Install and Configure SonarQube on Debian 11|10

Every developer desires to have an error-free and clean code that can be deployed into the production environment as fast as possible. One of the tools to help them achieve this objective is SonarQube.

What is SonarQube?

SonarQube is a web-based source code quality management and analysis tool written in Java language. It was developed by SonarSource to ease the coding task by ensuring you write a clean and issue-free code by continuously inspecting, detecting bugs and security vulnerabilities in code.

SonarQube is a cross-platform tool that can integrate into platforms such as Gitlab, GitHub, Azure DevOps, BitBucket e.t.c

Features of SonarQube include:

• It works in 25 different programming languages i.e Java, PHP, C++, Ruby, JavaScript, Kotlin, Scala, .NET, COBOL e.t.c
• Identifys and reports bugs, duplicated code, code smells, security vulnerabilities e.t.c
• It has enhanced workflow (Ensure Better CI/CD) through automated code analysis, intergration with GitHub e.t.c
• Records metrics history and provides evolution graphs.
• Built-in methodology with good visualizers, digs into issues and plugins for IDEs

In this guide, we will systematically walk through how to install and configure SonarQube on Debian 11/0.

Getting Started

Before we begin on SonarQube installation, ensure that you have:

• A 64-bit Debian 11/10 system-SonarQube doesn’t support 32 bit systems use uname -m to determine your architecture
• A user with sudo privileges.
• A minimum of 2 GB RAM
• 2vCPU cores

You also need to have your Debian 11/10 system update and the required tools installed.

sudo apt update
sudo apt install net-tools wget unzip vim curl

Edit the file at /etc/sysctl.conf to fit the required SonarQube requirements.

sudo vim /etc/sysctl.conf

Add the lines below to the file.

vm.max_map_count=262144
fs.file-max=65536

Reload the sysctl configurations.

sudo sysctl --system

Step 1 – Install Java 11 on Debian 11|10

Since SonarQube is written in Java, it requires Java to function. We will install Java OpenJDK 11 on Debian 11|10 as below.

sudo apt install openjdk-11-jdk

Verify your Java installation.

$ java -version
Openjdk version "11.0.12" 2021-07-20
OpenJDK Runtime Environment (build 11.0.12+7-post-Debian-2)
OpenJDK 64-Bit Server VM (build 11.0.12+7-post-Debian-2, mixed mode, sharing)

Step 2 – Install PostgreSQL database on Debian 11|10

SonarQube supports PostgreSQL, Oracle (XE extension, 11G, 12C, 18C 19C, and MSSQL for Windows Systems. In this guide, we will use the PostgreSQL database for SonarQube. Install PostgreSQL on Debian 11|10. Start off by downloading the GPG key for PostgreSQL.

wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -

Then add the PostgreSQL repository.

sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'

Finally, update your APT package index and install PostgreSQL using the commands below.

sudo apt update
sudo apt install postgresql postgresql-contrib

Once installed, PostgreSQL gets its service started by default, check the status of the service.

$ systemctl status postgresql
● postgresql.service - PostgreSQL RDBMS
     Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: enabled)
     Active: active (exited) since Wed 2021-10-13 15:05:05 EAT; 1min 12s ago
    Process: 8370 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
   Main PID: 8370 (code=exited, status=0/SUCCESS)
        CPU: 2ms

Oct 13 15:05:05 debian systemd[1]: Starting PostgreSQL RDBMS...
Oct 13 15:05:05 debian systemd[1]: Finished PostgreSQL RDBMS.

If the service isn’t running, start it using the command :

sudo systemctl start postgresql

Enable PostgreSQL to start on boot:

sudo systemctl enable postgresql

Step 3 – Create PostgreSQL Database for SonarQube

Now let’s configure the database for SonarQube. Set the password for the PostgreSQL user.

sudo passwd postgres

Set your preferred password and switch to the user as below.

su - postgres

Create a new user for SonarQube.

createuser sonar

Now switch to the PostgreSQL shell.

psql

Create a password for the created user above:

ALTER USER sonar WITH ENCRYPTED PASSWORD 'Passw0rd';

Create a database and assign privileges to the user.

