Version information
This version is compatible with:
- Puppet Enterprise 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
- , , ,
Start using this module
Add this module to your Puppetfile:
mod 'markt-sonarqube', '5.3.0'
Learn more about managing modules with a PuppetfileDocumentation
puppet-sonarqube
Table of Contents
Overview
A puppet module to install and configure SonarQube (former Sonar).
The main goal is compatibility with the latest LTS release of SonarQube. Older versions are not supported. However, newer versions should usually work too.
Usage
Basic usage
The minimum configuration should at least specify the desired version:
class { 'java': }
class { 'sonarqube':
version => '8.9.9.56886',
}
NOTE: The $version
parameter expects a 4 digit version number (1.2.3.4), which can be found on the SonarQube download page (hidden in the filename).
A more complex example could look like this:
class { 'java': }
class { 'sonarqube':
version => '8.9.9.56886',
edition => 'community',
user => 'sonar',
group => 'sonar',
service => 'sonar',
installroot => '/opt/sonar-install',
home => '/opt/sonar-data',
log_folder => '/var/log/sonar',
download_url => 'https://binaries.sonarsource.com/Distribution/sonarqube',
jdbc => {
url => 'jdbc:h2:tcp://localhost:9092/sonar',
username => 'sonar',
password => 'secretpassword',
},
web_java_opts => '-Xmx1024m',
updatecenter => 'true',
http_proxy => {
host => 'proxy.example.com',
port => '8080',
ntlm_domain => '',
user => '',
password => '',
non_proxy_hosts => 'localhost|127.*|[::1]',
},
sso => {
enable => 'true',
emailheader => 'X-Forwarded-Email',
groupsheader => 'X-Forwarded-Groups',
loginheader => 'X-Forwarded-Login',
nameheader => 'X-Forwarded-Name',
refreshintervalinminutes => '5',
}
}
SonarQube Plugins
The sonarqube::plugin
defined type can be used to install SonarQube plugins. Plugins are available from many different sources, so this module supports multiple download sources as well. It will also purge old plugin versions.
A plugin can be removed by setting the parameter ensure
to absent
.
Probably the best source for plugins is SonarSource. To download and install one of these plugins, use the following example:
sonarqube::plugin { 'sonar-kotlin-plugin':
version => '1.7.0.883',
}
Be sure to use the full version number as demonstrated in this example. Check https://binaries.sonarsource.com/Distribution/ and https://docs.sonarqube.org/latest/analysis/languages/overview/ for a list of available plugins.
If the plugin is hosted on GitHub, then you only need to provide a GitHub identifier, which is essentially a combination of the GitHub username and project name:
sonarqube::plugin { 'checkstyle-sonar-plugin':
version => '4.31',
ghid => 'checkstyle/sonar-checkstyle',
}
Note that the GitHub project must provide jar files for its releases. Otherwise the download is prone to fail.
If none of these methods work, you may also specify a direct download URL, which should be seen as a last resort:
sonarqube::plugin { 'sonar-detekt':
version => '2.0.0',
url => 'https://github.com/detekt/sonar-kotlin/releases/download/sonar-detekt-2.0.0.jar',
}
Note that in this case the filename must exactly match the plugin name and version, otherwise this will not work.
Finally the old way to install plugins using Maven is still available, but it requires to set the $legacy
parameter:
class { 'maven::maven': }
sonarqube::plugin { 'sonar-javascript-plugin':
legacy => true,
groupid => 'org.sonarsource.javascript',
version => '2.10',
}
The defunct maestrodev/puppet-maven
module is required to make this work. And it is most likely not very useful on newer versions of SonarQube and may be removed in future versions of this module. (Please open an issue on GitHub if you think this is still useful.)
LDAP Configuration
The sonarqube
class provides an easy way to configure security with LDAP, Crowd or PAM. Here's an example with LDAP:
$ldap = {
url => 'ldap://myserver.mycompany.com',
user_base_dn => 'ou=Users,dc=mycompany,dc=com',
local_users => ['foo', 'bar'],
}
class { 'java': }
-> class { 'sonarqube':
ldap => $ldap,
version => '8.9.9.56886'
}
# Do not forget to add the SonarQube LDAP plugin that is not provided out of
# the box on SonarQube versions older than 8.0. Same thing with Crowd or PAM.
sonarqube::plugin { 'sonar-ldap-plugin':
version => '2.2.0.608',
}
Reference
Classes and parameters are documented in REFERENCE.md.
Development
Contributing
Please use the GitHub issues functionality to report any bugs or requests for new features. Feel free to fork and submit pull requests for potential contributions.
All contributions must pass all existing tests, new features should provide additional unit/acceptance tests.
License
Copyright 2019-2022 markt.de GmbH & Co. KG
Copyright 2011-2013 MaestroDev, Inc
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Reference
Table of Contents
Classes
Public Classes
sonarqube
: Install and configure SonarQube and additional componentssonarqube::runner
: Install and configure SonarQube Runner
Private Classes
sonarqube::config
: Configure SonarQubesonarqube::install
: Install SonarQube packagesonarqube::runner::config
: Configuration of SonarQube Runnersonarqube::runner::install
: Installation of SonarQube Runnersonarqube::service
: Setup SonarQube service
Defined types
sonarqube::move_to_home
: Symlink a folder to SonarQube's installation directorysonarqube::plugin
: Manage SonarQube plugins: download, install, remove.
Classes
sonarqube
Install and configure SonarQube and additional components
Parameters
The following parameters are available in the sonarqube
class:
arch
ce_java_opts
ce_workercount
config
context_path
crowd
download_dir
download_url
edition
group
home
host
http_proxy
https
installroot
jdbc
ldap
log_folder
distribution_name
pam
plugin_tmpdir
port
portajp
profile
search_host
search_java_opts
search_port
service
sso
manage_service
updatecenter
pidfile
user
user_system
version
web_java_opts
search_java_additional_opts
helper_dir
system_passcode
arch
Data type: String
Specifies the architecture of the installation archive that should be downloaded. Default: Automatically selected depending on the OS architecture.
ce_java_opts
Data type: Optional[String]
Optional JVM options for the Compute Engine.
Default value: undef
ce_workercount
Data type: Optional[Integer]
The number of workers in the Compute Engine.
Default value: undef
config
Data type: Optional[String]
Allow to specify an alternative SonarQube configuration, effectively
replacing all contens of sonar.properies
.
Default value: undef
context_path
Data type: String
Specifies the context path for the application.
crowd
Data type: Hash
Specifies whether the Crowd plugin should be enabled.
Default: false
download_dir
Data type: Stdlib::Absolutepath
The directory where the SonarQube installation archive should be stored.
download_url
Data type: String
The URL from which the SonarQube installation archive should be downloaded.
edition
Data type: String
Specifies the edition of SonarQube that should be installed.
Default: community
group
Data type: String
The group for the SonarQube application.
home
Data type: String
SonarQube's data directory.
host
Data type: Optional[String]
Specifies the listen address for SonarQube.
Default value: undef
http_proxy
Data type: Hash
Specifies the HTTP Proxy that should be used for SonarQube's Update Center or connection to devops platforms.
https
Data type: Hash
Specifies the required configuration to enable HTTPS support.
installroot
Data type: Stdlib::Absolutepath
Specifies the base directory where SonarQube should be installed. A new subdirectory for each version of SonarQube will be created.
jdbc
Data type: Hash
Specifies the database configuration for SonarQube.
ldap
Data type: Hash
Specifies the required configuration to enable LDAP authentication.
log_folder
Data type: Stdlib::Absolutepath
Specifies the log directory for SonarQube.
distribution_name
Data type: String
Specifies the basename of the SonarQube archive.
pam
Data type: Hash
Specifies the required configuration to enable PAM authentication.
plugin_tmpdir
Data type: Stdlib::Absolutepath
Specifies the temporary download directory for plugin files. This defaults
to /tmp
. Changing it to something else would eleminate the need to
download plugin files again after /tmp
was purged.
port
Data type: Integer
Specifies the TCP port for SonarQube.
portajp
Data type: Integer
Specifies the port to use for the AJP communication protocol.
profile
Data type: Boolean
Specifies wether profiling should be enabled for SonarQube.
search_host
Data type: String
Specifies the IP/hostname of the Elasticsearch server.
search_java_opts
Data type: Optional[String]
Optional JVM options for the Elasticsearch server.
Default value: undef
search_port
Data type: Integer
Specifies the TCP port of the Elasticsearch server.
service
Data type: String
Specifies the name of the SonarQube system service.
sso
Data type: Optional[Hash]
Enable authentication using HTTP headers.
Default value: undef
manage_service
Data type: Boolean
If this module should create and mange the service configuration. Defaults to true
updatecenter
Data type: Boolean
Specifies whether to enable the Update Center.
pidfile
Data type: String
Specifies the name of the PID file.
user
Data type: String
The user for the SonarQube application.
user_system
Data type: Boolean
Specifies whether the SonarQube user should be a system user.
version
Data type: String
Specifies the version of SonarQube that should be installed/updated. Expects a 4 digit version number (1.2.3.4), which can be found on the SonarQube download page.
web_java_opts
Data type: Optional[String]
Optional JVM options for SonarQube's web server.
Default value: undef
search_java_additional_opts
Data type: Optional[String]
Optional JVM options for embedded elasticsearch server.
Default value: undef
helper_dir
Data type: Stdlib::Absolutepath
Specifies the directory for Sonarqube Helper scripts.
system_passcode
Data type: Optional[String]
Optional system_passcode setting for monitoring.
Default value: undef
sonarqube::runner
Install and configure SonarQube Runner
Parameters
The following parameters are available in the sonarqube::runner
class:
distribution_name
Data type: String
Specifies the basename of the installation archive.
download_url
Data type: String
The URL from which the installation archive should be downloaded.
installroot
Data type: Stdlib::Absolutepath
Specifies the base directory where it should be installed. A new subdirectory for each version will be created.
jdbc
Data type: Hash
Specifies the database configuration.
sonarqube_server
Data type: String
The URL for the default SonarQube server.
version
Data type: String
Specifies the version that should be installed/updated.
Defined types
sonarqube::move_to_home
Symlink a folder to SonarQube's installation directory
Parameters
The following parameters are available in the sonarqube::move_to_home
defined type:
home
Data type: Stdlib::Absolutepath
SonarQube's data directory.
sonarqube::plugin
Manage SonarQube plugins: download, install, remove.
Parameters
The following parameters are available in the sonarqube::plugin
defined type:
artifactid
Data type: String
Namevar. Specifies the name of the plugin.
Default value: $name
ensure
Data type: Enum['present','absent']
Specifies the ensure state for the plugin.
Default: present
Default value: present
ghid
Data type: Optional[String]
Specifies a combination of a GitHub username and project name,
for example myuser/sonar-exampleplugin
. This is used to generate
the download URL.
Default value: undef
groupid
Data type: String
Specifies the groupid to use with maven.
Default value: 'org.codehaus.sonar-plugins'
legacy
Data type: Boolean
Install plugin using Maven. May not work with recent versions.
Default value: false
url
Data type: Optional[String]
A direct download URL that points to the .jar file for the specified plugin.
The filename must match the values of $name
and $version
, otherwise the
cleanup script may malfunction.
Default value: undef
version
Data type: String
Specifies the version of the plugin. This is also required to find and purge old plugin versions.
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
5.3.0 - 2023-08-08
Changed
- Update module dependencies and Puppet version requirements
- Update PDK to 3.0.0
Fixed
- Fix GitHub Actions (unit+acceptance tests)
5.2.0 - 2023-07-11
Added
5.1.0 - 2023-01-04
Added
- Add new parameter
$helper_dir
(#27)
Changed
- Increase NOFILE and NPROC service limits (#25)
- Increase MAX_MAP_COUNT service limit (#26)
- Run acceptance tests with latest version 9.8.0
Fixed
- Fix setting PID file location on SonarQube 9.6 and later (#24)
5.0.0 - 2022-10-31
This is a new major release and contains breaking changes. Of note is the
new requirement to specify the $version
parameter using SonarQubes
4 digit version number.
Added
- Add support for the
ldap.StartTLS
parameter (#20) - Add new parameter
$search_java_additional_opts
(#21) - Add new parameter
$pidfile
for backwards compatibility (#23)
Changed
- Remove default value for
$version
parameters - Use
ensure_packages
to prevent duplicate declaration (#18) - Add Puppet header to files (#22)
- Update OS support and dependencies
- Update to PDK 2.5.0
- Move acceptance tests to GitHub Actions
- Run acceptance tests with LTS version 8.9.9
Fixed
- Fix unit tests & acceptance tests
- Fix puppet-lint offenses
Deprecated
- Installing plugins from SonarSource is deprecated
Removed
- Remove acceptance tests for LDAP configurations (requires a working LDAP server)
4.2.0 - 2021-10-27
Added
- Add support for SSO authentication (#12)
Changed
- Replace legacy init.d with systemd service
- Update
$sonarqube::version
to current LTS version
Fixed
- Fix service enable on Debian 10 (#14)
- Service template not found when using a custom value for
$sonarqube::service
(#8)
Removed
- Remove legacy init.d file
4.1.0 - 2021-09-08
Added
Changed
- Update list of supported Puppet and operating system releases
- Bump module dependency versions
Fixed
- Fix typos in README (#10)
Removed
- Remove support for EOL operating system releases
4.0.0 - 2020-05-15
This is a new major release in an ongoing effort to modernize the module. NOTE: The change of the PID file could cause issues; it is recommended to update SonarQube to a new version while deploying this module version to ensure that the startup script uses the new PID file.
Added
- Enable unit/acceptance tests on Travis CI
- Add unit/acceptance tests for plugin management
- Add support for RHEL/CentOS 8, Ubuntu 20.04
- Add new ways to download plugins: SonarSource, GitHub, direct download URL
Changed
- Change default of
$version
to 7.9 (current LTS version) - Change name of PID file in systemd service (requires the bundled sonar.sh)
- Rename
$package_name
to$distribution_name
- Enforce Puppet 4 data types
- Migrate
params.pp
to Hiera module data - Replace dependency
puppet/wget
withpuppet/archive
(#4) - Convert templates from ERB to EPP
- Convert to Puppet Strings
- Declare classes private, remove class parameters from private classes
- Split main class into
sonarqube::install
,sonarqube::config
andsonarqube::service
Fixed
- Fix for error "missing property sonar.embeddedDatabase.port" (md#76)
- Fix name of PID file on recent versions of SonarQube
- Assorted style fixes
- Fix unit/acceptance tests
- Fix very old bugs that were uncovered by the resurrected tests
Removed
- Officially drop support for SonarQube <7.0
- Remove JDBC_URL from config for embedded database (avoids a SonarQube warning)
- Remove template for sonar.sh (use the one that comes bundled with SonarQube)
- Remove dependency on defunct
maestrodev/puppet-maven
module
3.1.0 - 2020-04-20
Changed
- Update OS compatibility: drop SLES and Solaris
Fixed
- Fix startup error: move sysctl handling to systemd service (#2)
3.0.0 - 2019-10-23
This is the first release after forking the module. It should be possible to migrate from maestrodev/sonarqube to this version with only minor modifications.
Changed
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/75
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/78
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/80
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/81
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/89
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/92
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/95
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/96
- Apply PR https://github.com/maestrodev/puppet-sonarqube/pull/97
- Convert to PDK
- Update dependencies, os support and requirements
Fixed
- Fixes for SonarQube 7.9 LTS (#1)
Dependencies
- puppet/archive (>=6.0.0 <8.0.0)
- puppetlabs/java (>=8.0.0 <11.0.0)
- puppetlabs/stdlib (>=8.0.0 <10.0.0)
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.