Skip to content

Docker version of SonarQube with preconfigured plugins and settings dedicated to Continuous Integration.

License

Notifications You must be signed in to change notification settings

cnescatlab/sonarqube-catlab

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CNES SonarQube image [server]

CI badge CD badge

Docker image for SonarQube with pre-configured plugins and settings by CNES dedicated to Continuous Integration.

This image is a pre-configured SonarQube server image derived from Docker-CAT. It contains the same plugins and the same rules for code analysis. It is based on the LTS version of SonarQube.

SonarQube itself is an open source project on GitHub: SonarSource/sonarqube.

For versions and changelog: GitHub Releases.

Features

This image is based on the official SonarQube LTS image, namely sonarqube:9.9.6-community, and offers additional features.

Additional features are:

  • Mandatory modification of the default admin password to run a container.
  • Healthcheck of the container.
  • More plugins (see the list)
  • CNES configuration
    • CNES Quality Profiles for Java, Python, C, C++ and VHDL
    • CNES Quality Gate (set as default)

This image is made to be used in conjunction with a pre-configured sonar-scanner image that embeds all necessary tools: cnescatlab/sonar-scanner. It is, however, not mandatory to use it.

Developer's guide

How to build the image

It is a normal docker image. Thus, it can be built with the following commands.

# from the root of the project
$ docker build -t lequal/sonarqube .

To then run a container with this image see the user guide.

To run the tests and create your own ones see the test documentation.

User guide

This image is available on Docker Hub: lequal/sonarqube.

Since inception, this image has been designed to be used in production. Thus, leaving the default admin password (namely "admin") will never be an option. To this extent, a new password for the admin account shall be given by setting the environment variable SONARQUBE_ADMIN_PASSWORD.

⚠️ 🚨 The container will fail to run if SONARQUBE_ADMIN_PASSWORD is empty or equal to "admin".

To run the image locally:

# Recommended options
$ docker run --name lequalsonarqube \
             --rm \
             -p 9000:9000 \
             -e SONARQUBE_ADMIN_PASSWORD="admin password of your choice" \
             lequal/sonarqube:latest

# To stop (and remove) the container
Ctrl-C
# or
$ docker container stop lequalsonarqube

Use an external database

By default, SonarQube uses an embedded database that can be used for tests but in production using an external database for data persistency is mandatory. The docker-compose.yml file shows an example of how to configure an external postgres database. It can be run with:

$ docker-compose up -d

# To set variables when running the containers
$ LEQUAL_SONARQUBE_VERSION=1.0.0 POSTGRES_PASSWD=secret-passwd SONARQUBE_ADMIN_PASSWORD="a password" docker-compose up -d

With an external database, the data used by SonarQube is stored outside of the container. It means that the container may be stopped, restarted, removed and recreated at will.

SonarQube plugins included

SonarQube plugin Version URL
Ansible Lint 2.5.1 https://github.com/sbaudoin/sonar-ansible/sonar-ansible-plugin
C++ (Community) 2.1.1 (build 488) https://github.com/SonarOpenCommunity/sonar-cxx/wiki
Checkstyle 10.17.0 https://github.com/checkstyle/sonar-checkstyle
Clover 4.1 https://github.com/sfeir-open-source/sonar-clover
Cobertura 2.0 https://github.com/galexandre/sonar-cobertura
Community Branch Plugin 1.14.0 https://github.com/mc1arke/sonarqube-community-branch-plugin
Findbugs 4.2.9 https://github.com/spotbugs/sonar-findbugs/
PMD 3.4.0 https://github.com/jborgers/sonar-pmd
ShellCheck Analyzer 2.5.0 https://github.com/sbaudoin/sonar-shellcheck
Sonar i-Code CNES plugin 3.1.1 https://github.com/cnescatlab/sonar-icode-cnes-plugin
SonarQube CNES Report 4.3.0 https://github.com/cnescatlab/sonar-cnes-report
SonarTS 2.1 (build 4362) http://redirect.sonarsource.com/plugins/typescript.html
VHDLRC 3.4 https://www.linty-services.com
YAML Analyzer 1.9.1 https://github.com/sbaudoin/sonar-yaml

To update this list run the following script:

while IFS='|' read -r plugin version url
do
    if [ "$url" = "null" ]; then url="n/a"; fi
    printf "| %.60s| %.25s| %.75s|\n" "$plugin                                                            " "$version                         " "$url                                                                           "
done < <(curl -u MY_TOKEN: -s http://localhost:9000/api/plugins/installed | jq -r '.plugins[] | "\(.name)|\(.version)|\(.homepageUrl)"')

# With `MY_TOKEN` your SonarQube personal token.

Additional information for the Community Branch Plugin

It is advised to set the property sonar.core.serverBaseURL in /admin/settings for the links posted in PR comments and mail to work.

How to contribute

If you experienced a problem with the image please open an issue. Inside this issue please explain us how to reproduce this issue and paste the log.

If you want to do a PR, please put inside of it the reason of this pull request. If this pull request fixes an issue please insert the number of the issue or explain inside of the PR how to reproduce this issue.

All details are available in CONTRIBUTING.

Bugs and feature requests: issues

To contribute to the project, read this about CATLab's workflows for Docker images.

License

Licensed under the GNU General Public License, Version 3.0

This project is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.