chore(release): 1.1.4

Set ES parameters (files, processes...)

.gitignore

@@ -6,6 +6,7 @@ __pycache__
 .molecule
 .cache
 .venv
+.scannerwork
 
 *.iml
 .idea

CHANGELOG.md

@@ -2,6 +2,30 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [1.1.4](https://git.laurivan.com/Dev/ansible-role-sonarqube/compare/v1.1.3...v1.1.4) (2023-04-29)
+
+### [1.1.3](https://git.laurivan.com/Dev/ansible-role-sonarqube/compare/v1.1.2...v1.1.3) (2023-04-28)
+
+
+### Bug Fixes
+
+* Fix the DB healthcheck to use custom user. ([d509b4e](https://git.laurivan.com/Dev/ansible-role-sonarqube/commit/d509b4e788b40fd15708c721d6af55e68a922966))
+
+### [1.1.2](https://git.laurivan.com/Dev/ansible-role-sonarqube/compare/v1.1.1...v1.1.2) (2023-04-28)
+
+
+### Bug Fixes
+
+* Sudo for limit changes ([f9a9801](https://git.laurivan.com/Dev/ansible-role-sonarqube/commit/f9a98017a3f1d58bf72aa818eb5a0447bcd0b80f))
+
+### [1.1.1](https://git.laurivan.com/Dev/ansible-role-sonarqube/compare/v1.1.0...v1.1.1) (2023-04-28)
+
+
+### Bug Fixes
+
+* Better healthcheck for sonarqube service. ([1323a7b](https://git.laurivan.com/Dev/ansible-role-sonarqube/commit/1323a7bdf42088952d318100e03b9690e4808b36))
+* Set elastic search parameters. ([d6cdbb6](https://git.laurivan.com/Dev/ansible-role-sonarqube/commit/d6cdbb675932ba812dc95543090bd86d9701424e))
+
 ## 1.1.0 (2023-04-27)
 
 

README.md

@@ -10,9 +10,21 @@ None
 
 All variables are listed below (see also `defaults/main.yml`).
 
-```yml
----
-```
+| Name | Description | Default |
+| ---: | --- | ---: |
+| `sonarqube_image` | The sonarqube docker image | sonarqube |
+| `sonarqube_db_image` |  The database docker image | postgres |
+| `sonarqube_http_port` | The published HTTP port | 9000 |
+| `sonarqube_api_port` | The API port | 9001 |
+| `sonarqube_vm_max_map_count` | Elastic search VM max map count | 524288 |
+| `sonarqube_fs_file_max` | Elastic search max files opened | 131072 |
+| `sonarqube_nofile` | Number of files opened | 131072 |
+| `sonarqube_nproc` | Number of processes operened | 8192 |
+| `sonarqube_config_path` | Location of the docker compose configuration | /var/local/conf/sonarqube |
+| `sonarqube_db_user` | The database user name | changeme |
+| `sonarqube_db_password` | The database password | changeme |
+
+Other variables declared in `defaults/main.yml` are defined for internal purposes and you should not touch/change them.
 
 ## Dependencies
 
@@ -23,7 +35,7 @@ You need a machine with docker and docker-compose installed.
 ```yml
 - hosts: servers
   roles:
-      - 'laurivan.Sonarqube'
+      - 'laurivan.sonarqube'
 ```
 
 ## License
@@ -40,7 +52,6 @@ This role was created in 2023 by [Laur Ivan](https://www.laurivan.com).
 
 ![Ansible](https://img.shields.io/badge/ansible-5.2.0-green.svg)
 ![Molecule](https://img.shields.io/badge/molecule-3.4.0-green.svg)
-![Goss](https://img.shields.io/badge/goss-0.3.16-green.svg)
 
 ## Contributing
 

defaults/main.yml

@@ -7,6 +7,12 @@ sonarqube_db_image: postgres
 sonarqube_http_port: 9000
 sonarqube_api_port: 9001
 
+# Limits
+sonarqube_vm_max_map_count: 524288
+sonarqube_fs_file_max: 131072
+sonarqube_nofile: 131072
+sonarqube_nproc: 8192
+
 # Sonarqube paths
 sonarqube_root_path: /var/local
 sonarqube_config_path: "{{ sonarqube_root_path }}/conf/sonarqube"

sonar-project.properties

@@ -0,0 +1,7 @@
+sonar.projectKey=ansible-role-sonarqube
+sonar.projectVersion=main
+sonar.projectName=ansible-role-sonarqube
+
+sonar.language=ansible,yaml
+sonar.sources=.
+sonar.host.url=http://10.0.0.27:39000

tasks/config.yml

@@ -21,3 +21,32 @@
     - "{{ sonarqube_configuration_files }}"
   tags:
     - sonarqube_configure
+
+- name: "SONARQUBE | Set up nofiles and nproc for ansible user"
+  pam_limits:
+    domain: "*"
+    limit_type: "{{ item.limit_type }}"
+    limit_item: "{{ item.limit_item }}"
+    value: "{{ item.value }}"
+  loop:
+    # Add nofile and nproc, both soft and hard, limit for the user db_user with a comment.
+    # Type "-" for enforcing both soft and hard resource limits together for more details read `man limits.conf`.
+    - { limit_type: '-', limit_item: 'nofile', value: "{{ sonarqube_nofile }}" }
+    - { limit_type: '-', limit_item: 'nproc', value: "{{ sonarqube_nproc }}" }
+  become: true
+
+- name: "SONARQUBE | Set up the max files"
+  sysctl:
+    name: fs.file-max
+    value: "{{ sonarqube_fs_file_max }}"
+    state: present
+    reload: true
+  become: true
+
+- name: "SONARQUBE | Set up the VM max_map_count"
+  sysctl:
+    name: vm.max_map_count
+    value: "{{ sonarqube_vm_max_map_count }}"
+    state: present
+    reload: true
+  become: true

templates/docker-compose.yml.j2

@@ -4,15 +4,19 @@ services:
   sonarqube:
     image: "{{ sonarqube_image }}"
     restart: always
+    healthcheck:
+      test: wget -qO- http://localhost:9000/api/system/health
+      interval: 10s
+      retries: 5
+      start_period: 5s
+      timeout: 10s
     env_file:
       - "{{ sonarqube_config_path | expanduser }}/env.sonarqube.conf"
     ports:
       - "{{ sonarqube_http_port }}:9000"
       - "{{ sonarqube_api_port }}:9001"
-      # Add more ports if necessary
     networks:
       - sonarqube-net
-    # optional
     volumes:
       - sonarqube_conf:/opt/sonarqube/conf
       - sonarqube_data:/opt/sonarqube/data
@@ -24,6 +28,11 @@ services:
   db:
     image: "{{ sonarqube_db_image }}"
     restart: always
+    healthcheck:
+      test: /usr/bin/pg_isready -U "{{ sonarqube_db_user }}""
+      interval: 5s
+      timeout: 10s
+      retries: 120
     env_file:
       - "{{ sonarqube_config_path | expanduser }}/env.db.conf"
     volumes: