DEV Community

Cover image for One point stop for Installing SonarQube server in an AWS EC2 instance
Akhil Ghatiki for AWS Community Builders

Posted on

One point stop for Installing SonarQube server in an AWS EC2 instance

Writing clean code is an art. It is a pathway towards software craftsman /craftswoman ship. But sometimes not every one is well equipped with this art. As the saying goes it takes 10,000 hours to master a skill. So, we need something that will enforce the developers of the team to write the code in a cleaner and secure way.

SonarQube is an amazing tool that helps in this regard. It helps us detect the code smells, potential bugs and security vulnerabilities in your code. It can integrate with your existing workflow to enable continuous code inspection across your project branches and pull requests.

SonarQube can be run in you local machine or as a docker container or can be hosted in a server. When the requirement is for having it for the whole team and planning to integrate in the CI pipeline, you have the only option of hosting it in the server. In this write out we will be walking through hosting it in an AWS EC2 instance.

First things first:

The reader is expected to have a very basic understanding of cloud, servers, CI/CD, CLI , database.Familiarity with AWS ecosystem is good to have. Trying to keep it as simple as possible even if the reader is new to these terms.

Spawning up an AWS EC2 instance:

Create a AWS EC2 instance. Just putting out the screen shot of configuration as the intention of this write out is not inclined more towards creating EC2 instance.

screen shot of ec2 config

Important note : Be careful while choosing the Amazon Machine Image(AMI). Choose Amazon Linux AMI 2018.03.0 (ami-005956c5f0f757d37). This image includes PostgreSql which we are going to use in further steps.

screen shot

Download the “.pem file” while creating the instance and save it in your machine. This is required to ssh into the instance in the further steps.
Installing SonarQube server in the above created instance:

SSHing into the instance :

Connect to the EC2 instance using a secure shell. Thanks to the jumpbox server that lets us do this.

ssh -i <<path to your .pem file>> ec2-user@<<ip address of your EC2>>
Enter fullscreen mode Exit fullscreen mode

Setup PostgreSql : We have to setup a database for sonarqube to save the report analysis. This helps in maintaining the report versions as well. The supported databases include Oracle, Microsoft SQL server and PostgreSQL. We will be going ahead with PostgreSQL here.

sudo yum install postgre96 postgresql96-server
Enter fullscreen mode Exit fullscreen mode

Note : Install the version higher than 9.3. The default version that gets installed if you do not mention the version in command will be 9.3 and this is not supported by SonarQube.

If you are going ahead with different AMI other than the above mentioned, checkout the supporting postgresql versions in this link.

The below commands are self explanatory. Run them in this order:

sudo service postgresql96 initdb //creating a new postgre cluster
Enter fullscreen mode Exit fullscreen mode
sudo service postgresql96 start  // starting the postgre sevice
Enter fullscreen mode Exit fullscreen mode
sudo passwd postgres  // changing the password of the default server
Enter fullscreen mode Exit fullscreen mode
su — postgres // login with the new password
Enter fullscreen mode Exit fullscreen mode
psql // start the shell
Enter fullscreen mode Exit fullscreen mode

Create a user and database for sonar:

CREATE USER sonar WITH ENCRYPTED PASSWORD ‘sonar_password’;

CREATE DATABASE sonarqube;

GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar

Now we need to edit the authentication modes of postgresql.

Open the file in below path in vim :

sudo vi /var/lib/pgsql96/data/pg_hba.conf
Enter fullscreen mode Exit fullscreen mode

Change the modes as shown below: (Highlighted in block letters)

TYPE DATABASE USER ADDRESS METHOD
# “local” is for Unix domain socket connections only
local all sonar md5

local all all peer

# IPv4 local connections:

host all all 127.0.0.1/32 md5

# IPv6 local connections:

host all all ::1/128 md5
Enter fullscreen mode Exit fullscreen mode

Restart the postgreSQL server to have the new authentication modes applied.

sudo service postgresql96 restart
Installing OpenJDK11
Enter fullscreen mode Exit fullscreen mode

We need JDK 11 or higher to run SonarQube 7.9 or more. The AWS EC2 instance comes with Amazon’s corretto distribution of java. But better stick to openJDK.

Download the zip in the instance:

curl -O https://download.java.net/java/GA/jdk11/13/GPL/openjdk-11.0.1_linux-x64_bin.tar.gz
Enter fullscreen mode Exit fullscreen mode

Extract the zip:

tar zxvf openjdk-11.0.1_linux-x64_bin.tar.gz
Enter fullscreen mode Exit fullscreen mode

Move the folder to your required location (This optional)

sudo mv jdk-11.0.1 /usr/local/
Enter fullscreen mode Exit fullscreen mode

Change the access of the JDK folder:

sudo chmod -R 755 /usr/local/jdk-11.0.1
Enter fullscreen mode Exit fullscreen mode

Add java home path:

export JAVA_HOME=/usr/local/jdk-11.0.1export PATH=$JAVA_HOME/bin:$PATH
Enter fullscreen mode Exit fullscreen mode

check the java version:

java -version This should show up the installed java version in the instance
Installing the SonarQube

We are going to download the binaries and use them to install.

