Bitnami SonarQube Installer

NOTE: Before running the commands shown on this page, you should load the Bitnami stack environment by executing the installdir/use_APPNAME script (Linux and Mac OS X) or by clicking the shortcut in the Start Menu under "Start -> Bitnami APPNAME Stack -> Application console" (Windows). Learn more.
NOTE: When running the commands shown on this page, replace the installdir placeholder with the full installation directory for your Bitnami stack.

Description

SonarQube is an open source tool for continuous code quality which performs automatic reviews of code to detect bugs, code smells and vulnerabilities issues for 20+ programming languages.

First steps with the Bitnami SonarQube Stack

Welcome to your new Bitnami application! Here are a few questions (and answers!) you might need when first starting with your application.

What are the system requirements?

Before you download and install your application, check that your system meets these requirements.

How do I install the Bitnami SonarQube Stack?

Windows, OS X and Linux installer
  • Download the executable file for the Bitnami SonarQube Stack from the Bitnami website.

  • Run the downloaded file:

    • On Linux, give the installer executable permissions and run the installation file in the console.
    • On other platforms, double-click the installer and follow the instructions shown.

Check the FAQ instructions on how to download and install a Bitnami Stack for more details.

The application will be installed to the following default directories:

Operating System Directory
Windows C:\Bitnami\APPNAME-VERSION
Mac OS X /Applications/APPNAME-VERSION
Linux /opt/APPNAME-VERSION (running as root user)
OS X VM
  • Download the OS X VM file for the Bitnami SonarQube Stack from the Bitnami website.
  • Begin the installation process by double-clicking the image file and dragging the WordPress OS X VM icon to the Applications folder.
  • Launch the VM by double-clicking the icon in the Applications folder.

What credentials do I need?

You need application credentials, consisting of a username and password. These credentials allow you to log in to your new Bitnami application.

What is the administrator username set for me to log in to the application for the first time?

  • For Windows, Linux and OS X installers, the username was configured by you when you first installed the application.
  • For OS X VMs, the username can be obtained by clicking the Bitnami badge at the bottom right corner of the application welcome page.

What is the administrator password?

  • For Windows, Linux and OS X installers, the password was configured by you when you first installed the application.
  • For OS X VMs, the password can be obtained by clicking the Bitnami badge at the bottom right corner of the application welcome page.

What is the default configuration?

The SonarQube installation folder is located in installdir/apps/sonarqube/, which has the following contents:

Directory Content
conf/ SonarQube's Apache configuration files.
sonarqube/ SonarQube's files.
sonarqube/bin/ SonarQube's binaries.
sonarqube/conf/ SonarQube's configuration files.
sonarqube/data/ SonarQube's data.
sonarqube/…  
scripts/ Scripts to manage SonarQube's service.

Analyze your first project with SonarQube Scanner

To get started with the Bitnami SonarQube Stack and SonarQube Scanner, you can follow this two-minute quickstart guide to analyze a sample project:

Linux and Mac OS X

  • Download the SonarQube Scanner zip file. You can find it for all platforms on this link.
  • Unzip it in /opt:

     $ sudo unzip -d /opt sonar-scanner-cli-*.zip
    
  • Download some sample projects from this link.
  • Unzip them in $HOME/sonar-scanning-examples:

     $ unzip -d $HOME master.zip
    
  • Analyze a project as shown below. Replace the USERNAME and PASSWORD placeholders with the correct user name and password.

     $ cd $HOME/sonar-scanning-examples/sonarqube-scanner
     $ /opt/sonar-scanner-*/bin/sonar-scanner -Dsonar.login=USERNAME -Dsonar.password=PASSWORD
    
  • Browse to http://localhost to find out the results. (localhost is a placeholder. Please, replace it with the actual domain of your SonarQube server).

