SonarQube
Reference
Deploy SonarQube on Kubernetes
SonarSource / helm-chart-sonarqube
https://github.com/SonarSource/helm-chart-sonarqube/tree/master/charts/sonarqube
Install and configure SonarQube on the OpenShift container platform and CI/CD automation with Jenkins
Install manually on OpenShift (OKD 4.15)
This procedure follows the indication at the reference "Install and configure SonarQube on the OpenShift container platform and CI/CD automation with Jenkins".
Pre-requisites
OKD is up and running w/ DNS record:
*.apps.myokd.mydomain.tld
Create a new OpenShift project, eg:
$ oc new-project jenkinsonar --display-name 'Jenkins Sonar'
PostgreSQL configuration
Helm charts:
bitnami/postgresql 15.5.4 16.3.0
Install:
oc project jenkinsonar
helm upgrade postgres bitnami/postgresql --version '15.5.4' --install
Output
PostgreSQL can be accessed via port 5432 on the following DNS names from within your cluster:
postgres-postgresql.jenkinsonar.svc.cluster.local - Read/Write connection
To get the password for "postgres" run:
export POSTGRES_PASSWORD=$(kubectl get secret --namespace jenkinsonar postgres-postgresql -o jsonpath="{.data.postgres-password}" | base64 -d)
To connect to your database run the following command:
kubectl run postgres-postgresql-client --rm --tty -i --restart='Never' --namespace jenkinsonar --image docker.io/bitnami/postgresql:16.3.0-debian-12-r13 --env="PGPASSWORD=$POSTGRES_PASSWORD" --command -- psql --host postgres-postgresql -U postgres -d postgres -p 5432
Create the database that SonarQube will use
postgres=# create user sonarqube with encrypted password '<db-password>';
postgres=# ALTER USER sonarqube CREATEDB;
ALTER USER sonarqube SET search_path to sonarqube;
postgres=# create database sonarqube OWNER sonarqube;
postgres=# grant all privileges on database sonarqube to sonarqube;
\connect sonarqube;
create schema sonarqube;
GRANT ALL ON SCHEMA sonarqube TO sonarqube;
SonarQube configuration
sonar-deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: sonarqube
spec:
replicas: 1
selector:
matchLabels:
app: sonarqube
template:
metadata:
labels:
app: sonarqube
spec:
containers:
- name: sonarqube
image: sonarqube
ports:
- containerPort: 9000
env:
- name: SONAR_JDBC_URL
value: "jdbc:postgresql://postgres-postgresql.jenkinsonar.svc.cluster.local:5432/sonarqube?currentSchema=sonarqube"
- name: SONAR_JDBC_USERNAME
value: "sonarqube"
- name: SONAR_JDBC_PASSWORD
value: "<db-password>"
$ oc apply -f sonar-deployment.yml
sonar-service.yml
apiVersion: v1
kind: Service
metadata:
name: sonarqube
spec:
ports:
- port: 9000
targetPort: 9000
selector:
app: sonarqube
type: ClusterIP
$ oc apply -f sonar-service.yml
sonar-route.yml
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: sonarqube-route
spec:
host: sonarqube.apps.myokd.mydomain.tld
to:
kind: Service
name: sonarqube
weight: 100
port:
targetPort: 9000
$ oc apply -f sonar-route.yml
Access the SonarQube in a web browser using default credentials:
http://sonarqube.apps.myokd.mydomain.tld
username: admin
password: admin
Now create a unique token and copy that token into N...
TBD
Jenkins configuration
TBD
Install using Helm on OpenShift (OKD 4.15)
Warning, chart versions that didn't work:
bitnami/sonarqube 5.2.0 10.4.1 //Installs fine, unable to access
sonarqube/sonarqube 10.5.1+2816 10.5.1
sonarqube/sonarqube ~8
Only Helm 3 is supported.
helm repo add sonarqube https://SonarSource.github.io/helm-chart-sonarqube
helm repo update
sonarqube/sonarqube 10.5.1+2816 10.5.1
WARNING: This procedure didn't create any pod!
Create the openshift project (aka k8s namespace):
oc new-project sonar --display-name 'Sonar'
Install the helm chart:
helm upgrade sonar sonarqube/sonarqube --version '10.5.1+2816' --install --set initSysctl.enabled=false,initFs.enabled=false,containerSecurityContext.allowPrivilegeEscalation=false,containerSecurityContext.runAsNonRoot=true,containerSecurityContext.runAsUser="1000",containerSecurityContext.runAsGroup="0",containerSecurityContext.seccompProfile.type=RuntimeDefault,containerSecurityContext.capabilities.drop[0]="ALL"
bitnami/sonarqube 5.2.0 10.4.1
WARNING: This procedure didn't allow to access it!
Create the openshift project:
oc new-project sonarqube --display-name 'SonarQube'
Install the helm chart:
helm upgrade --install -n sonarqube --version "5.2.0" sonarqube bitnami/sonarqube
sonarqube/sonarqube 8.x.x 9.9 LTA
WARNING: This procedure didn't create any pod!
Create the openshift project (aka k8s namespace):
oc new-project sonar --display-name 'Sonar'
Install the helm chart:
helm upgrade --install -n sonar --version '~8' sonar sonarqube/sonarqube