Basic installation SonarQube
There are different community-driven sonar cartridges around. There is
- this one that bases on a Tomcat cartridges and provides SonarQube 3.x and
- that one that comes with SonarQube 4.0.
- The most uptodate and flexible one is this, though. It downloads a specific version of SonarQube with each build. At the moment it works with version 4.1.1. I’m still working on getting SonarQube 5 to run on openshift, but haven’t succeeded, yet.
There also is a tutorial that shows how to install SonarQube 3.1.1. It also contains general thoughts on how to bypass OpenShift’s restrictions.
Anyway, to install SonarQube 4.1.1 execute the following steps on your machine:
rhc app create sonar diy-0.1 postgresql-9.2
Make sure to remember the login and passwords!
git rm -r diy .openshift misc README.md git remote add upstream -m master https://github.com/worldline/openshift-sonarqube.git git pull -s recursive -X theirs upstream master git push
- Login to your SonarQube instance at
The default login and passwords are admin / admin.
You might want to change the password right away!
Basic installation Jenkins
A lot of information within this paragraph was taken from here.
- Create Jenkins gear with Git-SSH
rhc create-app jenkins jenkins-1 "https://cartreflect-claytondev.rhcloud.com/reflect?github=majecek/openshift-community-git-ssh"
- Authorize your Jenkins node to communicate with other gears (and with you Git Repository)
Generate SSH key for your Jenkins node
SSH to the jenkins node
ssh-keygen -t rsa -b 4096 -f $OPENSHIFT_DATA_DIR/git-ssh
- Add the key to your OpenShift, either
- via web console
In SSH console
then copy and paste the output into web console
- via rhc
Download the public key (id_rsa.pub) to your host (e.g. by SFTP) and use the
rhc sshkey add
command to authorize the public keys for your OpenShift account.
If you plan on accessing a private repo or want to allow jenkins committing to your repo (e.g. for generate releases with the maven release plugin) you should also add the key to your repo account. See GitHub Help.
- via web console
- Install Plugins
Browse to Update Center
and hit Check Now (as described here).
Then go to the Available tab and install
- Sonar Plugin,
- GitHub plugin,
- embeddable-build-status (if you’d like to include those nifty build badges in you README.md).
While you’re at it, you might as well update the already installed plugins in the Updates tab.
Then hit Install without restart or Download and install after restart. If necessary, you can restart your app like so
rhc app restart -a jenkins
- Set up maven settings.xml to a writable location.
- SSH to Jenkins
mkdir $OPENSHIFT_DATA_DIR/.m2 echo -e "<settings><localRepository>$OPENSHIFT_DATA_DIR/.m2</localRepository></settings>" > $OPENSHIFT_DATA_DIR/.m2/settings.xml
- Browse to Configure System
Default settings provider: Settings file in file system
- SSH to Jenkins
Set up main Jenkins node as slave (easy to set up and doesn’t need extra gears).
Go to Configure System https://jenkins-<yourAccount>.rhcloud.com/configure and set
# of executors: 1
As an alternative, you could also use another gear as dedicated Jenkins slave. To do so, follow the steps described here.
[EDIT 2015-08-09: As it turned out, memory is too low to run the jenkins master and builds on one node. See my second post on how to introduce a dedicated slave node to this setup]
- Setup sonar plugin
On the Jenkins frontend, go to Configure System
- Global properties,
tick Environment variables
See here for more information.
- Then set up the plugin itself
Navigate to Sonar, Sonar installations and set the following
Sonar account login: admin
Sonar account password: <your pw>, default: admin
Database URL: jdbc:postgresql://$OPENSHIFT_JENKINS_IP:15555/sonar
Database login: The admin account that was returned when you first created the sonar application
Database password: The password that was returned when you first created the sonar application
- Hit Save
- Global properties,
Configure build for a repository
Now lets set up our first build.
- Go to
Item name: <your Project name>
Build a free-style software project (Unfortunately, Maven projects do not work due to OpenShift’s restrictions.)
- On the next Screen
https://github.com/<your user>/<your repo>/
Source Code Management:
https://github.com/<your user>/<your repo>.git
Branch Specifier (blank for ‘any’): origin/master
Build Triggers: Tick: Build when a change is pushed to GitHub
Build | Execute Shell
cd $WORKSPACE # Start the actual build mvn clean compile test package
Post-build Actions | Add post-build action | Sonar
- I’d also recommend the following actions
Post-build Actions | Add post-build action | Publish JUnit test result report
Test report XMLs=target/surefire-reports/TEST-.xml*
Post-build Actions | Add post-build action | E-mail Notification
Recipients=<your email address>
- Hit Apply.
- That’s it for the basic build set up. Now for the fun part: We need to find a way for Jenkins to reach sonar’s database.
We’ll use an SSH tunnel for that.
Build | Add build step | Execute Shell
Now enter the following:
# Make sure Tunnel for Sonar is open # Find out IP and port of DB OPENSHIFT_POSTGRESQL_DB_HOST_N_PORT=$(ssh -i $OPENSHIFT_DATA_DIR/git-ssh/id_rsa -o "UserKnownHostsFile=$OPENSHIFT_DATA_DIR/git-ssh/known_hosts" <UID>@sonar<yourAccount>.rhcloud.com '(echo `printenv OPENSHIFT_POSTGRESQL_DB_HOST`:`printenv OPENSHIFT_POSTGRESQL_DB_PORT`)') # Open tunnel to DB BUILD_ID=dontKillMe nohup ssh -i $OPENSHIFT_DATA_DIR/git-ssh/id_rsa -o "UserKnownHostsFile=$OPENSHIFT_DATA_DIR/git-ssh/known_hosts" -L $OPENSHIFT_JENKINS_IP:15555:$OPENSHIFT_POSTGRESQL_DB_HOST_N_PORT -N <UID>@sonar<yourAccount>.rhcloud.com &
This will tunnel requests from your Jenkins’ local Port 15555 via SSH to your sonar gear, which will forward it to its local PostgreSQL database.
What is missing is script that explicitly closes the tunnel. But for now I’m just happy that everything is up and running. The tunnel will eventually be closed after a timeout. Let me know if you have any ideas how to improve the tunnel handling.
- Finally, press Save and you’re almost good to go.
- Before running your first build you should SSH to your Jenkins once more and
ssh -i $OPENSHIFT_DATA_DIR/git-ssh/id_rsa -o "UserKnownHostsFile=$OPENSHIFT_DATA_DIR/git-ssh/known_hosts" <UID>@sonar<yourAccount>.rhcloud.com
so the sonar node is added to the list of know hosts.
3 thoughts on “Building GitHub projects with Jenkins, Maven and SonarQube 4.1.1 on OpenShift”