Windows

  • Download the SonarQube Scanner zip file. You can find it for all platforms on this link.
  • Unzip it in C:\sonar-scanner.
  • Download some sample projects from this link.
  • Unzip them in %HOMEPATH%\sonar-scanning-examples.
  • Analyze a project as shown below. Replace the USERNAME and PASSWORD placeholders with the correct user name and password.

     $ cd %HOMEPATH%\sonar-scanning-examples\sonarqube-scanner
     $ C:\sonar-scanner\bin\sonar-scanner.bat -D sonar.login=USERNAME -D sonar.password=PASSWORD
    
  • Browse to http://localhost to find out the results. (localhost is a placeholder. Please, replace it with the actual domain of your SonarQube server).

You can find more information about SonarQube Scanner at SonarQube's official documentation.

How to start or stop the services?

Linux

Bitnami native installers include a graphical tool to manage services. This tool is named manager-linux-x64.run on Linux and is located in the installation directory. To use this tool, double-click the file and then use the graphical interface to start, stop or restart services. Server log messages can be checked in the "Server Events" tab.

Management tool

The native installer also includes a command-line script to start, stop and restart applications, named ctlscript.sh. This script can be found in the installation directory and accepts the options start, stop, restart, and status. To use it, log in to the server console and execute it following the examples below:

  • Call it without any service names to start all services:

      $ sudo installdir/ctlscript.sh start
    
  • Use it to restart a specific service only by passing the service name as argument - for example, mysql, postgresql or apache:

      $ sudo installdir/ctlscript.sh restart mysql
      $ sudo installdir/ctlscript.sh restart postgresql
      $ sudo installdir/ctlscript.sh restart apache
    
  • Obtain current status of all services:

      $ installdir/ctlscript.sh status
    

The list of available services varies depending on the required components for each application.

Mac OS X

Bitnami native installers include a graphical tool to manage services. This tool is named manager-osx on Mac OS X and is located in the installation directory. To use this tool, double-click the file and then use the graphical interface to start, stop or restart services. Server log messages can be checked in the "Server Events" tab.

Management tool

The native installer also includes a command-line script to start, stop and restart applications, named ctlscript.sh. This script can be found in the installation directory and accepts the options start, stop, restart, and status. To use it, log in to the server console and execute it following the examples below:

  • Call it without any service names to start all services:

    $ sudo installdir/ctlscript.sh start
    
  • Use it to restart a specific service only by passing the service name as argument - for example, mysql or apache:

     $ sudo installdir/ctlscript.sh restart mysql
     $ sudo installdir/ctlscript.sh restart apache
    
  • Obtain current status of all services:

     $ installdir/ctlscript.sh status
    

The list of available services varies depending on the required components for each application.

NOTE: If you are using the stack manager for Mac OS X-VM, please check the following blog post to learn how to manage services from its graphical tool.

Windows

Bitnami native installers include a graphical tool to manage services. This tool is named manager-windows.exe on Windows and is located in the installation directory. To use this tool, double-click the file and then use the graphical interface to start, stop or restart services. Server log messages can be checked in the "Server Events" tab.

Management tool

The Windows native installer creates shortcuts to start and stop services created in the Start Menu, under "Programs -> Bitnami APPNAME Stack -> Bitnami Service". Servers can also be managed from the Windows "Services" control panel. Services are named using the format APPNAMESERVICENAME, where APPNAME is a placeholder for the application name and SERVICENAME is a placeholder for the service name. For example, the native installer for the Bitnami WordPress Stack installs services named wordpressApache and wordpressMySQL.

These services will be automatically started during boot. To modify this behaviour, refer to the section on disabling services on Windows.

How to change the default administrator password?

Change the default administrator password manually

You can manually change the administrator password from the command line by following these steps:

  • Log in to the server console.
  • Obtain your database credentials. See the how to find the database credentials section to learn what is the database username and password.
  • Load the Bitnami SonarQube environment before connecting to your database server:
    • Linux and Mac OS X:

         $ sudo installdir/use_sonarqube
      
    • Windows:

         $ installdir/use_sonarqube
      

Once you have obtained the database credentials and loaded the environment, you should be able to connect to the MySQL server in order to change the administrator password. To do so:

  • Access the database by executing the following command:

     $ mysql -u root -p bitnami_sonarqube
    

    You will be prompted for your current database password.

