How to Upgrade SonarQube: A Comprehensive Guide

Upgrading SonarQube™ is critical to leveraging the latest features, security enhancements, and performance improvements. This guide will walk you through upgrading SonarQube™ safely and efficiently. This guide has been tested on our SonarQube™ custom images available in the AWS and Azure MarketPlaces.

Prerequisites

Before starting the upgrade, ensure you have:

1. A Backup: Always back up your SonarQube database and the $SONARQUBE_HOME directory. You could also take a snapshot of the VM instance using your Cloud providers management console.
2. Administrative Access: Ensure you have the necessary permissions to install and configure software on your server.
3. A Plan: Schedule the upgrade during a maintenance window to minimize the impact on your users.

Step-by-Step Upgrade Guide

Step 1: Review the Release Notes

Before upgrading, read the release notes of the new version of SonarQube. This will help you understand the new features, deprecated features, and any breaking changes. Release notes can be found here

Step 2: Run our SonarQube upgrade script

The following bash script will assist you with the upgrade process. As mentioned, this is customized to those using our AWS and Azure MarketPlace images.

#!/bin/bash
# This script is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.

current_date=$(date "+%d%m%Y%H%M%S")

pgbackup(){

    config_file="/opt/sonarqube/conf/sonar.properties"

    # Database credentials
    DB_NAME=$(grep -E '^[[:space:]]*[^#]*sonar.jdbc.url=' "$config_file" | awk -F'/' '{print $NF}' | xargs)
    DB_USER=$(grep -E '^[[:space:]]*[^#]*sonar.jdbc.username=' "$config_file" | awk -F'=' '{print $2}' | xargs)
    DB_PASS=$(grep -E '^[[:space:]]*[^#]*sonar.jdbc.password=' "$config_file" | awk -F'=' '{print $2}' | xargs)
    DB_HOST="localhost"

    # Backup directory
    BACKUP_DIR="/opt"
    BACKUP_FILENAME="backup_$current_date.sql"

    export PGPASSWORD=$DB_PASS

    # Command to perform the backup
    pg_dump -h "$DB_HOST" -U "$DB_USER" -d "$DB_NAME" -F c -b -v -f "${BACKUP_DIR}/${BACKUP_FILENAME}"

    # Check the success of the backup operation
    if [ $? -eq 0 ]; then
        echo "Postgresql Backup was successful: ${BACKUP_DIR}/${BACKUP_FILENAME}"
    else
        echo "Postgresql Backup failed"
        exit 1
    fi

    # Unset the password variable
    unset PGPASSWORD

}

current_version(){
    cver=$(cat /opt/sonarqube/bin/linux-x86-64/sonar.sh |grep COMMAND_LINE= | grep -oP 'sonar-application-\K\d+\.\d+\.\d+\.\d+(?=.jar)')
}

new_version(){
    wget -q https://www.sonarsource.com/products/sonarqube/downloads/success-download-community-edition/ -O /tmp/index.html
    nver=$(grep -o 'sonarqube-[0-9.]*\.zip' /tmp/index.html | awk -F'-' '{print substr($0, length($1)+2, length($0)-length($1)-length("..zip"))}')
}

upgrade_start(){

    if [[ $cver < $nver ]]; then
        echo "=================================================================="
        echo "SonarQube Upgrade Script"
        echo "=================================================================="
        echo "Your Current Version: $cver"
        echo "Available Version: $nver"
        echo "Am going to attempt upgrading your SonarQube installation, Please test this in a lab before doing it on a live system"
        echo "Make sure you have taken the necessary backups of your system."
        read -p "Press Enter to continue..."
        read -p "Last chance, press Enter to continue..."
        echo "Shutting down SonarQube"
        systemctl stop sonar.service
        sleep 10
        echo "downloading sonarqube from https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-$nver.zip"
        curl -o /tmp/sonarqube-$nver.zip https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-$nver.zip
        if [ $? -ne 0 ]; then
            echo "Download failed. Exiting the script."
            exit 1
        fi
        echo "File downloaded successfully to /tmp/sonarqube-$nver.zip"
        echo "Backing up existing sonarqube installation"
        mv /opt/sonarqube /opt/sonarqube-backup-$current_date
        echo "Extracting downloaded Sonarqube"
        unzip -o /tmp/sonarqube-$nver.zip -d /tmp/
        mv /tmp/sonarqube-$nver /opt/sonarqube
        echo "Copying database connection string from old installation"

        temp_file="$(mktemp)"
        grep -e '^sonar.jdbc.username=' -e '^sonar.jdbc.password=' -e '^sonar.jdbc.url=' "/opt/sonarqube-backup-$current_date/conf/sonar.properties" > "$temp_file"

        awk -v line="# User credentials." -v file="$temp_file" '
            {print}
            $0 == line {while ((getline < file) > 0) print}
        ' "/opt/sonarqube/conf/sonar.properties" > "/opt/sonarqube/conf/sonar.properties.tmp" && mv "/opt/sonarqube/conf/sonar.properties.tmp" "/opt/sonarqube/conf/sonar.properties"

        rm "$temp_file"

        chown -R sonar:sonar /opt/sonarqube
        chmod -R 755 /opt/sonarqube

        sleep 5
        echo "Restarting Sonarqube"
        systemctl restart sonar.service
        sleep 10
        echo "Upgrade tasks complete!"
        echo "==========================================================================="
        echo ""
        echo "   visit http://your.sonar.ip.or.hostname:9000/setup to complete upgrade   "
        echo ""
        echo "==========================================================================="

    else
        echo "You seem to already be running the latest SonarQube, exiting..."
        exit 1
    fi


}

pgbackup
current_version
new_version
upgrade_start

Copy this script to the SonarQube server and run it. The script will;

• Try to backup the PostgreSQL database
• Attempt to detect the latest version of SonarQube
• Download and Install the latest version of SonarQube

Step 9: Post-Upgrade Tasks

1. Visit http://your.sonar.ip.or.hostname:9000/setup to complete the upgrade
2. Re-index Projects: Depending on the upgrade, you might need to re-index your projects.
3. Test Functionality: Ensure that all the critical functionalities are working as expected.
4. Monitor Performance: Keep an eye on performance and logs for any anomalies.

Troubleshooting

If you encounter issues during the upgrade:

• Check Logs: Review the SonarQube logs located in the logs directory.
• Revert to Backup: If necessary, revert to your backup and troubleshoot in a staging environment.

Conclusion

Upgrading SonarQube is a straightforward process if you follow these steps carefully. Regular upgrades ensure you benefit from the latest features and security improvements. Always test the upgrade in a staging environment before applying it to production.

By following this guide, you can ensure a smooth and successful upgrade of your SonarQube instance. Happy upgrading!

Disclaimer:

SonarQube™ and other related trademarks such as Sonar™, SonarSource™, SonarLint™, and SonarCloud™ are trademarks or registered trademarks of SonarSource. This article is not affiliated with or endorsed by SonarSource. The information provided here is intended for educational and informational purposes only.