Sonarqube setup on Kubernetes

Static code analysis

SonarQube is an open source platform to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 25+ programming languages including Java, C#, JavaScript, TypeScript, C/C++, COBOL and more.

Let’s setup sonarqube on Kubernetes

Git repo : https://github.com/harsh4870/sonarqube-kubernetes

apiVersion: certmanager.k8s.io/v1alpha1
	kind: ClusterIssuer
	metadata:
	  name: sonarqube
	spec:
	  acme:
	    server: https://acme-v02.api.letsencrypt.org/directory
	    email: [email protected]
	    privateKeySecretRef:
	      name: sonarqube
	    http01: {}
	---
	apiVersion: v1
	kind: Service
	metadata:
	  name: sonarqube-service
	spec:
	  selector:
	    app: sonarqube
	  ports:
	  - protocol: TCP
	    port: 9000
	    targetPort: 9000
	---
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	  labels:
	    app: sonarqube
	  name: sonarqube
	spec:
	  replicas: 1
	  template:
	    metadata:
	      labels:
	        app: sonarqube
	    spec:
	      containers:
	        - name: sonarqube
	          image: sonarqube:7.1
	          resources:
	            requests:
	              memory: "1200Mi"
	              cpu: .10
	            limits:
	              memory: "2500Mi"
	              cpu: .50
	          volumeMounts:
	          - mountPath: "/opt/sonarqube/data/"
	            name: sonar-data
	          - mountPath: "/opt/sonarqube/extensions/"
	            name: sonar-extensions
	          env:
	          - name: "SONARQUBE_JDBC_USERNAME"
	            value: "root"  #Put your db username
	          - name: "SONARQUBE_JDBC_URL"
	            value: "jdbc:mysql://<My-IP>:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true" #DB URL
	          - name: "SONARQUBE_JDBC_PASSWORD"
	            valueFrom:
	              secretKeyRef:
	                name: sonarqube-mysql-secret
	                key: password
	          ports:
	          - containerPort: 9000
	            protocol: TCP
	      volumes:
	      - name: sonar-data
	        persistentVolumeClaim:
	          claimName: sonar-data
	      - name: sonar-extensions
	        persistentVolumeClaim:
	          claimName: sonar-extensions
	---
	kind: PersistentVolumeClaim
	apiVersion: v1
	metadata:
	  name: sonar-extensions
	spec:
	  accessModes:
	    - ReadWriteOnce
	  resources:
	    requests:
	      storage: 5Gi
	---
	kind: PersistentVolumeClaim
	apiVersion: v1
	metadata:
	  name: sonar-data
	spec:
	  accessModes:
	    - ReadWriteOnce
	  resources:
	    requests:
	      storage: 5Gi
	

	---
	apiVersion: extensions/v1beta1
	kind: Ingress
	metadata:
	  name: sonar-ingress
	  annotations:
	    kubernetes.io/ingress.class: "nginx"
	    certmanager.k8s.io/cluster-issuer: sonarqube
	    nginx.ingress.kubernetes.io/ssl-redirect: "true"
	    nginx.ingress.kubernetes.io/proxy-body-size: "20m"
	spec:
	  tls:
	  - hosts:
	    - sonar.example.com
	    secretName: sonarqube
	  rules:
	  - host: sonar.example.com
	    http:
	      paths:
	      - backend:
	          serviceName: sonarqube-service
	          servicePort: 9000
	---
	apiVersion: v1
	kind: Secret
	metadata:
	  name: sonarqube-mysql-secret
	type: Opaque
	data:

	  password: eHGpMdsnaEsdfNnVNLjKv==

Update YAML file deployment with database URL, Secret and ingress object with the domain.

Apply YAML file configuration to Kubernetes

Kubectl apply -f sonar-kubernetes.yaml