors earlier
- Detect Overcomplexity in the code
- Find Security errors
- Enforces Best coding Practices
- Automated and integrated in Jenkis
- Can create Project Specific rules
Please find list of Quality checks included given below:
- Potential Bugs
- Code defects to design inefficiency
- Code duplication
- Lack of code coverage
- Excess Complexity
Please find the List of Features of SonarQube given below:
- Detect Bugs
- Code Smells ( Technical Debt, Code practices )
- Security Vulnerability
- Activate Rules needed
- Execution Path (Dataflow )
- Automated Code analysis
- Get access through webhooks and API
- Integrate with Github
- Analyze branches
- Discover Memory leak
- Good Visualizer
- Enforces Quality Gate
- Digs into issues
- Plugins for the IDE
How to setup the SonarQube in a local machine?
It includes multiple steps given below:
1) Install and configure PostgreSQL
Install the PostgreSQL repository.
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
Install the PostgreSQL database server by running:
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add - sudo apt-get -y install postgresql postgresql-contrib
Start PostgreSQL server and enable it to start automatically at boot time by running:
sudo systemctl start postgresql sudo systemctl enable postgresql
Change the password for the default PostgreSQL user.
sudo passwd postgres
Switch to the postgres user.
su - postgres
Create a new user by typing:
createuser sonar
Switch to the PostgreSQL shell.
psql
Set a password for the newly created user for SonarQube database.
ALTER USER sonar WITH ENCRYPTED password 'P@ssword';
Create a new database for PostgreSQL database by running:
CREATE DATABASE sonar OWNER sonar;
Exit from the psql shell:
\q
Switch back to the sudo user by running the exit command.
exit
2) Download and configure SonarQube
Download the SonarQube installer files archive. (version will be vary based on latest one so you can update last name based on that)
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.7.0.41497.zip
You can always look for the link to the latest version of the application on the SonarQube download page. Install unzip by running:
apt-get -y install unzip
Unzip the archive using the following command.
sudo unzip sonarqube-7.3.zip -d /opt
Rename the directory:
sudo mv /opt/sonarqube-7.3 /opt/sonarqube
Assign permissions to administrator user for directory /opt/sonarqube
sudo chown -R administrator:administrator /opt/sonarqube/
Open the SonarQube configuration file using your favorite text editor.
sudo nano /opt/sonarqube/conf/sonar.properties
Find the following lines.
#sonar.jdbc.username= #sonar.jdbc.password=
Uncomment and provide the PostgreSQL username and password of the database that we have created earlier. It should look like:
sonar.jdbc.username=sonar sonar.jdbc.password=P@ssword
Next, find:
#sonar.jdbc.url=jdbc:postgresql://localhost/sonar
Uncomment the line, save the file and exit from the editor.
Finally, tell SonarQube to run in server mode :
sonar.web.javaAdditionalOpts=-server
3) Configure Systemd service
SonarQube can be started directly using the startup script provided in the installer package. As a matter of convenience, you should setup a Systemd unit file for SonarQube.
sudo nano /etc/systemd/system/sonar.service
Please copy and paste below content in this file:
[Unit] Description=SonarQube service After=syslog.target network.target
[Service] Type=forking ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop User=root Group=root Restart=always
[Install] WantedBy=multi-user.target
Start the application by running:
sudo systemctl start sonar
Enable the SonarQube service to automatically start at boot time.
sudo systemctl enable sonar
To check if the service is running, run:
sudo systemctl status sonar
4) Install and Configure NGINX
SonarQube is web based tool, so we need to setup web-server to run it. To install the web server to find the command listed below:
sudo apt-get install nginx -y
Start Nginx server:
sudo systemctl start nginx
Enable Nginx to run at the system startup
sudo systemctl enable nginx
Create configuration file in Nginx
sudo nano /etc/nginx/sites-enabled/sonarqube.conf
Paste the below detail in that file
server{
listen 9000;
server_name sonarqube.developerinsider.co;
access_log /var/log/nginx/sonar.access.log;
error_log /var/log/nginx/sonar.error.log;
proxy_buffers 16 64k;
proxy_buffer_size 128k;
location / {
proxy_pass http://127.0.0.1:9000;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
}
}
Save this file and exit from there. Now, restart the Nginx service with below command
sudo systemctl restart nginx
Now, SonarQube is ready to access on “http://localhost:9000”. If you will get any error while accessing then refresh it after some time as SonarQube service might take time to start.
Now, you can access and perform tasks on SonarQube panel with the credentials set in the top. It is require to change password which we set default for the admin. Now, you can setup the project and scan using the Sonascanner and see reports for the code standard in the panel.
If you want to check the installation and execution of Sonar scanner then visit the “How to setup and Run SonarScanner on Linux local system” blog.