docker.recipes

SonarQube Code Quality

intermediate

SonarQube for continuous code quality inspection with PostgreSQL.

Overview

SonarQube is an enterprise-grade code quality and security analysis platform that performs continuous inspection of codebases through static analysis. Developed by SonarSource and actively maintained for over a decade, SonarQube detects bugs, code smells, security vulnerabilities, and technical debt across 30+ programming languages. It serves as a critical component in modern CI/CD pipelines, enforcing quality gates that prevent problematic code from reaching production environments. This stack combines SonarQube with PostgreSQL to create a robust code analysis infrastructure. PostgreSQL serves as SonarQube's primary database, storing project configurations, analysis results, user permissions, and historical quality metrics. The relational database's ACID compliance ensures data integrity for critical quality measurements, while its advanced querying capabilities support SonarQube's complex reporting and trend analysis features. PostgreSQL's reliability makes it ideal for enterprise environments where code quality data must be preserved and accurately tracked over time. This combination targets development teams implementing quality gates, DevOps engineers establishing CI/CD standards, and organizations requiring comprehensive security scanning. Unlike SaaS alternatives like CodeClimate, this self-hosted setup provides complete control over sensitive source code analysis while supporting custom rules and enterprise compliance requirements. The PostgreSQL backend enables sophisticated quality trend analysis and supports SonarQube's branch analysis features essential for modern Git workflows.

Key Features

  • Static code analysis across 30+ programming languages including Java, C#, JavaScript, Python, and Go
  • Security vulnerability detection with OWASP Top 10 and CWE standards coverage
  • Quality gates that automatically pass or fail builds based on configurable metrics
  • Technical debt quantification with time-based estimates for remediation
  • Branch analysis supporting pull request decoration and short-lived branch scanning
  • Code smell detection identifying maintainability issues and anti-patterns
  • PostgreSQL-backed trend analysis showing quality evolution over time
  • Enterprise authentication integration with LDAP, SAML, and OAuth providers

Common Use Cases

  • 1Enterprise development teams enforcing coding standards across multiple projects and languages
  • 2CI/CD pipeline integration blocking deployments when code quality thresholds aren't met
  • 3Security-focused organizations requiring automated vulnerability scanning before releases
  • 4Large codebases needing technical debt tracking and refactoring prioritization
  • 5Regulated industries maintaining code quality audit trails and compliance documentation
  • 6Development teams implementing code review processes with automated quality checks
  • 7Organizations migrating from commercial static analysis tools seeking open-source alternatives

Prerequisites

  • Minimum 4GB RAM available for SonarQube container (2GB absolute minimum for small projects)
  • Docker host with at least 2 CPU cores for reasonable analysis performance
  • Port 9000 available for SonarQube web interface access
  • Understanding of static code analysis concepts and quality gate configuration
  • Familiarity with your programming languages' specific SonarQube rules and plugins
  • Basic knowledge of CI/CD integration for automated analysis triggering

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  postgres: 
3    image: postgres:16-alpine
4    container_name: sonarqube-postgres
5    restart: unless-stopped
6    environment: 
7      POSTGRES_USER: ${POSTGRES_USER:-sonar}
8      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-sonar}
9      POSTGRES_DB: ${POSTGRES_DB:-sonarqube}
10    volumes: 
11      - postgres_data:/var/lib/postgresql/data
12    networks: 
13      - sonar-network
14
15  sonarqube: 
16    image: sonarqube:lts-community
17    container_name: sonarqube
18    restart: unless-stopped
19    ports: 
20      - "${SONAR_PORT:-9000}:9000"
21    environment: 
22      - SONAR_JDBC_URL=jdbc:postgresql://postgres:5432/${POSTGRES_DB:-sonarqube}
23      - SONAR_JDBC_USERNAME=${POSTGRES_USER:-sonar}
24      - SONAR_JDBC_PASSWORD=${POSTGRES_PASSWORD:-sonar}
25    volumes: 
26      - sonarqube_data:/opt/sonarqube/data
27      - sonarqube_extensions:/opt/sonarqube/extensions
28      - sonarqube_logs:/opt/sonarqube/logs
29    depends_on: 
30      - postgres
31    networks: 
32      - sonar-network
33
34volumes: 
35  postgres_data: 
36  sonarqube_data: 
37  sonarqube_extensions: 
38  sonarqube_logs: 
39
40networks: 
41  sonar-network: 
42    driver: bridge