  • Execute the following command. It will change your application administrator password. Remember to replace NEW_PASSWORD with the password you wish to set as default.

     mysql> UPDATE users SET crypted_password=SHA1(CONCAT('--', salt, '--', 'NEW_PASSWORD', '--')) WHERE id='1';
    

Now, you should be able to access your application using the new password.

Change the default administrator password from the SonarQube dashboard

You can change the administrator password from the SonarQube dashboard by following these steps:

  • Log in to the SonarQube dashboard.
  • Under the "User Name" dropdown menu in the upper right corner, click on "My Account".

    User account settings

  • Select the "Security" tab.
  • Enter your old password and enter your new password twice to confirm the change.

    Change the default administrator password

  • Click the "Change password" button.

How to configure the SonarQube server domain name?

The SonarQube server domain name is the default IP address or domain name assigned when SonarQube is launched. In order to configure a different domain name, follow the steps below:

  • Log in to the SonarQube dashboard and click on the "Administration" tab.
  • Browse to the "Configuration -> General settings -> General" menu.
  • Under the "General" section, change the "Server base URL" to the new server domain name.
  • Save the changes.

You can also manually change the server domain name from the command line by following these steps:

  • Log in to the server console.
  • Use the command below to change the server domain name. Remember to replace the NEW_SERVER_DOMAIN placeholder with the new server domain name.
    • Linux and Mac OS X:

       $ sudo installdir/sonarqube/bnconfig --machine_hostname NEW_SERVER_DOMAIN
      
    • Windows:

       $ installdir\sonarqube\bnconfig.exe --machine_hostname NEW_SERVER_DOMAIN
      

How to change the interface language?

SonarQube and SonarQube plugins rely on "Language Pack plugins" for translations. By default Bitnami SonarQube Stack embeds the English Pack.

In order to translate your SonarQube application, you need to install the proper "Language package" as you would any other plugin. Refer the Plugins instructions for more information on this.

You can find more information about the SonarQube Internationalization project at SonarQube's official Internationalization documentation.

How to access the administration panel?

Access the administration panel by browsing to http://localhost/sessions/new.

How to use the SonarQube Web API?

SonarQube provides a web API to access its functionality from applications.

All the documentation about how to use the SonarQube's web API is available by browsing to http://localhost/web_api. (localhost is a placeholder. Please, replace it with the actual domain of your SonarQube server).

How to install a plugin for SonarQube?

The Bitnami SonarQube Stack includes the plugins below by default:

How to install a plugin for SonarQube from the Admin Dashboard?

You can install plugins from the Admin Dashboard. To install a new plugin in SonarQube, follow these steps:

  • Log in to the SonarQube dashboard and click on the "Administration" tab.
  • Under the "System" dropdown menu, click on "Update center".
  • Select the "Available" tab and look for the plugin you want to install.
  • Click on the "Install" button.
  • Once the process finishes, you will be prompted to restart SonarQube in order to complete the installation. Click on the "Restart" button.
  • You will be prompted to confirm the action. Click again on the "Restart" button. This could take a few minutes.
  • That's it! Now you can navigate to the "Update center" again and check that your plugin is installed.

How to manually install a plugin for SonarQube?

To install a SonarQube plugin, download the plugin (.jar file) and save it in the installdir/sonarqube/sonarqube/extensions/plugins/ directory. Then, change the file ownership to sonarqube user.

Here is an example of installing the GitHub plugin for SonarQube:

  • Log in to the server console.
  • Navigate to the installdir/sonarqube/sonarqube/extensions/plugins/ directory.
  • Download the latest version of the plugin JAR. You can use the command below (on Linux and Mac OS X):

     $ sudo wget https://sonarsource.bintray.com/Distribution/sonar-github-plugin/sonar-github-plugin-1.4.1.822.jar
    
  • Change the ownership (Only on Linux and Mac OS X if the stack was installed as root).

    $ sudo chown -R sonarqube:sonarqube sonar-github-plugin-1.4.1.822.jar
    
  • Restart SonarQube using the graphical manager or the command-line script:

    $ sudo installdir/ctlscript.sh restart sonarqube
    

How to create a full backup of SonarQube?

The Bitnami SonarQube Stack is self-contained and the simplest option for performing a backup is to copy or compress the Bitnami stack installation directory. To do so in a safe manner, you will need to stop all servers, so this method may not be appropriate if you have people accessing the application continuously.

NOTE: If you want to create only a database backup, refer to these instructions for MySQL and PostgreSQL.

Backup on Linux and Mac OS X

Follow these steps:

  • Change to the directory in which you wish to save your backup.

     $ cd /your/directory
    
  • Stop all servers.

     $ sudo installdir/ctlscript.sh stop
    
  • Create a compressed file with the stack contents.

     $ sudo tar -pczvf application-backup.tar.gz installdir
    
  • Start all servers.

     $ sudo installdir/ctlscript.sh start
    
  • Download or transfer the application-backup.tar.gz file to a safe location.

You should now download or transfer the application-backup.tar.gz file to a safe location.

Backup on Windows

Follow these steps:

  • Stop all servers using the shortcuts in the Start Menu or the graphical manager tool.

  • Create a compressed file with the stack contents. You can use a graphical tool like 7-Zip or WinZip or just right-click the folder, click "Send to", and select the "Compressed (zipped) folder" option.

  • Download or transfer the compressed file to a safe location.

  • Start all servers using the shortcuts in the Start Menu or the graphical manager tool.

Restore on Linux and Mac OS X

Follow these steps:

  • Change to the directory containing your backup:

    $ cd /your/directory
    
  • Stop all servers.

    $ sudo installdir/ctlscript.sh stop
    
  • Move the current stack to a different location:

    $ sudo mv installdir /tmp/bitnami-backup
    
  • Uncompress the backup file to the original directory:

    $ sudo tar -pxzvf application-backup.tar.gz -C /
    
  • Start all servers.

    $ sudo installdir/ctlscript.sh start
    
IMPORTANT: When restoring, remember to maintain the original permissions for the files and folders. For example, if you originally installed the stack as the root user on Linux, make sure that the restored files are owned by root as well.

Restore on Windows

  • Change to the directory containing your backup:

       $ cd /your/directory
    
  • Stop all servers using the shortcuts in the Start Menu or the graphical manager tool.

  • Uninstall the previous services by executing the following command:

        $ serviceinstall.bat
    
  • Create a safe folder named Backups in the desktop and move the current stack to it. Remember to replace PATH with the right location of your folder:

        $ move installdir \PATH\Backups
    
  • Uncompress the backup file using a tool like 7-Zip or Winzip or just double-click the .zip file to uncompress it, and move it to the original directory.
  • Install services by running the following commands from an elevated command prompt:

      $ cd installdir
      $ serviceinstall.bat INSTALL
    
  • Start all servers using the shortcuts in the Start Menu or the graphical manager tool.

How to upgrade the Bitnami SonarQube Stack?

It is strongly recommended that you create a backup before starting the update process. If you have important data, it is advisable that you try to create and restore a backup to ensure that everything works properly.

  • Create a directory to save all the data you need to backup.

     $ mkdir ~/sonarqube-backup (on Linux and Mac OS X)
     $ mkdir ~/sonarqube-backup/httpd
     $ mkdir ~/sonarqube-backup/sonarqube
    
  • Back up the bitnami_sonarqube database as described on the MySQL page.
  • Copy the Web server configuration and SonarQube configuration directories to your backup directory. You can use the commands below (on Linux and Mac OS X):

     $ sudo cp -rf installdir/apps/sonarqube/sonarqube/conf/* ~/sonarqube-backup/sonarqube
     $ sudo cp -rf installdir/apps/sonarqube/conf/* ~/sonarqube-backup/httpd
     $ sudo cp installdir/apache2/conf/server.crt ~/sonarqube-backup/httpd-ssl
     $ sudo cp installdir/apache2/conf/server.key ~/sonarqube-backup/httpd-ssl
     $ sudo cp installdir/apache2/conf/server-ca.crt ~/sonarqube-backup/httpd-ssl
    
  • Uninstall the previous Bitnami SonarQube Stack.
  • Download the latest version of the Bitnami SonarQube Stack and install it.
  • Restore the database backup as described on the MySQL page.
  • Update the contents of the installdir/apps/sonarqube/sonarqube/conf/sonar.properties and installdir/apps/sonarqube/sonarqube/conf/wrapper.conf files with the settings of the related files in the installdir/apps/sonarqube-backup/sonarqube/conf backup directory. To do so, use an editor to modify them with the old settings (web server URL, database, LDAP settings, …).

    NOTE: Edit the settings files manually. Do not copy-paste the old files.
  • Restore the Apache configuration files in the new SonarQube stack. You can use the commands below. Note that the second command will restore the server SSL certificates from your previous server, so only execute this command if required.

     $ sudo cp -rf sonarqube-backup/httpd/* installdir/apps/sonarqube/conf
     $ sudo cp sonarqube-backup/httpd-ssl/* installdir/apache2/conf
    
  • Check if the plugins installed on the old stack are compatible with the new version of SonarQube by consulting the SonarQube compatibility Matrix. If any of them are incompatible, you need to install manually the latest version of these plugins as described in the Manual Plugins installation instructions.
  • Restart SonarQube using the graphical manager or the command line script:

     $ sudo installdir/ctlscript.sh restart sonarqube
    
  • Browse to http://localhost/setup and follow the setup instructions.
  • Analyze your projects (and compute your Views if you are the owner of the governance product) to get fresh data.

Upgrade only SonarQube in the Bitnami SonarQube Stack

  • Browse to https://www.sonarqube.org/downloads/ and find the link for the latest version of SonarQube.
  • Download the latest version using the link obtained in the previous step. For example (for version 6.3), run the commands below (on Linux and Mac OS X):

      $ wget https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-6.3.1.zip
      $ unzip sonarqube-6.3.1.zip
    
  • Backup your current SonarQube installation. You can use the command below (on Linux and Mac OS X):

      $ sudo mv installdir/apps/sonarqube/sonarqube/ installdir/apps/sonarqube/sonarqube-backup/
    
  • Substitute your old installation with the new version. You can use the command below (on Linux and Mac OS X):

      $ sudo mv ~/sonarqube-6.3.1/ installdir/apps/sonarqube/sonarqube
    
  • Update the contents of the installdir/apps/sonarqube/sonarqube/conf/sonar.properties and installdir/apps/sonarqube/sonarqube/conf/wrapper.conf files with the settings of the related files in the installdir/apps/sonarqube-backup/sonarqube/conf backup directory. To do so, use an editor to modify them with the old settings (web server URL, database, LDAP settings, etc.).
NOTE: Edit the settings files manually. Do not copy-paste the old files.
  • Restore the permissions (Only on Linux and Mac OS X if the stack was installed as root).

      $ sudo chown -R root:sonarqube installdir/apps/sonarqube/sonarqube
    
  • Check if the plugins installed on the old stack compatible with the new version of SonarQube by consulting the Compatibility Matrix. If there is any of them that are incompatible, intall the latest version of the plugins manually as described in the Manual Plugins installation instructions.
  • Restart SonarQube using the graphical manager or the command line script:

     $ sudo installdir/ctlscript.sh restart sonarqube
    
  • Browse to http://localhost/setup and follow the setup instructions.
  • Analyze your projects (and compute your Views if you own the Governance product) to get fresh data.

