How to Install SonarQube on CentOS 7

SonarQube is an open source tool for quality system development. It is written in Java and supports multiple databases. It provides capabilities to continuously inspect code, show the health of an application, and highlight newly introduced issues. It contains code analyzers which are equipped to detect tricky issues. It also integrates easily with DevOps.

In this tutorial, we will install the latest version of SonarQube on CentOS 7.

Note: This doc has been updated since its original publication. See the “Errata” section in the footnotes.

Prerequisites

• A Vultr 64-bit CentOS 7 server instance with at least 2 GB RAM.
• A sudo user.

Step 1: Perform a system update

Before installing any packages on the CentOS server instance, it is recommended to update the system. Log in using the sudo user and run the following commands to update the system.

sudo yum -y install epel-release
sudo yum -y update
sudo shutdown -r now

Once the system has finished rebooting, log in again as the sudo user and proceed to the next step.

Step 2: Install Java

Download the Oracle SE JDK RPM package by typing:

wget --no-cookies --no-check-certificate --header "Cookie:oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.rpm"

Install the downloaded package by typing:

sudo yum -y localinstall jdk-8u131-linux-x64.rpm

You can now check the version of Java by typing:

java -version

Step 3: Install and configure PostgreSQL

Install PostgreSQL repository by typing:

sudo rpm -Uvh https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm

Install PostgreSQL database server by running:

sudo yum -y install postgresql96-server postgresql96-contrib

Initialize the database:

sudo /usr/pgsql-9.6/bin/postgresql96-setup initdb

Edit the /var/lib/pgsql/9.6/data/pg_hba.conf to enable MD5-based authentication.

sudo nano /var/lib/pgsql/9.6/data/pg_hba.conf

Find the following lines and change peer to trust and idnet to md5.

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer
# IPv4 local connections:
host    all             all             127.0.0.1/32            ident
# IPv6 local connections:
host    all             all             ::1/128                 ident

Once updated, the configuration should look like the one shown below.

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
# IPv6 local connections:
host    all             all             ::1/128                 md5

Start PostgreSQL server and enable it to start automatically at boot time by running:

sudo systemctl start postgresql-9.6
sudo systemctl enable postgresql-9.6

Change the password for the default PostgreSQL user.

sudo passwd postgres

Switch to the postgres user.

su - postgres

Create a new user by typing:

createuser sonar

Switch to the PostgreSQL shell.

psql

Set a password for the newly created user for SonarQube database.

ALTER USER sonar WITH ENCRYPTED password 'StrongPassword';

Create a new database for PostgreSQL database by running:

CREATE DATABASE sonar OWNER sonar;

Exit from the psql shell:

/q

Switch back to the sudo user by running the exit command.

Step 4: Download and configure SonarQube

Download the SonarQube installer files archive.

wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-6.4.zip

You can always look for the link to the latest version of the application on the SonarQube download page.

Install unzip by running:

sudo yum -y install unzip

Unzip the archive using the following command.

sudo unzip sonarqube-6.4.zip -d /opt

Rename the directory:

sudo mv /opt/sonarqube-6.4 /opt/sonarqube

Open the SonarQube configuration file using your favorite text editor.

sudo nano /opt/sonarqube/conf/sonar.properties

Find the following lines.

#sonar.jdbc.username=
#sonar.jdbc.password=

Uncomment and provide the PostgreSQL username and password of the database that we have created earlier. It should look like:

sonar.jdbc.username=sonar
sonar.jdbc.password=StrongPassword

Next, find:

#sonar.jdbc.url=jdbc:postgresql://localhost/sonar

Uncomment the line, save the file and exit from the editor.

Step 5: Configure Systemd service

SonarQube can be started directly using the startup script provided in the installer package. As a matter of convenience, you should setup a Systemd unit file for SonarQube.

sudo nano /etc/systemd/system/sonar.service

Populate the file with:

[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking

ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop

User=root
Group=root
Restart=always

[Install]
WantedBy=multi-user.target

Start the application by running:

sudo systemctl start sonar

Enable the SonarQube service to automatically start at boot time.

sudo systemctl enable sonar

To check if the service is running, run:

sudo systemctl status sonar

Step 5: Configure reverse proxy

By default, SonarQube listens to localhost on port 9000. In this tutorial, we will use Apache as the reverse proxy so that the application can be accessed via the standard HTTP port. Install the Apache web server by running:

sudo yum -y install httpd

Create a new virtual host.

sudo nano /etc/httpd/conf.d/sonar.yourdomain.com.conf

Populate the file with:

<VirtualHost *:80>  
    ServerName sonar.yourdomain.com
    ServerAdmin [email protected]
    ProxyPreserveHost On
    ProxyPass / http://localhost:9000/
    ProxyPassReverse / http://localhost:9000/
    TransferLog /var/log/httpd/sonar.yourdomain.com_access.log
    ErrorLog /var/log/httpd/sonar.yourdomain.com_error.log
</VirtualHost>

Start Apache and enable it to start automatically at boot time:

sudo systemctl start httpd
sudo systemctl enable httpd

Step 6: Configure firewall

Allow the required HTTP port through the system firewall.

sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --reload

Start the SonarQube service:

sudo systemctl start sonar

You will also need to disable SELinux:

sudo setenforce 0

SonarQube is installed on your server, access the dashboard at the following address.

http://sonar.yourdomain.com

Log in using the initial administrator account, admin and admin. You can now use SonarQube to continuously analyze the code you have written.

Errata

If installing SonarQube 7.1 (or newer), make the changes below because newer versions of Elasticsearch cannot be run as root user.

• Update permissions: chown -R sonar:sonar /opt/sonarqube
• Modify /opt/sonarqube/bin/linux-x86-64/sonar.sh, change #RUNAS to be “sonar“.
• Modify /etc/systemd/system/sonar.service, change the user group to be “sonar“.