.env Template

.env
1# SonarQube
2SONAR_PORT=9000
3POSTGRES_USER=sonar
4POSTGRES_PASSWORD=sonar
5POSTGRES_DB=sonarqube

Usage Notes

  1. 1SonarQube at http://localhost:9000
  2. 2Default login: admin/admin
  3. 3Change password on first login
  4. 4Install language plugins as needed

Individual Services(2 services)

Copy individual services to mix and match with your existing compose files.

postgres
postgres:
  image: postgres:16-alpine
  container_name: sonarqube-postgres
  restart: unless-stopped
  environment:
    POSTGRES_USER: ${POSTGRES_USER:-sonar}
    POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-sonar}
    POSTGRES_DB: ${POSTGRES_DB:-sonarqube}
  volumes:
    - postgres_data:/var/lib/postgresql/data
  networks:
    - sonar-network
sonarqube
sonarqube:
  image: sonarqube:lts-community
  container_name: sonarqube
  restart: unless-stopped
  ports:
    - ${SONAR_PORT:-9000}:9000
  environment:
    - SONAR_JDBC_URL=jdbc:postgresql://postgres:5432/${POSTGRES_DB:-sonarqube}
    - SONAR_JDBC_USERNAME=${POSTGRES_USER:-sonar}
    - SONAR_JDBC_PASSWORD=${POSTGRES_PASSWORD:-sonar}
  volumes:
    - sonarqube_data:/opt/sonarqube/data
    - sonarqube_extensions:/opt/sonarqube/extensions
    - sonarqube_logs:/opt/sonarqube/logs
  depends_on:
    - postgres
  networks:
    - sonar-network

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  postgres:
5    image: postgres:16-alpine
6    container_name: sonarqube-postgres
7    restart: unless-stopped
8    environment:
9      POSTGRES_USER: ${POSTGRES_USER:-sonar}
10      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-sonar}
11      POSTGRES_DB: ${POSTGRES_DB:-sonarqube}
12    volumes:
13      - postgres_data:/var/lib/postgresql/data
14    networks:
15      - sonar-network
16
17  sonarqube:
18    image: sonarqube:lts-community
19    container_name: sonarqube
20    restart: unless-stopped
21    ports:
22      - "${SONAR_PORT:-9000}:9000"
23    environment:
24      - SONAR_JDBC_URL=jdbc:postgresql://postgres:5432/${POSTGRES_DB:-sonarqube}
25      - SONAR_JDBC_USERNAME=${POSTGRES_USER:-sonar}
26      - SONAR_JDBC_PASSWORD=${POSTGRES_PASSWORD:-sonar}
27    volumes:
28      - sonarqube_data:/opt/sonarqube/data
29      - sonarqube_extensions:/opt/sonarqube/extensions
30      - sonarqube_logs:/opt/sonarqube/logs
31    depends_on:
32      - postgres
33    networks:
34      - sonar-network
35
36volumes:
37  postgres_data:
38  sonarqube_data:
39  sonarqube_extensions:
40  sonarqube_logs:
41
42networks:
43  sonar-network:
44    driver: bridge
45EOF
46
47# 2. Create the .env file
48cat > .env << 'EOF'
49# SonarQube
50SONAR_PORT=9000
51POSTGRES_USER=sonar
52POSTGRES_PASSWORD=sonar
53POSTGRES_DB=sonarqube
54EOF
55
56# 3. Start the services
57docker compose up -d
58
59# 4. View logs
60docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/sonarqube-code-quality/run | bash

Troubleshooting

  • SonarQube fails to start with 'Elasticsearch can not run as root': Ensure proper system configuration with vm.max_map_count=262144 on Docker host
  • Analysis fails with 'OutOfMemoryError': Increase container memory limits or configure sonar.ce.javaOpts for compute engine heap size
  • PostgreSQL connection refused during startup: Verify database credentials match between services and ensure postgres container starts before SonarQube
  • Quality gate fails unexpectedly: Check project-specific quality profiles and ensure baseline/new code period is properly configured
  • Plugin installation fails: Restart SonarQube container after installing plugins through the marketplace or manual upload
  • Scanner execution timeout on large projects: Increase sonar.ws.timeout property and consider excluding test files or generated code from analysis

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

sonarqubepostgresql

Tags

#sonarqube#code-quality#static-analysis#security#ci-cd

Category

DevOps & CI/CD

Related Recipes

Ad Space