If you need to...
- Build a new AMI image, go for Packer section
- Test a new image build locally (before deploying to AWS), go for Vagrant section
- Change Sonar configuration before testing locally, go for Sonar configuration section
- Change how to OS behaves, go for Ansible section
- Deploy a new instance of Sonar >> Go for Deploying a new Sonar
The ansible roles listed below will configure Sonar. The plugins this Sonar uses can be found at: ansible_config/roles/ansible-role-sonar/defaults/main.yml
.
Packer is a tool to create an image (AMI on AWS)
IMPORTANT! Make sure following line on file ansible_config/roles/ansible-role-sonar/default/main.yml
is like this before creating your new image with Packer. Using 0.0.0.0 is only for personal testing:
sonar_web_host: 127.0.0.1
Running packer:
packer build -var AWS_VARS_HERE packer_config.json
Checkout the file packer_config.json
to see how packer will create your SO image and AWS instructions for it
Ansible is a tool to configure our OS as we want it to be.
You can run ansible with: ansible playbook site.yml
. See examples at Vagrantfile
and packer_config.json
The main file for this folder is ansible_config/site.yml
. This file calls all the roles in "roles" folder
The roles folder has the Ansible configuration for:
- Add Java PPA
- Role - Install Java JDK 8
- Role - Install Sonar (with plugins)
- Role - Install HAProxy to handle the server TLS
Vagrantfile is used to local tests only. This is a pre-step before creating the image on AWS with Packer
IMPORTANT! For you new Vagrant image to work locally, go to file ansible_config/roles/ansible-role-sonar/default/main.yml
and change the following line to be:
sonar_web_host: 0.0.0.0
-
Have vagrant installed (like sudo apt install vagrant) and Oracle's VirtualBox
-
How to run: navigate to root of this repo and run
sudo vagrant up
. After everything is complete, it will create a Sonar acessible from your host machine atlocalhost:5555
andlocalhost:6666
This will create a virtual machine and will install everything listed on the Vagrantfile
-
How to SSH into the created machine: run
sudo vagrant ssh
-
How to destroy the VM: run
sudo vagrant destroy
Once you need to change configurations and deploy a new Sonar instance, you should:
- Test your configurations manually. Once everything is set
- Apply your configurations the same way you did manually but now using Ansible and its roles
- Test it locally using Vagrant. Once everything is set
- Use packer to build your new image at AWS
- Create a new VM pointing to your external IP
Once you have your machine up and running, connect through SSH to perform the last manual steps: TLS and SSO Google authentication:
- Generate the .pem certificate file with
cat cert1.pem privkey1.pem > fullkey.pem
. Remember to remove the empty row that is kept inside the generated fullkey.pem between the two certificates. To look at the file usecat fullkey.pem
- Move the generated file to folder
/home/ubuntu/sonar/
- Restart HAProxy with
sudo service haproxy restart
You'll only have to perform the following tasks if you have changed the database on the backend. All the data is stored in the database. 4. Log in to jenkins using regular admin credentials. Go to "Administration" > "Configuration" > "Security". And fill in the following information (like in the image below):
- Enabled = true
- OAuth Client ID = your-Google-generated-URL.apps.googleusercontent.com
- OAuth Client Secret = googleS3cr3t
- Allowed domain = mysonar.com
- Force user authentication: true
- Save. Then Logout from the admin user, and login once again with your regular @mysonar.com user
- Do not forget to keep
?sslmode=require&gssEncMode=disable
in the end of your connection string when passing the parameter to Ansible on Vagrantfile or packerfile. It's important to avoid a bug between Sonar 8.5+ and Azure Postgres Services