Skip to content

Building SonarQube

Jump to bottom
linuxonz edited this page Jan 29, 2025 · 66 revisions

Building SonarQube

The instructions provided below specify the steps to run SonarQube 25.1.0 on Linux on IBM Z for the following distributions:

  • RHEL (8.8, 8.10, 9.2, 9.4, 9.5)
  • SLES (15 SP6)
  • Ubuntu (20.04, 22.04, 24.04, 24.10)

General Notes:

  • When following the steps below please use a standard permission user unless otherwise specified.
  • A directory /<source_root>/ will be referred to in these instructions, this is a temporary writable directory anywhere you'd like to place it.

1. Build and Install SonarQube

1.1. Build using script

If you want to build SonarQube using manual steps, go to STEP 1.2.

Use the following commands to build sonarqube using the build script. Please make sure you have wget installed.

wget -q https://raw.githubusercontent.com/linux-on-ibm-z/scripts/master/SonarQube/25.1.0/build_sonarqube.sh

# Build sonarqube
bash build_sonarqube.sh  [Provide -t option for executing build with tests, -j option to use Java from (Temurin_17, OpenJDK). If no -j specified, Temurin_17 will be installed]

If the build completes successfully, go to STEP 3. In case of error, check logs for more details or go to STEP 1.2 to follow manual build steps.

1.2. Install dependencies

export SOURCE_ROOT=/<source_root>/

  • RHEL (8.8, 8.10, 9.2, 9.4, 9.5)

    • With OpenJDK :

      sudo yum install -y wget git unzip tar which net-tools curl gzip patch make gcc gcc-c++ java-17-openjdk-devel --allowerasing

    • With Eclipse Adoptium Temurin Runtime (previously known as AdoptOpenJDK hotspot):

      sudo yum install -y wget git unzip tar which net-tools curl gzip patch make gcc gcc-c++ --allowerasing
      • Download and install Eclipse Adoptium Temurin Runtime (Java 17) from here.

  • SLES (15 SP6)

    • With OpenJDK:

      sudo zypper install -y git wget unzip tar which gzip xz net-tools curl patch make gcc gcc-c++ java-17-openjdk-devel

    • With Eclipse Adoptium Temurin Runtime (previously known as AdoptOpenJDK hotspot):

      sudo zypper install -y git wget unzip tar which gzip xz net-tools curl patch make gcc gcc-c++
      • Download and install Eclipse Adoptium Temurin Runtime (Java 17) from here.

  • Ubuntu (20.04, 22.04, 24.04, 24.10)

    • With OpenJDK:

      sudo apt-get update
sudo apt-get install -y wget git unzip tar net-tools xz-utils curl gzip patch locales make gcc g++ openjdk-17-jdk
sudo locale-gen en_US.UTF-8

    • With Eclipse Adoptium Temurin Runtime (previously known as AdoptOpenJDK hotspot):

      sudo apt-get update
sudo apt-get install -y wget git unzip tar net-tools xz-utils curl gzip patch locales make gcc g++
sudo locale-gen en_US.UTF-8
      • Download and install Eclipse Adoptium Temurin Runtime (Java 17) from here.

Note:

  • Environment variable JAVA_HOME and PATH needs to be updated for the installed Java version.
  • At the time of creating these build instructions, SonarQube was verified with: Eclipse Adoptium Temurin Runtime (build jdk-17.0.11+9).

2. Build Elasticsearch

SonarQube needs Elasticsearch and the package includes it. However, it does not work properly on s390x therefore we need to build it from source and replace the provided package. Please check this link for more details of building Elasticsearch.

cd $SOURCE_ROOT
PATCH_URL="https://raw.githubusercontent.com/linux-on-ibm-z/scripts/master/SonarQube/25.1.0/patch"
export LANG="en_US.UTF-8"
export ES_JAVA_HOME=$JAVA_HOME

git clone -b v8.14.3 https://github.com/elastic/elasticsearch
cd elasticsearch

curl -sSL $PATCH_URL/elasticsearch.diff | git apply -

git fetch --tags
latest_tag=$(git tag | sort -V | tail -n1)
latest_tag="${latest_tag:1}-SNAPSHOT"
sed -i 's|${project.version}|'"${latest_tag}"'|g' $SOURCE_ROOT/elasticsearch/x-pack/plugin/ml/build.gradle

mkdir -p $SOURCE_ROOT/elasticsearch/distribution/packages/s390x-rpm/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/packages/s390x-deb/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/archives/linux-s390x-tar/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/ubi-docker-s390x-export/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/cloud-docker-s390x-export/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/cloud-ess-docker-s390x-export/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/docker-s390x-export/
mkdir -p $SOURCE_ROOT/elasticsearch/distribution/docker/ironbank-docker-s390x-export/
./gradlew :distribution:archives:linux-s390x-tar:assemble --max-workers=`nproc`  --parallel

# save the artifact link to an env variable.
export elasticsearch=`pwd`/distribution/archives/linux-s390x-tar/build/distributions/elasticsearch-8.14.3-SNAPSHOT-linux-s390x.tar.gz

