SonarQube Installation on Ubuntu 20.04 : A Beginner-Friendly Tutorial

Guardian By Guardian 6 Min Read

SonarQube is a powerful tool that helps developers analyze and improve code quality. Installing it on Ubuntu is a great way to integrate this functionality into your workflow. This beginner-friendly tutorial will guide you step-by-step through the entire process, ensuring you’ll have SonarQube up and running in no time!

Step-by-Step Guide:

Install OpenJDK 11

sudo apt-get install openjdk-11-jdk -y

Install and Configure PostgreSQL

  • Add the PostgreSQL repository:
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
  • Add the PostgreSQL signing key and install PostgreSQL:
sudo apt update
sudo apt install postgresql postgresql-contrib -y
  • Enable automatic start on reboot and start the PostgreSQL service:
sudo systemctl enable postgresql
sudo systemctl start postgresql
  • Change the default PostgreSQL password, create a user named ‘sonar’, and grant necessary privileges:
sudo passwd postgres
su - postgres
createuser sonar
psql
ALTER USER sonar WITH ENCRYPTED password 'my_strong_password';
CREATE DATABASE sonarqube OWNER sonar;
GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;
\q
exit

Download and Install SonarQube

  • Install the zip utility and download SonarQube:
sudo apt-get install zip -y
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-9.6.1.59531.zip
  • Unzip and move the files:
sudo unzip sonarqube-9.6.1.59531.zip
sudo mv sonarqube-9.6.1.59531 /opt/sonarqube

Add SonarQube Group and User

  • Create a dedicated user and group for SonarQube:
sudo groupadd sonar
sudo useradd -d /opt/sonarqube -g sonar sonar
sudo chown sonar:sonar /opt/sonarqube -R

Configure SonarQube

  • Edit the SonarQube configuration file:
sudo nano /opt/sonarqube/conf/sonar.properties
  • Add database configuration:
sonar.jdbc.username=sonar
sonar.jdbc.password=my_strong_password
sonar.jdbc.url=jdbc:postgresql://localhost:5432/sonarqube
  • Edit the sonar script file:
sudo nano /opt/sonarqube/bin/linux-x86–64/sonar.sh
  • Modify the ‘RUN_AS_USER’ line:
RUN_AS_USER=sonar

Setup Systemd Service

Create a systemd service file:

sudo nano /etc/systemd/system/sonar.service
  • Paste the following:
[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86–64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86–64/sonar.sh stop
User=sonar
Group=sonar
Restart=always
LimitNOFILE=65536
LimitNPROC=4096

[Install]
WantedBy=multi-user.target
  • Enable and start the SonarQube service:
sudo systemctl enable sonar
sudo systemctl start sonar

Modify Kernel System Limits

  • Edit the sysctl configuration file:
sudo nano /etc/sysctl.conf
  • Add the following lines:
vm.max_map_count=262144
fs.file-max=65536
ulimit -n 65536
ulimit -u 4096
  • Reboot the system:
sudo reboot

Access SonarQube Web Interface

  • Access SonarQube in a web browser at your server’s IP address on port 9000:
http://your_ip_address:9000
  • Log in with username ‘admin’ and password ‘admin’. You will be prompted to change your password.

Sonar-Scanner Installation

  • Download and install Sonar-Scanner:
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip
sudo unzip sonar-scanner-cli-5.0.1.3006-linux.zip -d /opt
echo 'export PATH=$PATH:/opt/sonar-scanner-5.0.1.3006-linux/bin' >> ~/.bashrc
echo 'export SONAR_SCANNER_HOME=/opt/sonar-scanner-5.0.1.3006-linux' >> ~/.bashrc
source ~/.bashrc
  • Verify the installation:
sonar-scanner -v

FAQ’s

What is SonarQube?

SonarQube is an open-source platform used for continuous inspection of code quality. It helps in performing automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities.

Why use SonarQube?

SonarQube helps in maintaining code quality by identifying and addressing issues early in the development process. It provides actionable insights into code quality, which helps developers write cleaner, more maintainable code.

What are the prerequisites for installing SonarQube on Ubuntu?

You’ll need Java 17 and a PostgreSQL database server installed on your Ubuntu system.

How can I configure SonarQube after installation?

The provided guide focuses on the basic installation. However, SonarQube offers extensive configuration options. Refer to the official SonarQube documentation for detailed configuration guides: https://docs.sonarsource.com/sonarqube/latest/

What are some best practices for securing my SonarQube installation?

SonarQube security involves aspects like password management and network access control. The official SonarQube documentation provides a security guide: https://docs.sonarsource.com/sonarqube/latest/

I’m encountering errors during installation. Where can I find troubleshooting resources?

The SonarQube logs might provide clues about the errors. You can also search online forums and communities dedicated to SonarQube for troubleshooting help. Additionally, the SonarQube website offers a support section: https://docs.sonarsource.com/sonarqube/latest/

Is SonarQube free to use?

Yes, SonarQube is free and open-source software, licensed under the GNU Lesser General Public License (LGPL). However, there are commercial editions available with additional features and support.

Conclusion

Congratulations! You’ve successfully installed SonarQube on your Ubuntu system. With this powerful tool at your disposal, you can now analyze your codebase, identify potential issues, and improve its overall quality.

Here are some next steps to consider:

  • Explore the SonarQube web interface and familiarize yourself with its features.
  • Configure SonarQube to integrate with your development environment and projects.
  • Leverage SonarQube’s reporting capabilities to gain valuable insights into your code health.

For further exploration, refer to the official SonarQube documentation for advanced configuration options, plugins, and best practices: https://docs.sonarsource.com/sonarqube/latest/.

By utilizing SonarQube effectively, you can significantly enhance the quality and maintainability of your code, ultimately leading to more robust and reliable applications.

Share This Article