This Repository contains scripts and dockerfiles, to setup a single node instance of sonarqube, behind nginx proxy over https.
- docker
- docker-compose
- stable internet connection 😜
- make (optional if you are doing Prebuild step with makefile )
- SonarQube Version:8.7.0-community
- Sonar-Scanner Version: 4.6.0.2311
- JAVA VERSION For Scanner: openjdk11-jre
- NGINX Version Latest
- POSTGRES Version: 12
You can perform this step by following ways:
- Makefile
- Manually
Fill all the information mentioned in config.conf and execute make.
Go to scripts directory and execute all the scripts with following param
- If you want to generate new self signed certificate for ca and sonar server execute script.
./gen_cert.sh HOST_IP_ADDRESS COUNTRY STATE CITY ORG EMAILNote: If you already have those in handy with you just copy ca cert with name root-ca.crt in certs/ca/root-ca.crt and sonar-serer crt with name sonar.crt in certs/sonar/sonar.crt, relative to repo root directory, and also paste both certs with name mentioned above in scanner/ directory.
- Generate NGINX Config For The Host.
./gen_nginx_conf.sh HOST_NAME/HOST_IP_ADDRESS- Generate Environment Files For Docker Images.
./gen_env_file.sh POSTGRES_USERNAME POSTGRES_PASSWORD
- Building Sonar Server.
Go to Source Root and Execute the following command.
docker-compose -f docker-compose.yaml up -d- Buind Sonar Scanner Image.
Note: There is generic sonar-project.properties existing in scanner directory, if you have specific requirement update the sonar-project.properties file before building the image
cd scanner
docker build -f scanner.dockerfile -t scanner_image_name .You can run a scan in two ways:
- Filling sonar.variables. And running command
sudo docker run -v host_abs_path_to_sonar.variables:/var/sonar.variables -v abs_path_to_project_dir:/workspace/project_dir -it image_name- By Manually entering details.
sudo docker run -v SOURCE_CODE_BASE_DIR_PATH_IN_HOST:/workspace/SOURCE_CODE_DIR_NAME -it IMAGE_NAME HOST_ADDRESS PROJECT_KEY PROJECT_LOGIN_KEY [PROJECT_BRANCH [SONAR_PROJECT_NAME [SONAR_COMMUNITY] ] ]SOURCE_CODE_BASE_DIR_PATH_IN_HOST = “Absolute path of source code dir in host system”
SOURCE_CODE_DIR = “you can use any name, but better to name it same as dir in host.”
HOST_ADDRESS = “Path of sonar server without protocol”
PROJECT_KEY = “HUMAN READABLE KEY ALIAS”
PROJECT_LOGIN_KEY = “Login Key for a Project, you can get this while running the scan first time”
PROJECT_BRANCH = If SONAR_COMMUNITY is not specified or SONAR_COMMUNITY=yes then this value will be ignored, If it is anything else then you can specify the branch, it is use to validate before running the scan on source code whether current branch is same as the one mentioned. And to display the branch name in sonarqube UI beside PROJECT NAME.
SONAR_COMMUNITY = Its value can be yes or no, default : yes, if sonar server is community version then set it to yes.
To clean all thhe pre build files execute following:
make clean
- Why we need to build image for sonar-scanner?
Ans: In case of self-signed certificate you will required to build the image for sonar scanner in order to avoid adding server cert in java truststore for each machine you use to run the analysis. If you are scanning on a dedicated machine, or not using self signed certificate you can skip the step of building sonar-scanner image.