SonarQube - change databases default passwords

SonarQube Server / Community Build
, ,
1

Hello,

I’m reaching out to you with a problem regarding JDBC, Postres passwords. I started to add some projects to SonarQube but I haven’t changed the default passwords to the databases.

Is there a way to change SONAR_JDBC_PASSWORD, POSTGRES_PASSWORD afterwards, just to get it more secure?

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    SonarQube - 8.9
    Docker compose yml

  • what are you trying to achieve
    Change SONAR_JDBC_PASSWORD, POSTGRES_PASSWORD default passwords after I already analysed projects inside SonarQube.

  • what have you tried so far to achieve this
    Trying to change JDBC, Postgres passwords

For Postgres

  1. Access postgres db container & connect to the database with user sonar
  2. Change username password using \password sonar
  3. Update docker .yml with the new password and restart SonarQube
    Result: db connection failed

For JDBC

  1. Open h2 shell using java -cp h2-1.3.176.jar org.h2.tools.Shell and update Driver, URL, user, password
  2. Update docker .yml with the new password and restart SonarQube
    Result: db connection failed

I will appreciate any help to change these passwords.

2

Hi @SprOS and welcome to the community :wave:

i am not really sure what you are trying to do with the h2 database or what exactly you mean with docker.yml, so it would be great if you could elaborate a little about your setup and configuration.

in general when you want to change the database password the process for docker-compose (i assume this because you were mentioning a docker.yml) is as follows:

  • shutdown sonarqube
  • change database password on your database
  • update SONAR_JDBC_PASSWORD in your docker-compose.yml
  • let docker-compose restart the container.

SQ is persisting all data in the connected database, so you are free to change your DBMS username/password as often as you like.
Moving from the embedded database (h2) to postgres on the other hand is unsupported.

hope that helps

3

Hi @Tobias_Trabelsi, thanks for your reply.

I successfully updated postgres password using psql and updated both POSTGRES_PASSWORD and SONAR_JDBC_PASSWORD.