How to enable HTTPS support with SSL certificates?

NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server.

Bitnami images come with SSL support already pre-configured and with a dummy certificate in place. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority.

Once you obtain the certificate and certificate key files, you will need to update your server to use them. Follow these steps to activate SSL support:

  • Use the table below to identify the correct locations for your certificate and configuration files.

    Variable Value
    Current application URL https://[custom-domain]/
      Example: https://my-domain.com/ or https://my-domain.com/appname
    Apache configuration file installdir/apache2/conf/bitnami/bitnami.conf
    Certificate file installdir/apache2/conf/server.crt
    Certificate key file installdir/apache2/conf/server.key
    CA certificate bundle file (if present) installdir/apache2/conf/server-ca.crt
  • Copy your SSL certificate and certificate key file to the specified locations.

    NOTE: If you use different names for your certificate and key files, you should reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the corresponding Apache configuration file to reflect the correct file names.
  • If your certificate authority has also provided you with a PEM-encoded Certificate Authority (CA) bundle, you must copy it to the correct location in the previous table. Then, modify the Apache configuration file to include the following line below the SSLCertificateKeyFile directive. Choose the correct directive based on your scenario and Apache version:

    Variable Value
    Apache configuration file installdir/apache2/conf/bitnami/bitnami.conf
    Directive to include (Apache v2.4.8+) SSLCACertificateFile "installdir/apache2/conf/server-ca.crt"
    Directive to include (Apache < v2.4.8) SSLCertificateChainFile "installdir/apache2/conf/server-ca.crt"
    NOTE: If you use a different name for your CA certificate bundle, you should reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in the corresponding Apache configuration file to reflect the correct file name.
  • Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands:

     $ sudo chown root:root installdir/apache2/conf/server*
    
     $ sudo chmod 600 installdir/apache2/conf/server*
    
  • Open port 443 in the server firewall. Refer to the FAQ for more information.

  • Restart the Apache server.

You should now be able to access your application using an HTTPS URL.

How to create an SSL certificate?

OpenSSL is required to create an SSL certificate. A certificate request can then be sent to a certificate authority (CA) to get it signed into a certificate, or if you have your own certificate authority, you may sign it yourself, or you can use a self-signed certificate (because you just want a test certificate or because you are setting up your own CA).

Follow the steps below for your platform.

Linux and Mac OS X

NOTE: OpenSSL will typically already be installed on Linux and Mac OS X. If not installed, install it manually using your operating system's package manager.

Follow the steps below:

  • Generate a new private key:

     $ sudo openssl genrsa -out installdir/apache2/conf/server.key 2048
    
  • Create a certificate:

     $ sudo openssl req -new -key installdir/apache2/conf/server.key -out installdir/apache2/conf/cert.csr
    
    IMPORTANT: Enter the server domain name when the above command asks for the "Common Name".
  • Send cert.csr to the certificate authority. When the certificate authority completes their checks (and probably received payment from you), they will hand over your new certificate to you.

  • Until the certificate is received, create a temporary self-signed certificate:

     $ sudo openssl x509 -in installdir/apache2/conf/cert.csr -out installdir/apache2/conf/server.crt -req -signkey installdir/apache2/conf/server.key -days 365
    
  • Back up your private key in a safe location after generating a password-protected version as follows:

     $ sudo openssl rsa -des3 -in installdir/apache2/conf/server.key -out privkey.pem
    

    Note that if you use this encrypted key in the Apache configuration file, it will be necessary to enter the password manually every time Apache starts. Regenerate the key without password protection from this file as follows:

     $ sudo openssl rsa -in privkey.pem -out installdir/apache2/conf/server.key
    

Windows

NOTE: OpenSSL is not typically installed on Windows. Before following the steps below, download and install a binary distribution of OpenSSL.

