CQU-SonarQube
Purpose
This software stack provides SonarQube, a service for static code analysis. It supports many programming languages and provides a multitude of different analyses from checking coding guidelines to finding clones, bugs, and vulnerabilities in the code.
Properties
| Stack-Description | SonarQube Code Quality Analysis (CQU) |
|---|---|
| Stack-Image | docker.msg.team/ps/docker-stack-cqu-sonarqube |
| Stack-Version | 10.4.0 |
| Stack-Release | 20240626 |
| Product-Name | SonarQube Community Edition |
| Product-Vendor | SonarSource SA |
| Product-Contact | https://www.sonarqube.org/ |
| Product-Model | Open Source |
| Product-License | LGPL v3 |
| Product-Limits | none |
| Implementation Base | Java |
| Execution Base | JVM |
| Initial Start Time | 00:00:20 |
| Documentation | https://docs.sonarqube.org/latest/ |
Topology
The stack consists of two containers:
- cms-sonarqube: the application
- cms-sonarqube-postgresql: the database
Configuration
| Variable Name | Default | Meaning | |
| CFG_SONARQUBE_PATH | PS4 default path | ||
| CFG_SONARQUBE_PORT | 8080 | port of the application container where SonarQube listens | |
| CFG_SONARQUBE_ADMIN_PASSWORD | somethingsecret | initial password of admin account admin | |
| CFG_SONARQUBE_BASE_URL | PS4 stack URL | HTTP base URL | |
| CFG_SONARQUBE_HOST_NAME | PS4 hostname | hostname to use in order to access the application | |
| CFG_SONARQUBE_DB_DATABASE | sonarqube | name of the database | |
| CFG_SONARQUBE_DB_USERNAME | sonarqube | name of user which accesses the database from the application | |
| CFG_SONARQUBE_DB_PASSWORD | sonarqube | password of user which accesses the datavases from the application | |
| CFG_SONARQUBE_DB_ADMIN_USERNAME | postgresql | Username of PostgreSQL admin | |
| CFG_SONARQUBE_DB_ADMIN_PASSWORD | postgreqsl | password of PostgreSQL admin |
See also the variables which control integration of the stack into the reverse proxy.
For changes to take effect the stack has to be reinstalled.
System prerequisites
SonarQube uses Elasticsearch which requires a large number of memory map areas in the virtual memory - at least 262144. This value must be configured on the PS4 host system.
To change the value permanently add the following line to file /etc/sysctl.conf:
Then run sysctl --system
A temporary change can be achieved by executing sysctl -w vm.max_map_count=262144. This setting gets lost on the next reboot.
First Steps
To authenticate to the application start with the administration user admin with password somethingsecret. Change it promptly by accessing the user menu ("A" icon to the top right of the page) and from there MyAccount->Security.
The Community Branch Plugin is automatically installed. It enables branch and pull request analysis. Therefore SonarQube displays a message informing that 3rd party plugins are not supported by the vendor. Confirm the message to proceed. (A list of plugins may be found at Administration->Marketplace.)
For doing analyses you have to create a project unsing the "+" icon to the top right, next to the user menu icon. You then configure the analysis by creating of an access token. Usually this is then used in your CI-pipeline to let it launch the code analysis at the proper build phase.
Related Documents