docker.recipes

SonarQube + PostgreSQL + SonarScanner

intermediate

Code quality and security analysis platform.

Overview

SonarQube is a comprehensive code quality and security analysis platform that has become the industry standard for continuous inspection of code quality. Originally developed by SonarSource in 2008, SonarQube performs automated static analysis to detect bugs, vulnerabilities, security hotspots, and code smells across 30+ programming languages. It provides quality gates that can block deployments when code doesn't meet defined standards, making it essential for enterprise development teams focused on maintaining high code quality and security standards. This stack combines SonarQube with PostgreSQL as the backend database and includes SonarScanner for automated code analysis. PostgreSQL serves as SonarQube's primary data store, handling analysis results, project configurations, user management, and historical quality metrics. The SonarScanner component enables automated code scanning that can be triggered on-demand or integrated into CI/CD pipelines. Together, these components create a complete code quality platform that can analyze codebases, store results persistently, and provide detailed reporting on code health over time. This configuration is ideal for development teams implementing DevSecOps practices, organizations requiring code quality governance, and enterprises needing centralized code analysis across multiple projects. The combination provides both immediate feedback on code quality issues and long-term tracking of technical debt, making it valuable for teams ranging from small startups establishing coding standards to large enterprises managing hundreds of applications with strict security and quality requirements.

Key Features

  • Static code analysis across 30+ programming languages including Java, C#, JavaScript, Python, PHP, and Go
  • Security vulnerability detection with OWASP Top 10 coverage and CWE classification
  • Quality gates with customizable thresholds for bugs, vulnerabilities, code smells, and technical debt
  • Technical debt quantification with time-to-fix estimates for identified issues
  • Branch analysis and pull request decoration for code review integration
  • Historical trend analysis showing code quality evolution over time
  • PostgreSQL backend providing ACID compliance and advanced querying for complex quality metrics
  • On-demand code scanning with SonarScanner supporting multiple build tools and CI systems

Common Use Cases

  • 1Enterprise code quality governance with centralized analysis across multiple development teams
  • 2DevSecOps pipeline integration for automated security vulnerability scanning before deployment
  • 3Technical debt management and tracking for legacy system modernization projects
  • 4Code review enhancement with automated quality checks and pull request decoration
  • 5Compliance reporting for industries requiring code quality documentation and audit trails
  • 6Open source project quality assurance with community edition features
  • 7Multi-language development environment requiring consistent quality standards across different technologies

Prerequisites

  • Minimum 4GB RAM available (2GB for SonarQube + 1GB for PostgreSQL + system overhead)
  • Port 9000 available for SonarQube web interface access
  • Docker Compose v2.0+ with profiles support for SonarScanner execution
  • Understanding of static code analysis concepts and quality gate configuration
  • Source code projects with build tools supported by SonarScanner (Maven, Gradle, npm, etc.)
  • Basic knowledge of PostgreSQL administration for database maintenance and backup procedures

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  sonarqube: 
3    image: sonarqube:lts-community
4    environment: 
5      - SONAR_JDBC_URL=jdbc:postgresql://postgres:5432/sonarqube
6      - SONAR_JDBC_USERNAME=${POSTGRES_USER}
7      - SONAR_JDBC_PASSWORD=${POSTGRES_PASSWORD}
8    volumes: 
9      - sonarqube-data:/opt/sonarqube/data
10      - sonarqube-extensions:/opt/sonarqube/extensions
11      - sonarqube-logs:/opt/sonarqube/logs
12    ports: 
13      - "9000:9000"
14    depends_on: 
15      - postgres
16    networks: 
17      - sonarqube-network
18    restart: unless-stopped
19
20  postgres: 
21    image: postgres:15
22    environment: 
23      - POSTGRES_USER=${POSTGRES_USER}
24      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
25      - POSTGRES_DB=sonarqube
26    volumes: 
27      - postgres-data:/var/lib/postgresql/data
28    networks: 
29      - sonarqube-network
30    restart: unless-stopped
31
32  scanner: 
33    image: sonarsource/sonar-scanner-cli:latest
34    environment: 
35      - SONAR_HOST_URL=http://sonarqube:9000
36      - SONAR_LOGIN=${SONAR_TOKEN}
37    volumes: 
38      - ./:/usr/src
39    working_dir: /usr/src
40    depends_on: 
41      - sonarqube
42    networks: 
43      - sonarqube-network
44    profiles: 
45      - tools
46
47volumes: 
48  sonarqube-data: 
49  sonarqube-extensions: 
50  sonarqube-logs: 
51  postgres-data: 
52
53networks: 
54  sonarqube-network: 
55    driver: bridge

.env Template

.env
1# SonarQube
2POSTGRES_USER=sonarqube
3POSTGRES_PASSWORD=secure_postgres_password
4
5# Generate token in SonarQube UI
6SONAR_TOKEN=your_sonar_token
7
8# Linux: sysctl -w vm.max_map_count=524288