Follow the steps below once OpenSSL is installed:

  • Set the OPENSSL_CONF environment variable to the location of your OpenSSL configuration file. Typically, this file is located in the bin/ subdirectory of your OpenSSL installation directory. Replace the OPENSSL-DIRECTORY placeholder in the command below with the correct location.

     $ set OPENSSL_CONF=C:\OPENSSL-DIRECTORY\bin\openssl.cfg
    
  • Change to the bin/ sub-directory of the OpenSSL installation directory. Replace the OPENSSL-DIRECTORY placeholder in the command below with the correct location.

     $ cd C:\OPENSSL-DIRECTORY\bin
    
  • Generate a new private key:

     $ openssl genrsa -out installdir/apache2/conf/server.key 2048
    
  • Create a certificate:

     $ openssl req -new -key installdir/apache2/conf/server.key -out installdir/apache2/conf/cert.csr
    
    IMPORTANT: Enter the server domain name when the above command asks for the "Common Name".
  • Send cert.csr to the certificate authority. When the certificate authority completes their checks (and probably received payment from you), they will hand over your new certificate to you.

  • Until the certificate is received, create a temporary self-signed certificate:

     $ openssl x509 -in installdir/apache2/conf/cert.csr -out installdir/apache2/conf/server.crt -req -signkey installdir/apache2/conf/server.key -days 365
    
  • Back up your private key in a safe location after generating a password-protected version as follows:

     $ openssl rsa -des3 -in installdir/apache2/conf/server.key -out privkey.pem
    

    Note that if you use this encrypted key in the Apache configuration file, it will be necessary to enter the password manually every time Apache starts. Regenerate the key without password protection from this file as follows:

     $ openssl rsa -in privkey.pem -out installdir/apache2/conf/server.key
    

Find more information about certificates at http://www.openssl.org.

How to force HTTPS redirection?

Add the following to the top of the installdir/apps/sonarqube/conf/httpd-prefix.conf file:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

After modifying the Apache configuration files:

  • Open port 443 in the server firewall. Refer to the FAQ for more information.

  • Restart Apache to apply the changes.

How to debug Apache errors?

Once Apache starts, it will create two log files at installdir/apache2/logs/access_log and installdir/apache2/logs/error_log respectively.

  • The access_log file is used to track client requests. When a client requests a document from the server, Apache records several parameters associated with the request in this file, such as: the IP address of the client, the document requested, the HTTP status code, and the current time.

  • The error_log file is used to record important events. This file includes error messages, startup messages, and any other significant events in the life cycle of the server. This is the first place to look when you run into a problem when using Apache.

If no error is found, you will see a message similar to:

Syntax OK

How to find the database credentials?

  • Database username: root.
  • Database password: The password entered during the installation process.

How to connect to the MySQL database?

You can connect to the MySQL database from the same computer where it is installed with the mysql client tool.

$ mysql -u root -p

You will be prompted to enter the root user password. This is the same as the application password.

How to debug errors in your database?

The main log file is created at installdir/mysql/data/mysqld.log on the MySQL database server host.

How to change the MySQL root password?

You can modify the MySQL password using the following command at the shell prompt. Replace the NEW_PASSWORD placeholder with the actual password you wish to set.

$ installdir/mysql/bin/mysqladmin -p -u root password NEW_PASSWORD

How to reset the MySQL root password?

