title: Install the Server
Several database engines are supported. Be sure to follow the requirements listed for your database, they are real requirements not recommendations.
Create an empty schema and a sonarqube
user. Grant this sonarqube
user permissions to create
, update
, and delete
objects for this schema.
Collation MUST be case-sensitive (CS) and accent-sensitive (AS).
READ_COMMITED_SNAPSHOT
MUST be set on the SonarQube database.
MS SQL database’s shared lock strategy may impact SonarQube runtime. Making sure that is_read_committed_snapshot_on
is set to true
to prevent SonarQube from facing potential deadlocks under heavy loads.
Example of query to check is_read_committed_snapshot_on
:
SELECT is_read_committed_snapshot_on FROM sys.databases WHERE name='YourSonarQubeDatabase';
Example of query to update is_read_committed_snapshot_on
:
ALTER DATABASE YourSonarQubeDatabase SET READ_COMMITTED_SNAPSHOT ON WITH ROLLBACK IMMEDIATE;
If you want to use integrated security, you have to download the Microsoft SQL JDBC Driver 6.2 package from https://www.microsoft.com/en-us/download/details.aspx?id=55539 and copy sqljdbc_auth.dll
to any folder in your path. You should match the 32-bit or 64-bit version of the dll to the architecture of your server machine. If you are running the SonarQube as a windows service and want to use Integrated security, please make sure the Windows account under which the service is running has permission to connect your SQL Server. The account should have db_owner
database role membership. Otherwise, if you are running the SonarQube server from a command prompt and want to use Integrated security, the user under which the command prompt is running should have db_owner
database role membership. Also ensure that sonar.jdbc.username
or sonar.jdbc.password properties
are commented out, otherwise SonarQube will use SQL Authentication.
sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true
If you want to use SQL Authentication, use the following connection string. Also ensure that sonar.jdbc.username
and sonar.jdbc.password
are set appropriately.
sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar
sonar.jdbc.username=sonarqube
sonar.jdbc.password=mypassword
If there are two SonarQube schemas on the same Oracle instance, especially if they are for two different versions, SonarQube gets confused and picks the first it finds. To avoid this issue:
warning | Oracle JDBC driver versions 12.1.0.1 and 12.1.0.2 have major bugs, and are not recommended for use with the SonarQube (see more details).
If you want to use a custom schema and not the default “public” one, the PostgreSQL search_path
property must be set:
ALTER USER mySonarUser SET search_path to mySonarQubeSchema
warning | MySQL is not supported for Data Center Edition.
There are two well-known engines that can be used in MySQL: MyISAM and InnoDB. MyISAM is the oldest of the two engines and is being progressively replaced by InnoDB. InnoDB is clearly faster and scales better with SonarQube as the number of projects under quality control increases. If you were an early adopter of SonarQube, you probably have a series of tables that are still using MyISAM. To improve performance, you should change the engine for all tables to InnoDB.
Once all SonarQube tables are using the InnoDB engine, the first thing to do is allocate a maximum amount of RAM to your MySQL instance with the innodb_buffer_pool_size
parameter and give at least 15Mb to the query_cache_size
parameter. Read this article about InnoDB Performance Optimization Basics for more information.
First, check the requirements. Then download and unzip the distribution (do not unzip into a directory starting with a digit).
SonarQube cannot be run as root
on Unix-based systems, so create a dedicated user account to use for SonarQube if necessary.
$SONARQUBE-HOME (below) refers to the path to the directory where the SonarQube distribution has been unzipped.
Edit $SONARQUBE-HOME/conf/sonar.properties to configure the database settings. Templates are available for every supported database. Just uncomment and configure the template you need and comment out the lines dedicated to H2:
Example for PostgreSQL
sonar.jdbc.username=sonarqube
sonar.jdbc.password=mypassword
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube
Drivers for the supported databases (except Oracle) are already provided. Do not replace the provided drivers; they are the only ones supported.
For Oracle, copy the JDBC driver into $SONARQUBE-HOME/extensions/jdbc-driver/oracle.