Usage Notes

  1. 1SonarQube at http://localhost:9000
  2. 2Default login: admin / admin
  3. 3Run scanner: docker compose --profile tools run scanner
  4. 4Configure project token for CI
  5. 5Install language plugins

Individual Services(3 services)

Copy individual services to mix and match with your existing compose files.

sonarqube
sonarqube:
  image: sonarqube:lts-community
  environment:
    - SONAR_JDBC_URL=jdbc:postgresql://postgres:5432/sonarqube
    - SONAR_JDBC_USERNAME=${POSTGRES_USER}
    - SONAR_JDBC_PASSWORD=${POSTGRES_PASSWORD}
  volumes:
    - sonarqube-data:/opt/sonarqube/data
    - sonarqube-extensions:/opt/sonarqube/extensions
    - sonarqube-logs:/opt/sonarqube/logs
  ports:
    - "9000:9000"
  depends_on:
    - postgres
  networks:
    - sonarqube-network
  restart: unless-stopped
postgres
postgres:
  image: postgres:15
  environment:
    - POSTGRES_USER=${POSTGRES_USER}
    - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
    - POSTGRES_DB=sonarqube
  volumes:
    - postgres-data:/var/lib/postgresql/data
  networks:
    - sonarqube-network
  restart: unless-stopped
scanner
scanner:
  image: sonarsource/sonar-scanner-cli:latest
  environment:
    - SONAR_HOST_URL=http://sonarqube:9000
    - SONAR_LOGIN=${SONAR_TOKEN}
  volumes:
    - ./:/usr/src
  working_dir: /usr/src
  depends_on:
    - sonarqube
  networks:
    - sonarqube-network
  profiles:
    - tools

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  sonarqube:
5    image: sonarqube:lts-community
6    environment:
7      - SONAR_JDBC_URL=jdbc:postgresql://postgres:5432/sonarqube
8      - SONAR_JDBC_USERNAME=${POSTGRES_USER}
9      - SONAR_JDBC_PASSWORD=${POSTGRES_PASSWORD}
10    volumes:
11      - sonarqube-data:/opt/sonarqube/data
12      - sonarqube-extensions:/opt/sonarqube/extensions
13      - sonarqube-logs:/opt/sonarqube/logs
14    ports:
15      - "9000:9000"
16    depends_on:
17      - postgres
18    networks:
19      - sonarqube-network
20    restart: unless-stopped
21
22  postgres:
23    image: postgres:15
24    environment:
25      - POSTGRES_USER=${POSTGRES_USER}
26      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
27      - POSTGRES_DB=sonarqube
28    volumes:
29      - postgres-data:/var/lib/postgresql/data
30    networks:
31      - sonarqube-network
32    restart: unless-stopped
33
34  scanner:
35    image: sonarsource/sonar-scanner-cli:latest
36    environment:
37      - SONAR_HOST_URL=http://sonarqube:9000
38      - SONAR_LOGIN=${SONAR_TOKEN}
39    volumes:
40      - ./:/usr/src
41    working_dir: /usr/src
42    depends_on:
43      - sonarqube
44    networks:
45      - sonarqube-network
46    profiles:
47      - tools
48
49volumes:
50  sonarqube-data:
51  sonarqube-extensions:
52  sonarqube-logs:
53  postgres-data:
54
55networks:
56  sonarqube-network:
57    driver: bridge
58EOF
59
60# 2. Create the .env file
61cat > .env << 'EOF'
62# SonarQube
63POSTGRES_USER=sonarqube
64POSTGRES_PASSWORD=secure_postgres_password
65
66# Generate token in SonarQube UI
67SONAR_TOKEN=your_sonar_token
68
69# Linux: sysctl -w vm.max_map_count=524288
70EOF
71
72# 3. Start the services
73docker compose up -d
74
75# 4. View logs
76docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/sonarqube-complete/run | bash

Troubleshooting

  • SonarQube fails to start with 'Elasticsearch bootstrap checks failed': Increase Docker Desktop memory allocation to at least 4GB and set vm.max_map_count=262144 on Linux hosts
  • Database connection errors 'FATAL: database sonarqube does not exist': Ensure PostgreSQL container starts completely before SonarQube by adding healthcheck or increasing startup delay
  • SonarScanner fails with 'java.net.ConnectException Connection refused': Wait for SonarQube to fully initialize (check logs for 'SonarQube is up' message) before running scanner
  • Analysis fails with 'Insufficient token permissions': Generate a project analysis token in SonarQube admin panel and set it as SONAR_TOKEN environment variable
  • Out of memory errors during large project analysis: Increase SONAR_SCANNER_OPTS with -Xmx2g or higher in scanner environment variables
  • Quality gate status not updating in CI: Ensure sonar-scanner includes -Dsonar.qualitygate.wait=true parameter for synchronous quality gate evaluation

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

sonarqubepostgresqlsonarscanner

Tags

#sonarqube#code-quality#security#static-analysis#devsecops

Category

DevOps & CI/CD

Related Recipes

Ad Space