Skip to content

aws setup sonarqube instance

devonfw-core edited this page Dec 27, 2022 · 3 revisions

Setting up a SonarQube instance in AWS

Introduction

The scope of this section is to deploy an AWS EC2 instance running SonarQube for further usage from a CI pipeline. A set of scripts and a Terraform recipe have been created in order to assist you in the launch of a SonarQube instance with an embedded database.

Getting Started

Prerequisites

  • Install Terraform.

  • Install AWS CLI.

  • Have a SSH keypair for the SonarQube instance. You can use an existing one or create a new one with the following command:

aws ec2 create-key-pair --key-name sonarqube --query 'KeyMaterial' --output text > sonarqube.pem
Important
This will create a public key, directly stored in AWS (current region only), and a private key stored in the sonarqube.pem file, that will be necessary if you ever need to access the instance, so be sure you store it securely.

Relevant files

  • ./sonarqube.sh script to automatically do all the steps in one command execution.

  • main.tf contains declarative definition written in HCL of Cloud infrastructure.

  • ../common/setup_sonarqube.sh script to be run on an AWS EC2 instance that installs and deploys a container running SonarQube.

  • variables.tf contains variable definition for main.tf.

  • terraform.tfvars contains values (user-changeable) for the variables defined in variables.tf.

  • terraform.tfstate contains current state of the created infrastructure. It is generated after use it and should be stored securely.

  • set-terraform-variables.sh assists user in setting the values of terraform.tfvars.

SonarQube instance setup

Quick setup

To make it easier to use for non-experienced users, or for those who need only one command to be executed, we provide sonarqube.sh script that executes all the steps automatically.

Usage

./sonarqube.sh <command> [flags...] [terraform variables...]

Commands

COMMAND       DESCRIPTION
apply         Creates or updates infrastructure.
destroy       Destroys previously created infrastructure.
output        Shows output values from Terraform state. Ignores flags other than '--output-key' or '-k'.
              To print only one output value use flag '--output-key <key>' where key is the name of the output variable.

Flags

-s, --state-folder    Folder for saving/importing Terraform configuration.
-k, --output-key      [ONLY FOR output] Key of a single Terraform output variable to print.
-q, --quiet           Suppress output other than the generated by Terraform command.
-h, --help            Displays help message.

Terraform variables

These variables will be used to update terraform.tfvars (using set-terraform-variables.sh script). They are ignored in output command. Syntax: '--key value' or '--key=value'.

Configurable variables
{terraform_vars}

Examples

./sonarqube.sh apply --state-folder /secure/location {terraform_vars_example_short}

./sonarqube.sh apply --state-folder /secure/location {terraform_vars_example_full}
Caution
Remember to securely store all the content inside the state folder, otherwise you will not be able to perform any changes in infrastructure, including destroying it, from Terraform.

Step-by-step setup

First, you need to initialize the working directory containing Terraform configuration files (located at /scripts/sonarqube/aws) and install any required plugins:

terraform init

Then, you may need to customize some input variables about the environment. To do so, you can either edit terraform.tfvars file or take advantage of the set-terraform-variables script, which allows you to create or update values for the required variables, passing them as flags.

Configurable variables:

{terraform_vars}

Examples of usage:

./set-terraform-variables.sh {terraform_vars_example_short}

./set-terraform-variables.sh {terraform_vars_example_full}
Warning
Unless changed, some of the variables used by default probably do not exist in your environment of AWS.

Finally, deploy SonarQube instance:

terraform apply --auto-approve
Caution
Remember to securely store terraform.tfstate file, otherwise you will not be able to perform any changes in infrastructure, including detroying it, from Terraform. More insights here.
Note
terraform apply command performs a plan and actually carries out the planned changes to each resource using the relevant infrastructure provider’s API. You can use it to perform changes on the created resources later on.

In particular, this will create an AWS EC2 instance based on Ubuntu and deploy a Docker container running SonarQube.

You will get the public URL of the SonarQube instance and an admin token as output. Take note of it, you will need it later on.

Destroy SonarQube instance

As long as you keep the terraform.tfstate file generated when creating the SonarQube instance, you can easily destroy it and all associated resources by executing:

terraform destroy

Modify SonarQube instance infrastructure

As long as you keep the terraform.tfstate file generated when creating the SonarQube instance, you can apply changes to the infrastructure deployed by modifying main.tf and executing:

terraform output > terraform.tfoutput
terraform apply
Important
In Windows, when applying any changes, the value of the token is lost if terraform.tfoutput does not exist. Be sure you do not skip the first command.

Change Sonarqube default admin password

After a few minutes, you will be able to access SonarQube web interface on the public URL provided by Terraform output with the following credentials:

  • Username: admin

  • Password: admin

Important
Change the default password promptly. After that, update the password in Terraform configuration: ./set-terraform-variables.sh --sonarqube_password <new password>.

Appendix: More information about Terraform for AWS

Guides per provider

Clone this wiki locally