If you don't remember your MySQL root password, you can follow the steps below to reset it to a new value:

  • Create a file in /home/bitnami/mysql-init with the content shown below (replace NEW_PASSWORD with the password you wish to use):

     UPDATE mysql.user SET Password=PASSWORD('NEW_PASSWORD') WHERE User='root';
     FLUSH PRIVILEGES;
    

    If your stack ships MySQL v5.7.x, use the following content instead of that shown above:

     UPDATE mysql.user SET authentication_string=PASSWORD('NEW_PASSWORD') WHERE User='root';
     FLUSH PRIVILEGES;
    
    TIP: Check the MySQL version with the command installdir/mysql/bin/mysqladmin --version or installdir/mysql/bin/mysqld --version.
  • Stop the MySQL server:

     $ sudo installdir/ctlscript.sh stop mysql
    
  • Start MySQL with the following command:

     $ sudo installdir/mysql/bin/mysqld_safe --pid-file=installdir/mysql/data/mysqld.pid --datadir=installdir/mysql/data --init-file=/home/bitnami/mysql-init 2> /dev/null &
    
  • Restart the MySQL server:

     $ sudo installdir/ctlscript.sh restart mysql
    
  • Remove the script:

     $ rm /home/bitnami/mysql-init
    

How to change the MySQL root password in Windows?

You can modify the MySQL password using the following command at the shell prompt. Replace the NEW_PASSWORD placeholder with the actual password you wish to set.

installdir\mysql\bin\mysqladmin.exe -p -u root password NEW_PASSWORD

How to reset the MySQL root password in Windows?

If you don't remember your MySQL root password, you can follow the steps below to reset it to a new value:

  • Stop the MySQL server using the graphic manager tool. Refer to the how to start or stop the services section.
  • Check the MySQL version:

    installdir\mysql\bin\mysqladmin.exe –version

  • Create a file named mysql-init.txt with the content shown below depending on your MySQL version (replace NEW_PASSWORD with the password you wish to use):
    • MySQL 5.6.x or earlier:

       UPDATE mysql.user SET Password=PASSWORD('NEW_PASSWORD') 
       WHERE User='root';
       FLUSH PRIVILEGES;
      
    • MySQL 5.7.x or later:

       ALTER USER 'root'@'localhost' IDENTIFIED BY 'NEW_PASSWORD'; 
      
  • Start MySQL server with the following command. Remember to replace PATH with the location in which you have saved the mysql-init.txt file:

     installdir " installdir\mysql\bin\mysqld.exe" --defaults-file=" installdir\mysql\my.ini" --init-file="\PATH\mysql-init.txt" --console
    
    • The --init file option is used by the server for executing the content of the mysql-init.txt file at startup, it will change each root account password.
    • The --defaults-file option is specified since you have installed MySQL using the Bitnami installer.
    • The --console option (optional) has been added in order to show the server output at the console window rather than in the log file.
  • After some minutes, hit Ctrl-C to force the shutdown.
  • Restart the MySQL server from the graphic manager tool.
  • After the server has restarted successfully, delete the mysql-init.txt file.

How to enforce SonarQube security?

Authentication and Authorization.

In the Bitnami SonarQube Stack, user authenticaiton is activated by defatul using the users/groups mechanism. Refer to the First Step section in order to find the default credentials.

You can configure the SonarQube application to use a different authentication mechanism as described in the SonarQube's official authentication documentation.

You can also customize the User/Groups authorization settings along with the project and global permissions. Please refer to the SonarQube's official authorization documentation for more information.

Settings Encryption

SonarQube provides a mechanism to encrypt the settings, which is very useful for removing clear passwords and credentials from the configuration files.

By default, these settings are not encrypted in the Bitnami SonarQube Stack. It is strongly recommended to encrypt them in order to enforce the security of your application. Please folllow the steps described at SonarQube's official Encryption documentation in order to do so.

In order to configure outbound email, follow the steps below:

  • Log in to the SonarQube dashboard and click on the "Administration" tab.
  • Browse to the "Configuration -> General settings -> General" menu.
  • Under the "Email" section, fill out the required information. The settings below configure SonarQube to send emails through a Gmail account. Replace USERNAME and PASSWORD with your Gmail account username and password, respectively.

       SMTP port: 587
       SMTP host: smtp.gmail.com
       Secure connection: starttls
       SMTP password: PASSWORD
       SMTP username: USERNAME@gmail.com
    
  • Save the changes.
nativeInstaller