Use Sonarqube scanner in Docker container

August 31, 2022

What and why?

Sonarqube is …

Use sonarqube to continous static code analysis of project, detect vulnerabilities, generate history and project quality awareness among developers and transparency for stakeholders. This tool could be also used as external scanner for technical debt?

Installation, setup and run sonarqube

Following (documentation)[https://docs.sonarqube.org/latest/setup/install-server] installation consists of set up database in our case it was done on postgres for windows (considering (software requirement[https://docs.sonarqube.org/latest/requirements/requirements/]))

Database configuration

  1. Install postgres for Windows (13.8 version - please refer requirements) from [https://www.postgresql.org/download/windows/]
  2. Create user
-- Role: sonarqube
-- DROP ROLE IF EXISTS sonarqube;

CREATE ROLE sonarqube WITH
  LOGIN
  NOSUPERUSER
  INHERIT
  NOCREATEDB
  CREATEROLE
  NOREPLICATION
  ENCRYPTED PASSWORD 'XXX';


  1. Create database
-- Database: sonarqube

-- DROP DATABASE IF EXISTS sonarqube;

CREATE DATABASE sonarqube
    WITH
    OWNER = sonarqube
    ENCODING = 'UTF8'
    LC_COLLATE = 'English_United States.1252'
    LC_CTYPE = 'English_United States.1252'
    TABLESPACE = pg_default
    CONNECTION LIMIT = -1
    IS_TEMPLATE = False;

Sonarqube container configuration

  1. Create Dockerfile
FROM sonarqube:8.9-community
  1. Build docker image
docker build --tag=sonarqube-custom .
  1. Configure host environment for usage of elasticsearch
# following https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#_windows_with_docker_desktop_wsl_2_backend
wsl -d docker-desktop
> sysctl -w vm.max_map_count=262144
  1. Create volumes
docker volume create --name sonarqube_data
docker volume create --name sonarqube_logs
docker volume create --name sonarqube_extensions

Run docker container

  1. Run container
docker container rm sonarqube --force

# use [host.docker.internal] as ip address of host
# https://www.tutorialspoint.com/from-inside-of-a-docker-container-how-do-i-connect-to-the-localhost-of-the-machine
docker run -d --name sonarqube `
    -p 9000:9000 `
    -e SONAR_JDBC_URL=jdbc:postgresql://host.docker.internal/sonarqube `
    -e SONAR_JDBC_USERNAME=XXX `
    -e SONAR_JDBC_PASSWORD=XXX `
    -v sonarqube_data:/opt/sonarqube/data `
    -v sonarqube_extensions:/opt/sonarqube/extensions `
    -v sonarqube_logs:/opt/sonarqube/logs `
    --mount type=bind,source="/mnt/c/Development/_source",target=/app `
    -ti `
    --stop-timeout -1 `
    sonarqube-custom
  1. Open [http://localhost:9000]

Attach project to sonarqube

  1. Login to panel [http://localhost:9000/projects]
  2. Add a project > Manually
  3. configuration
    • project name: console-app, project display name: Console App
    • key: usr1 > usr1: XX
  4. install on sonar scanners on docker container
  5. execute script to build solution, configuring
  • version /v:1.0.0
  • exclusion test project /d:sonar.dotnet.excludeTestProjects=true
#!/bin/bash
# https://github.com/dotnet/dotnet-docker/blob/main/documentation/scenarios/installing-dotnet.md#installing-from-a-binary-archive
dotnet sonarscanner begin /k:"webapi-app" /d:sonar.host.url="http://localhost:9000"  /d:sonar.login="XX" /v:1.0.0
dotnet build \
    --configuration Release \
    ../web-app.sln

dotnet sonarscanner end /d:sonar.login="XX"

Configure dotnet core project

Tests

Configure rules and quality gates


Profile picture

Written by Lukasz Czarny Developer on a path to Software Architect You should follow them on Twitter

© Software Architecture by Cases 2022