Skip to content

Instantly share code, notes, and snippets.

@phackwer
Last active November 29, 2021 15:44
Show Gist options
  • Save phackwer/ef2819332f9c5a1d7572c7ada1e68b89 to your computer and use it in GitHub Desktop.
Save phackwer/ef2819332f9c5a1d7572c7ada1e68b89 to your computer and use it in GitHub Desktop.
SonarQube on Docker and local scanner
# SONAR QUBE SERVER RUN
docker run -d --rm \
-p 9000:9000 \
-p 9092:9092 \
-v sonarqube_conf:/opt/sonarqube/conf \
-v sonarqube_extensions:/opt/sonarqube/extensions \
-v sonarqube_logs:/opt/sonarqube/logs \
-v sonarqube_data:/opt/sonarqube/data \
--name sonarqube \
sonarqube
# SONAR QUBE SCANNER
https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/
sudo su
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.2.2472-linux.zip
unzip sonar-scanner-cli-4.6.2.2472-linux.zip
mv sonar-scanner-4.6.2.2472-linux /opt
ln -s /opt/sonar-scanner-4.6.2.2472-linux /opt/sonar-scanner
ln -s /opt/sonar-scanner/bin/sonar-scanner /usr/local/bin/
echo -e '#!/bin/bash\nexport SONAR_SCANNER_HOME=/opt/sonar-scanner\nexport PATH=$PATH:$SONAR_SCANNER_HOME/bin' > /etc/profile.d/sonar-scanner.sh
export SONAR_SCANNER_HOME=/opt/sonar-scanner
export PATH=$PATH:$SONAR_SCANNER_HOME/bin
# CREATE sonar-project.properties IN YOUR PROJECT AS FOLLOWS
sonar.projectKey=$PROJECTKEYINSONARQUBESERVER
sonar.projectName=$PROJECTKEYINSONARQUBESERVER
sonar.projectVersion=$VERSION
# Source to be analised
sonar.sources=./src/app
# Source to be ignored
# sonar.exclusions=./src/vendor
# Language
sonar.language=php
#############################################################################################################################
# Sonar (NEEDS TRANSLATION AND UPDATE TO VERSION 9.2!!!)
#############################################################################################################################
# Tudo deve ser feito como root
sudo su
wget -O /etc/yum.repos.d/sonar.repo http://downloads.sourceforge.net/project/sonar-pkg/rpm/sonar.repo
yum install -y sonar
# No MySQL
# Crie o banco com os comandos abaixos:
# CREATE DATABASE IF NOT EXISTS sonar CHARACTER SET utf8 COLLATE utf8_general_ci;
# grant all privileges on sonar.* to 'sonar'@'localhost' identified by 'sonar';
# grant all privileges on sonar.* to 'sonar'@'%' identified by 'sonar';
# flush privileges;
# No Postgres
# CREATE DATABASE sonar;
# create user sonar PASSWORD 'sonar';
# grant all on database sonar to sonar;
# Mude a senha se necessário
# MySQL
sed -i -e 's/#sonar.jdbc.url=jdbc:mysql/sonar.jdbc.url=jdbc:mysql/g' /opt/sonar/conf/sonar.properties
# PostrgreSQL
sed -i -e 's/#sonar.jdbc.url=jdbc:postgresql:\/\/localhost\/sonar/sonar.jdbc.url=jdbc:postgresql:\/\/localhost\/sonar/g' /opt/sonar/conf/sonar.properties
# Mude a senha se necessário
sed -i -e 's/#sonar.jdbc.username=/sonar.jdbc.username=sonar/g' /opt/sonar/conf/sonar.properties
sed -i -e 's/#sonar.jdbc.password=/sonar.jdbc.password=sonar/g' /opt/sonar/conf/sonar.properties
cd /opt
wget http://repo1.maven.org/maven2/org/codehaus/sonar/runner/sonar-runner-dist/2.4/sonar-runner-dist-2.4.zip
unzip sonar-runner-dist-2.4.zip
ln -s sonar-runner-2.4 sonar-runner
ln -s /opt/sonar-runner/bin/sonar-runner /usr/local/bin/
echo -e '#!/bin/bash\nexport SONAR_RUNNER_HOME=/opt/sonar-runner\n\
export PATH=$PATH:$SONAR_RUNNER_HOME/bin' > /etc/profile.d/sonar-runner.sh
export SONAR_RUNNER_HOME=/opt/sonar-runner
export PATH=$PATH:$SONAR_RUNNER_HOME/bin
chkconfig sonar on
service sonar start
exit
# Encoding of the source files
sonar.sourceEncoding=UTF-8
Now you can run sonarscanner in the source folder
# SETUP A USER TO REPORT THE PROJECT
- Open Sonarqube dashboard
- Login as Admin
- Create a new user for the specific client (don't reuse users for different clients)
- Login as that user
- In the right top corner go to My Account > Security and generate a token
- Save this token to be used by the CI of that client.
# FOR PERSISTENCE
For DB persistence of the data, you need to run sonarqube slightly different.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment