GKE one click deploying SonarQube issue

I’m using SonarQube 8.5. I just finished installing SonarQube in GKE with the one click deploy option. In order to install sonar scanner, do I need to ssh into the sonarqube service cluster IP?

Also, what would be the best way to ingest message from a pubsub subscribed topic into SonarQube?


Hello @zacktzeng and welcome to the community :wave:

so just for me to understand your question; your sonarqube instance is up and running and want to have information on where to get the scanner and how to scan your project?
If this is the case, you can find information about this in our docs here. we also offer some integrations into several CI/CD tool like jenkins or gitlab ci.

hope that helps

Thank you for the reply Tobias! Yes I used the one click deploy in GKE for SonarQube so now the cluster and the infrastructure is already set up inside the cluster. I need assistance on integrating the pubsub from GCP and SonarQube’s source code ingestion. I only found information about configuring local source codes on the SonarQube machine. Do you know which pod within the cluster I should unzip and install the SonarScanner?

Hi @zacktzeng ,

thanks for explaining your situation and setup.

you can get the scanner from the page that i linked in my previous post if the code that you want to analyze is not build by maven/gradle or any c derivative. if you are already building with maven or gradle you can pass a sonarqube stage in there and the scanner will automatically loaded from maven central. the general setup can be explained with this image here

As you can see the sonar-scanner should be available in your CI/CD infrastructure and your CI/CD infrastructure needs to be able to communicate to your sonarqube instance via http(s). in SQ you just need to create a project (simpler if you have a ALM configured) and pass the information from the creation wizard to your pipeline.

hope that answers your question

Thank you! I just have one more question. A lot of people install SonarQube in their local machine, and the directories of the installed SonarQube can be easily accessed. If I install SonarQube in GKE, in order to configure my project, install sonarscanner, will I need to somehow “ssh” into the pod that installs the actual SonarQube software and perform necessary downloads there? Can you share how I would do that?

Thanks a lot!

no this is not needed. you only need to access the web ui and configure your projects there

But in the SonarScanner document, it says Create a configuration file in your project's root directory called sonar-project.properties. Is it referring to the root directory in the web ui as well?

For example, this image:

The configuration file for the scanner should be at the root of your source code repository.

one possible workflow could be like this:

user commits to SCM → CI/CD pipeline starts to build and test → during this run the sonar scanner is triggered → the scanner looks for issues in the code and reports the findings to your sonarqube instance → depending on the code and the quality gate the pipeline step will pass or fail and report back to the SCM to let the developer know.

as there are properties used by the scanner that don’t change much like the sonar.host or sonar.projectKey, they can be stored in the SCM as well to ease the configuration of your CI/CD pipeline (treat the sonar.login as a secret thou). This is optional btw. as you can see from the command in the setup wizzard, you can also just pass them via parameters every time.

Oh that’s interesting. Having the configuration for scanner in the source code itself. If I don’t integrate SonarQube with any SCM, and with the GKE setup, I’ll have to access the container that runs the actual SonarQube software and configure the sonar-scanner.properties, right?

if you don’t integrate with any SCM and just want to run a scan, you can do it from anywhere you want. basically install the sonar-scanner of your choice and run the command that is displayed from the setup wizzard. we also offer a docker image for the scanner-cli.
sonarqube and the scanners are separate software components

That’s good to know. I guess the scanner and the sonarqube software itself can be installed in two different environments. In this case, will the source code be stored with SonarQube or SonarScanner?

you scan the code with the scanner and you can view the issues/findings and the code in sonarqube via the web ui