Running a SonarQube Server and Scanner Client with Docker

#sonarqube #docker #codesmells #softwaremetrics

Goal

Running a SonarQube Server and Scanner Client using docker images

Tech Requirements

The Docker must be installed;
To give sudo or root privileges to any user with Docker:



$ sudo usermod -aG docker <yourusername>

Required knowledge

knowing how to use a command line in ubuntu linux;

Step 1: Check docker service status



$ sudo service docker status



$ sudo systemctl status docker

The result should be similar to the one shown below, showing that the service is up and running:



● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset>
     Active: active (running) since Wed 2021-06-16 09:32:06 -03; 12h ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 1242 (dockerd)
      Tasks: 15
     Memory: 79.0M
     CGroup: /system.slice/docker.service

The docker service status must be active (running). You can also use the command docker --version for check docker installation:



$ docker --version
Docker version 20.10.7, build f0df350

Step 2: Pull image and run sonarqube server

Pull the latest image version of the sonarqube:



$ docker pull sonarqube:latest

Start the server by running:



$ docker run -d --name sonarqube \
-p 9000:9000 sonarqube:latest

Wait a few moments and when your instance is up and running, Log in to http://localhost:9000 using System Administrator credentials:



    login: admin
    password: admin

By default, the image will use an embedded H2 database that is not suited for production. Set up a database by following the "Installing the Database" section of Install SonarQube Server.

Configuring your project

Create a configuration file in your project's root directory called sonar-project.properties:



# must be unique in a given SonarQube instance
sonar.projectKey=myproject

# --- optional properties ---

# defaults to project key
sonar.projectName=My project
# defaults to 'not provided'
sonar.projectVersion=1.0

# Path is relative to the sonar-project.properties file. Defaults to .
sonar.sources=.

# Encoding of the source code. Default is default system encoding
sonar.sourceEncoding=UTF-8

You can find more properties about testing, coverage, etc. on the website Analysis Parameters.

Analyzing a Project

Updated copy of Get started in 2 minutes

Now that you're logged in to your local SonarQube instance, let's analyze a project:

Click the Add project button.
Give your project a Project key and a Display name and click the Set Up button.
Under Provide a token, select Generate a token. Give your token a name, click the Generate button, and click Continue. Write down your generated token, it will be used for login: d32ede54513ec7b92589139aaaa5781c121a9303.
Select your project's main language under Run analysis on your project, and follow the instructions to analyze your project. Here you'll download and execute a Scanner on your code (if you're using Maven or Gradle, the Scanner is automatically downloaded).



$ sonar-scanner \
  -Dsonar.projectKey=myproject \
  -Dsonar.sources=. \
  -Dsonar.host.url=http://localhost:9000 \
  -Dsonar.login=d32ede54513ec7b92589139aaaa5781c121a9303

You can add an organization: -Dsonar.organization=myorganization.

Analyzing with Docker

You don't need download sonar-scanner client, we will use the image to execute the command sonar-scanner-cli, linking with the running sonarqube server.



$ docker run --rm --link sonarqube \
-e SONAR_HOST_URL="http://sonarqube:9000" \
-e SONAR_LOGIN="d32ede54513ec7b92589139aaaa5781c121a9303" \
-v "${YOUR_REPO}:/usr/src" \
sonarsource/sonar-scanner-cli