Note: Please be careful about the edition that you are going to install. Sonarqube comes in community, developer and enterprise editions.

We are going to use community edition in this write out. More details can be found here in this link. Right click on the respective download button and choose copy link location if you aim to install other edition.

Download the binaries:

wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.3.1.34397.zip

Unzip the binaries:

unzip sonarqube-8.3.1.34397.zip
Enter fullscreen mode Exit fullscreen mode

Move the file path to desired location:

sudo mv -v sonarqube-8.3.1.34397/* /opt/sonarqube
Enter fullscreen mode Exit fullscreen mode

Create a group for sonar users:

sudo groupadd sonar
Enter fullscreen mode Exit fullscreen mode

Create a user:

sudo useradd -c “Sonar System User” -d /opt/sonarqube -g sonar -s /bin/bash sonar
Enter fullscreen mode Exit fullscreen mode

Activating the user with password:

sudo passwd sonar
Enter fullscreen mode Exit fullscreen mode

Add sonar user to EC2 user:

sudo usermod -a -G sonar ec2-user
Enter fullscreen mode Exit fullscreen mode

Exit from ec2-user bash and reconnect to the server to load new group for ec2-user

Change the ownership of all the sonar files to the sonar user:

sudo chown -R sonar:sonar /opt/sonarqube
Enter fullscreen mode Exit fullscreen mode

Change file access privileges:

sudo chmod -R 775 /opt/sonarqube
Enter fullscreen mode Exit fullscreen mode

Configuring the SonarQube server:

Set run as user:

sudo vi /opt/sonarqube/bin/linux-x86–64/sonar.sh
Enter fullscreen mode Exit fullscreen mode

Find the line RUN_AS_USER, uncomment it by removing the pound sign and enter sonar user as the value below

RUN_AS_USER=sonar
Enter fullscreen mode Exit fullscreen mode

Modify the sonar.properties to add the details of postgreSQL:

sudo vi /opt/sonarqube/conf/sonar.properties
Enter fullscreen mode Exit fullscreen mode

Add jdbc user name and password:

sonar.jdbc.username=sonar sonar.jdbc.password=sonar_password
Enter fullscreen mode Exit fullscreen mode

Uncomment Postgres driver property.Remove current schema param if you are not using a custom schema for SonarQube database

sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube
Enter fullscreen mode Exit fullscreen mode

set a path for dedicated volume with fast io for Elasticsearch data storage

sonar.path.data=/path/to/fast/io/volume/data sonar.path.temp=/path/to/fast/io/volume/temp
Enter fullscreen mode Exit fullscreen mode

Start the server:

$/opt/sonarqube/bin/linux-x86–64/sonar.sh start
Enter fullscreen mode Exit fullscreen mode

If you want to log the server logs in the terminal go for:

$/opt/sonarqube/bin/linux-x86–64/sonar.sh console
Enter fullscreen mode Exit fullscreen mode

Yikes !! Your sonar should be up now. You can access the sonarQube UI at

http://<<EC2 instance public ip>>:9000/sonarqube
Enter fullscreen mode Exit fullscreen mode

Considerations:

We have installed the PostgreSQL within the instance. This kind off makes it a stateful and introduces a single point of failure of the database if the EC2 instance goes down. Consider using AWS RDS to to configure in place of internal DB like we did here. This will help in persisting even if the instance goes down. Once the new instance connects back to db in AWS RDS, you have everything back.
Conclusion:

Tried to cover all the mistakes which were encountered while installing SonarQube in EC2. Hope this helps someone not to recommit them!

God Speed!!!

References used to write this:

https://stackoverflow.com/questions/44658510/setting-up-sonarqube-on-aws-using-ec2

https://medium.com/@mkaschke/how-to-install-sonarqube-on-aws-ec2-20e3a2fec634

https://medium.com/@harith.sankalpa/a-complete-guide-to-install-sonarqube-server-in-amazon-linux-ed1fee227d81

https://docs.sonarqube.org/latest/setup/install-server/

This article is originally published on https://akhil-ghatiki.github.io/#/sonar-aws

Top comments (2)

Collapse
 
iamaashishpatel profile image
Ashish Patel

SonarCloud is best alternative.

Collapse
 
akhil_ghatiki profile image
Akhil Ghatiki

True. SonarCloud is a great choice for big organizations.
Small organizations/ other private projects can use the above setup.