CREATE DATABASE sonarqube OWNER sonar;
GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;
\q

Step 4 – Download and Configure SonarQube

Now that we have configured a database for SonarQube, we will now download the SonarQube binary file. Download the latest version of SonarQube from the official SonarQube downloads page. As of this guide, the latest version was at 9.1. You can also download this version using Wget as below.

wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-9.1.0.47736.zip

Extract the downloaded SonarQube archive.

unzip sonarqube-*.zip

Move the extracted file to the /opt/ directory.

sudo mv sonarqube-*/ /opt/sonarqube

Create a System User account for SonarQube

Since SonarQube should not be run as root, we need to create a non-admin account for running SonarQube.

sudo useradd -M -d /opt/sonarqube/ -r -s /bin/bash sonarqube

Change the ownership of the directory /opt/sonarqube to the created user.

sudo chown -R sonarqube: /opt/sonarqube

Configure SonarQube

Now that we have successfully downloaded and installed SonarQube, we need to configure it. Set database connection details as per the PostgreSQL database created.

sudo vim /opt/sonarqube/conf/sonar.properties

In the file, edit the lines below:

# DATABASE
.......
# User credentials.
..........
sonar.jdbc.username
sonar.jdbc.username=sonar
sonar.jdbc.password=Passw0rd
........
#----- PostgreSQL 9.6 or greater
# By default the schema named "public" is used. It can be overridden with the parameter "currentSchema".
#sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube?currentSchema=my_schema
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube
.....
# WEB SERVER
..............
sonar.web.javaOpts=-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError
....
sonar.web.host=192.168.200.11
....
sonar.web.port=9000
.....
# ELASTICSEARCH
.....
sonar.search.javaOpts=-Xmx512m -Xms512m -XX:MaxDirectMemorySize=256m -XX:+HeapDumpOnOutOfMemoryError

Sav and close the file.

Step 5 – Create a SonarQube Systemd Service File

At this point, we do not have a way of managing the SonarQube service. We, therefore, need to create a systemd service file to enable us to start, stop and check the status of SonarQube.

sudo vim  /etc/systemd/system/sonarqube.service

In the file, add the lines:

[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
User=sonarqube
Group=sonarqube
Restart=always
LimitNOFILE=65536
LimitNPROC=4096

[Install]
WantedBy=multi-user.target

Save and close the file and proceed to start SonarQube as below.

sudo systemctl daemon-reload
sudo systemctl start sonarqube

Enable the SonarQube service to run on boot.

sudo systemctl enable sonarqube

Check the status of the SonarQube service.

$ systemctl status sonarqube
● sonarqube.service - SonarQube service
     Loaded: loaded (/etc/systemd/system/sonarqube.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-10-13 15:52:37 EAT; 5s ago
    Process: 10525 ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start (code=exited, status=0/SUCCESS)
   Main PID: 10578 (wrapper)
      Tasks: 49 (limit: 4663)
     Memory: 641.8M
        CPU: 10.021s
     CGroup: /system.slice/sonarqube.service
             ├─10578 /opt/sonarqube/bin/linux-x86-64/./wrapper /opt/sonarqube/bin/linux-x86-64/../../conf/wrapper.conf wrapper.syslog.ident=SonarQube>
             ├─10580 java -Dsonar.wrapped=true -Djava.awt.headless=true --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-opens=java.base/ja>
             └─10608 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -XX:+UseG1GC -Djava.io.tmpdir=/opt/sonarqube/temp -XX:ErrorFile=../logs/es_hs_err_pi>

Oct 13 15:52:36 debian systemd[1]: Starting SonarQube service...
Oct 13 15:52:36 debian sonar.sh[10525]: Starting SonarQube...
Oct 13 15:52:37 debian sonar.sh[10525]: Started SonarQube.
Oct 13 15:52:37 debian systemd[1]: Started SonarQube service.

Allow port 9000 through the firewall.

• Using ufw

sudo ufw allow 9000

• Using Firewalld

sudo firewall-cmd --permanent --add-port=9000/tcp && sudo firewall-cmd --reload

Check if the service is listening on port 9000

$ sudo ss -plunt|grep 9000
tcp   LISTEN 0      25              [::ffff:192.168.100.124]:9000             *:*    users:(("java",pid=10358,fd=14))        

Step 6 – Access the SonarQube Web Interface

The SonarQube Web interface can be accessed using the URL http://server-ip:9000. On this login page, use the username ‘admin‘ and password as ‘admin‘

On successful login, you will be required to change the default password.

You will then be granted this SonarQube page.

This page consists of the platforms SonarQube integrates with i.e GitHub, GitLab e.t.c you can create a code from the platforms listed. Alternatively, you can create a code manually. In case you want to see issues in your code navigate to the issues tab.

On the above page, you can see all the vulnerabilities, code smells bugs in your code e.t.c. You can also view the rules governing code in your desired programming language by navigating to the rules tab.

Cheers! You have successfully installed and configured SonarQube on Debian 11|10. With this simple interface, you can use SonarQube comfortably.

Conclusion.

That marks the end of this guide on how to install and configure SonarQube on Debian 11|10. I hope you gained something from this guide.

See more articles on our page: