Merge pull request #1 from stakater-docker/add-dockerfile

Add dockerfile

Dockerfile

@@ -0,0 +1,55 @@
+FROM stakater/java-centos:7-1.8
+
+ENV SONAR_VERSION=7.1 \
+    SONARQUBE_HOME=/opt/app/sonarqube \
+    # Database configuration
+    # Defaults to using H2
+    SONARQUBE_JDBC_USERNAME=sonar \
+    SONARQUBE_JDBC_PASSWORD=sonar \
+    SONARQUBE_JDBC_URL=  \
+    CONF_MOUNT_PATH="/opt/app/tmp/conf/sonar.properties"
+
+# Comma separated list of Plugin URLS to install 
+ARG PLUGIN_URLS="https://github.com/vaulttec/sonar-auth-oidc/releases/download/v1.0.4/sonar-auth-oidc-plugin-1.0.4.jar"
+
+# Change to user root to install jdk, cant install it with any other user
+USER root 
+RUN yum install -y unzip && \
+    yum clean all
+
+RUN set -x \
+    # pub   2048R/D26468DE 2015-05-25
+    #       Key fingerprint = F118 2E81 C792 9289 21DB  CAB4 CFCA 4A29 D264 68DE
+    # uid                  sonarsource_deployer (Sonarsource Deployer) <[email protected]>
+    # sub   2048R/06855C1D 2015-05-25
+    && (gpg --keyserver ha.pool.sks-keyservers.net --recv-keys F1182E81C792928921DBCAB4CFCA4A29D26468DE \
+	    || gpg --keyserver ipv4.pool.sks-keyservers.net --recv-keys F1182E81C792928921DBCAB4CFCA4A29D26468DE) \
+    && curl -o sonarqube.zip -fSL https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-$SONAR_VERSION.zip \
+    && curl -o sonarqube.zip.asc -fSL https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-$SONAR_VERSION.zip.asc \
+    && gpg --batch --verify sonarqube.zip.asc sonarqube.zip \
+    && unzip sonarqube.zip \
+    && mv sonarqube-$SONAR_VERSION sonarqube \
+    && rm sonarqube.zip* \
+    && rm -rf $SONARQUBE_HOME/bin/*
+
+# Download plugins from list 
+RUN mkdir -p ${HOME}/downloads/plugins \
+    && cd ${HOME}/downloads/plugins \
+    && IFS=, read -ra pluginUrlList <<< "$PLUGIN_URLS" \
+    && for plugin_url in "${pluginUrlList[@]}"; \
+       do \
+         wget "${plugin_url}"; \
+       done
+
+RUN chown -R 10001 $SONARQUBE_HOME \
+      && chown -R 10001 ${HOME}/downloads/
+
+# Again using non-root user i.e. stakater as set in base image
+USER 10001
+
+# Http port
+EXPOSE 9000
+
+WORKDIR $SONARQUBE_HOME
+COPY run.sh $SONARQUBE_HOME/bin/
+ENTRYPOINT ["./bin/run.sh"]

Jenkinsfile

@@ -0,0 +1,7 @@
+#!/usr/bin/env groovy
+@Library('github.com/stakater/fabric8-pipeline-library@master') _
+
+pushDockerImage {
+    dockerRegistryURL = "docker.io"
+    imagePrefix = "7.1-jdk1.8-centos7"
+}

README.md

@@ -0,0 +1,16 @@
+# SonarQube Docker Image
+
+Docker Image for SonarQube with required plugins installed.
+
+
+## Plugins
+- OpenID Connect (https://github.com/vaulttec/sonar-auth-oidc)
+
+## Mounting config file
+Mount config files to `/opt/app/tmp/conf/` instead of the actual `${SONARQUBE_HOME}/conf` location in order to preserve the user's (10001) ownership.
+The start script will copy it to the actual location.
+
+Update the `CONF_MOUNT_PATH` variable if you need to change the name of the config file from `sonar.properties` to something else. 
+
+## Reference
+- https://github.com/SonarSource/docker-sonarqube

run.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+
+set -e
+
+if [ "${1:0:1}" != '-' ]; then
+  exec "$@"
+fi
+
+# Install plugins from download dir
+mv ${HOME}/downloads/plugins/* ${SONARQUBE_HOME}/extensions/plugins
+
+# Move conf from temp mount path to conf location
+if [ -f ${CONF_MOUNT_PATH} ];
+then
+  rm -f ${SONARQUBE_HOME}/conf/sonar.properties
+  mv ${CONF_MOUNT_PATH} ${SONARQUBE_HOME}/conf/
+fi
+
+exec java -jar lib/sonar-application-$SONAR_VERSION.jar \
+  -Dsonar.log.console=true \
+  -Dsonar.jdbc.username="$SONARQUBE_JDBC_USERNAME" \
+  -Dsonar.jdbc.password="$SONARQUBE_JDBC_PASSWORD" \
+  -Dsonar.jdbc.url="$SONARQUBE_JDBC_URL" \
+  -Dsonar.web.javaAdditionalOpts="$SONARQUBE_WEB_JVM_OPTS -Djava.security.egd=file:/dev/./urandom" \
+  "$@"