This guide is to help customers migrate from the hosted CloudBees Sonar service to an installation they manage themselves.
- SonarQube 4.3
A later version of SonarQube may be used, however this will require you to perform an upgrade rather than straight migration - this is out of scope for this document.
If you want to use DEV@cloud Jenkins with this install, the MySQL database and Sonar must both be publicly accessible so that your Jenkins master and executors can communicate freely.
(Optional) NGinX / Apache reverse proxy if you require https support or to run on port 80.
Step 1 - Retrieve database details.
Contact CloudBees support and request Sonar database connection details.
Step 2 - Dump the database to a file
Dump the database contents using mysqldump.
mysqldump \ -h <host provided by support> \ -u [user] \ -p \ cb-ci-[account name] \ > sonar-dump.sql
This may take several minutes to complete depending on your usage of Sonar.
Step 3 - Create a database/user in mysql
From a MySQL console connected to your new database:
(note you must replace [SECURE PASSWORD] with a new password)
CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci; CREATE USER 'sonar' IDENTIFIED BY 'sonar'; GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY '[SECURE PASSWORD]'; GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY '[SECURE PASSWORD]’';
Step 4 - Import database
from in a mysql console:
Now connect to your Sonar MySQL database using
mysql -h localhost \ -u sonar \ -p \ sonar
Now load the sonar dump file you prepared earlier
Step 5 - Install SonarQube
Download SonarQube from http://downloads.sonarsource.com/sonarqube/sonarqube-4.3.zip
Unzip SonarQube to the desired location. Update [SONAR_HOME]/conf/sonar.properties to the correct database settings.
Amend the configuration file as below:
sonar.jdbc.username=sonar sonar.jdbc.password=[SECURE PASSWORD] # Comment out # sonar.jdbc.url=jdbc:h2:tcp://localhost:9092/sonar # sonar.jdbc.url=jdbc:mysql://[HOSTNAME]:[PORT]/[DATABASE]?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true
Step 6 - Start server
[SONAR HOME]/bin/<platform>/sonar.sh start
Server logs can be found in
Sonar now should be accessable from http://localhost:9000 in the browser.
Step 7 - Security
CloudBees adds its own security layer in the form of the OpenID plugin that is customized for the environment.
As the installation no longer includes the CloudBees OpenID plugin - anonymous has unrestricted access.
The recommended action is to go to Settings > Users, create a user or set a password on an existing one. Make sure it is part of the sonar-administrators group.Then login, and go to Settings > General Settings > Security and set “**Force user authentication**” to true.
Regardless of if you want to force authentication, you should also remove the Anyone group from Administrator functions in Settings > Global Permissions. Other groups should be reviews as well.
Step 8 - Install required plugins
From the SonarQube update center install any plugins that the SonarQube used on DEV@cloud.
Step 9 - Add SSL/Reverse proxy.
SonarQube has some documentation on this.
Step 10 - Configure Jenkins
Update the sonar database information in your Jenkins configuration screen at /configure.