This is a Vagrant Environment for a SonarQube based Source Code Analysis service.
This will:
- Install a SonarQube instance and configure it through its Web API.
- Install PostgreSQL as a database server for SonarQube.
- Install nginx as a proxy to SonarQube.
- Install iptables firewall.
- Install and use the SonarQube Scanner for Java on a raw Java project.
- Install and use the SonarQube Scanner for Maven on a Maven based Java project.
NB There is also a Windows based SonarQube Vagrant Environment.
Build and install the Ubuntu Base Box.
Install Vagrant 2.1+.
If you want to use LDAP for user authentication, you have to:
- have rgl/windows-domain-controller-vagrant up and running at
../windows-domain-controller-vagrant. - uncomment the
config_authentication='ldap'line inside provision.sh.
Add the following entry to your /etc/hosts file:
10.10.10.103 sonarqube.example.com
Launch the environment:
# or --provider=virtualbox.
vagrant up --no-destroy-on-error --provider=libvirtView the SonarQube home page at:
NB nginx is setup with a self-signed certificate that you have to trust before being able to access the local SonarQube page.
And login as admin/password.
When using the default LDAP settings you can also use the following users:
| Username | Password | Groups |
|---|---|---|
jane.doe |
HeyH0Password |
sonar-users |
john.doe |
HeyH0Password |
sonar-administrators, sonar-users, Domain Admins |
At some point in time, SonarQube started supporting multiple external identity providers, but unfortunately, for my simple use-case of using a single identity provider (LDAP), it means that the SonarQube username is now randomly generated and does not directly map to the LDAP username.
This means that, for example, the LDAP username jane.doe ends up with a SonarQube username like jane-doe35582 (which is derived from the LDAP user display name and a random number).
This means that from the SonarQube viewpoint, the LDAP user will have an external SonarQube user with the following properties:
curl --silent --fail --show-error \
--user admin:password \
-X GET \
'localhost:9000/api/users/search?q=jane.doe' \
| jq{
"paging": {
"pageIndex": 1,
"pageSize": 50,
"total": 1
},
"users": [
{
"login": "jane-doe35582",
"name": "Jane Doe",
"active": true,
"email": "jane.doe@example.com",
"groups": [
"sonar-users"
],
"tokensCount": 0,
"local": false,
"externalIdentity": "jane.doe",
"externalProvider": "LDAP_default",
"avatar": "0cba00ca3da1b283a57287bcceb17e35",
"lastConnectionDate": "2023-04-14T06:29:42+0000"
}
]
}Though, the SonarQube username can be later modified with:
curl --silent --fail --show-error \
--user admin:password \
-X POST \
localhost:9000/api/users/update_login \
-d login=jane-doe35582 \
-d newLogin=jane.doe