# make sure the file exists:
ls -l $elasticsearch

3. Download and extract SonarQube and sonar-scanner-cli

cd $SOURCE_ROOT
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-25.1.0.102122.zip
unzip -q sonarqube-25.1.0.102122.zip
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.0.4584-linux-x64.zip
unzip -q sonar-scanner-cli-6.2.0.4584-linux-x64.zip

4. Replace elasticsearch in SonarQube package

rm $SOURCE_ROOT/sonarqube-25.1.0.102122/bin/elasticsearch
rm -rfd $SOURCE_ROOT/sonarqube-25.1.0.102122/elasticsearch/*
tar -xzf $elasticsearch -C $SOURCE_ROOT/sonarqube-25.1.0.102122/elasticsearch --strip-components 1
cp $SOURCE_ROOT/sonarqube-25.1.0.102122/elasticsearch/bin/elasticsearch $SOURCE_ROOT/sonarqube-25.1.0.102122/bin/

5. Run SonarQube

sudo groupadd sonarqube      # If group is not already created
sudo usermod -aG sonarqube $(whoami)
sudo chown $(whoami):sonarqube -R $SOURCE_ROOT/sonarqube-25.1.0.102122
export PATH=$PATH:$SOURCE_ROOT/sonarqube-25.1.0.102122/bin/linux-x86-64
export SONAR_JAVA_PATH=$JAVA_HOME/bin/java
sonar.sh start
echo 'use `sonar.sh stop` to stop sonarqube'

Note: SonarQube cannot be run as root on Unix-based systems, so create a dedicated user account to use for SonarQube if necessary which has standard permission rights, hence we have changed the owner in the above step. Click here to know more about configuration.

6. Run Testcases which cover Java, JavaScript, Python, PHP and more (Optional)

Modify $SOURCE_ROOT/sonar-scanner-6.2.0.4584-linux-x64/bin/sonar-scanner to use system JVM.

sed -i 's/use_embedded_jre=true/use_embedded_jre=false/g' $SOURCE_ROOT/sonar-scanner-6.2.0.4584-linux-x64/bin/sonar-scanner

Modify SonarScanner CLI settings:

echo 'sonar.host.url=http://localhost:9000' >> "$SOURCE_ROOT"/sonar-scanner-6.2.0.4584-linux-x64/conf/sonar-scanner.properties
echo 'sonar.scanner.skipJreProvisioning=true' >> "$SOURCE_ROOT"/sonar-scanner-6.2.0.4584-linux-x64/conf/sonar-scanner.properties

Clone sample test cases

cd $SOURCE_ROOT/
git clone https://github.com/SonarSource/sonar-scanning-examples.git

Scanner for java using gradle only needs sonarqube, The default username and password for sonarqube is admin and admin:

cd $SOURCE_ROOT/sonar-scanning-examples/sonar-scanner-gradle/gradle-basic
./gradlew -Dsonar.host.url=http://localhost:9000 -Dsonar.login=<username> -Dsonar.password=<password> sonar

cd $SOURCE_ROOT/sonar-scanning-examples/sonar-scanner-gradle/gradle-multimodule
./gradlew -Dsonar.host.url=http://localhost:9000 -Dsonar.login=<username> -Dsonar.password=<password> sonar

cd $SOURCE_ROOT/sonar-scanning-examples/sonar-scanner-gradle/gradle-multimodule-coverage
./gradlew clean build codeCoverageReport -Dsonar.host.url=http://localhost:9000 -Dsonar.login=<username> -Dsonar.password=<password> sonar

For other languages, you can follow the following. For instance, for python, you can do:

cd $SOURCE_ROOT/sonar-scanning-examples/sonar-scanner/src/python
$SOURCE_ROOT/sonar-scanner-6.2.0.4584-linux-x64/bin/sonar-scanner -Dsonar.projectKey=myproject -Dsonar.sources=. -Dsonar.login=<username> -Dsonar.password=<password>

Once the scanner completes, its analysis results will be posted to SonarQube server for viewing. Results can be accessed by pointing a supported browser to http://<HOST_IP>:9000/.

Note:

  • You can run scanner for JavaScript, PHP in the same way as above. Just make sure you are in the appropriate base directory of the project you are testing.
  • nodejs is required to run scanner for JavaScript. Download latest stable Node.js from here. (Requires latest nodejs version. Reference: https://github.com/nodejs/node/issues/43246. At the time of creating these build instructions, nodejs v22.2.0 was verified)
  • In case of errors encountered similar to Unsupported architecture: s390x while scanning the repo, Follow below steps :
    After starting the server, navigate to the UI, then to Administration > General Settings > Languages. From the list, choose Kubernetes and disable the option for Activate Kubernetes analysis.
    Alternative, if you want for specific scan, can add -Dsonar.kubernetes.activate=false flag to the command.
    Reference: https://community.sonarsource.com/t/gradle-sonar-arm64-support/107629

References:

The information provided in this article is accurate at the time of writing, but on-going development in the open-source projects involved may make the information incorrect or obsolete. Please open issue or contact us on IBM Z Community if you have any questions or feedback.

Clone this wiki locally