By default, Elasticsearch data is stored in $SONARQUBE-HOME/data, but this is not recommended for production instances. Instead, you should store this data elsewhere, ideally in a dedicated volume with fast I/O. Beyond maintaining acceptable performance, doing so will also ease the upgrade of SonarQube.
Edit $SONARQUBE-HOME/conf/sonar.properties to configure the following settings:
sonar.path.data=/var/sonarqube/data
sonar.path.temp=/var/sonarqube/temp
The user used to launch SonarQube must have read and write access to those directories.
The default port is “9000” and the context path is “/”. These values can be changed in $SONARQUBE-HOME/conf/sonar.properties:
sonar.web.host=192.0.0.1
sonar.web.port=80
sonar.web.context=/sonarqube
Execute the following script to start the server:
You can now browse SonarQube at http://localhost:9000 (the default System administrator credentials are admin
/admin
).
By default, SonarQube is configured to run on any computer with a simple Java JRE.
For better performance, the first thing to do when installing a production instance is to use a Java JDK and activate the server mode by uncommenting/setting the following line in $SONARQUBE-HOME/conf/sonar.properties:
sonar.web.javaOpts=-server
To change the Java JVM used by SonarQube, simply edit $SONARQUBE-HOME/conf/wrapper.conf and update the following line:
wrapper.java.command=/path/to/my/jdk/bin/java
Once your server is installed and running, you may also want to Install Plugins. Then you’re ready to begin Analyzing Source Code.
To grant more memory to a server-side process, uncomment and edit the relevant javaOpts property in $SONARQUBE_HOME/conf/sonar.properties
, specifically:
sonar.web.javaOpts
(minimum values: -server -Xmx768m
)sonar.ce.javaOpts
sonar.search.javaOpts
By default, remote access to MySQL database server is disabled for security reasons. If you want to remotely access the database server, you need to follow this quick guide.
SonarQube seems unable to start when installed under the Program Files
directory on Windows Vista. It should therefore not be installed there.
USERS
table structureWhen other USERS
tables exist in the Oracle DB, if the sonarqube
user has read access on this other USERS
table, the SonarQube web server can’t start and an exception like the following one is thrown:
ActiveRecord::ActiveRecordError: ORA-00904: "TOTO": invalid identifier
: INSERT INTO users (login, name, email, crypted_password, salt,
created_at, updated_at, remember_token, remember_token_expires_at, toto, id)
VALUES('admin', 'Administrator', '', 'bba4c8a0f808f9798cf8b1c153a4bb4f9178cf59', '2519754f77ea67e5d7211cd1414698f465aacebb',
TIMESTAMP'2011-06-24 22:09:14', TIMESTAMP'2011-06-24 22:09:14', null, null, null, ?)
ActiveRecord::ActiveRecordError: ORA-00904: "TOTO": invalid identifier
: INSERT INTO users (login, name, email, crypted_password, salt,
created_at, updated_at, remember_token, remember_token_expires_at, toto, id)
VALUES('admin', 'Administrator', '', 'bba4c8a0f808f9798cf8b1c153a4bb4f9178cf59',
'2519754f77ea67e5d7211cd1414698f465aacebb', TIMESTAMP'2011-06-24 22:09:14', TIMESTAMP'2011-06-24 22:09:14', null, null, null, ?)
To fix this issue, the rights of the sonarqube
Oracle user must be decreased to remove read access on the other USERS
table(s).
Double check that settings for proxy are correctly set in $SONARQUBE_HOME/conf/sonar.properties
.
Note that if your proxy username contains “\” (backslash), then it should be escaped - for example username “domain\user” in file should look like:
http.proxyUser=domain\\user
For some proxies, the exception “java.net.ProtocolException: Server redirected too many times” might mean an incorrect username or password has been configured.
SonarQube starts an Elasticsearch process, and the same account that is running SonarQube itself will be used for the Elasticsearch process. Since Elasticsearch cannot be run as root
, that means SonarQube can’t be either. You must choose some other, non-root
account with which to run SonarQube, preferably an account dedicated to the purpose.