docker.images/sonarqube

Sonarqube Configuration

Setup Sonarqube

before first run, change permissions on sonarqube volumes dirs from root to 1000:

sudo chown 1000:1000 -R ./volumes/sonarqube

before start sonarqube vm.max_map_count must be changed on your host:

sudo sysctl -w vm.max_map_count=262144

after running, you can login with default credentials (admin:admin)

Configure projects

first step is create access token in gitlab and set it in sonarqube app

next one is choice of repository, if you did choice, you will saw instruction.

we must create sonar-project.properties file in choosen repo:

sonar.projectKey=<repo_name_and_hash>
sonar.qualitygate.wait=true

we must define also .gitlab-ci.yml file in choosen repo:

sonarqube-check:
  image: 
    name: sonarsource/sonar-scanner-cli:latest
    entrypoint: [""]
  variables:
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
    GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
  cache:
    key: "${CI_JOB_NAME}"
    paths:
      - .sonar/cache
  script: 
    - |
      sonar-scanner \
        -Dsonar.projectKey="${SONAR_REPO_ID}" \
        -Dsonar.sources=. \
        -Dsonar.host.url="${SONAR_HOST_URL}" \
        -Dsonar.login="${SONAR_TOKEN}"      
  allow_failure: true
  only:
    - develop

last step is define envs in gitlab -> choosen repo -> Settings -> CI/CD -> Variables:

SONAR_REPO_ID=<repo_name_and_hash>
SONAR_HOST_URL=http://<sonarqube_url_or_dns>:<sonarqube_shared_port>
SONAR_TOKEN=<sonar_token>

remember that you have to disable Protected Variable option becouse variable with the said option doesn't be exported into pipelines files

you can generate SONAR_TOKEN in Overview -> Locally

you can get SONAR_REPO_ID from Overview -> Gitlab-CI in sonar-project.properties file creating statement