Post

sonarqube

code analysis tool for code quality and security

Posted
sonarqube
sonarqube
By ahmed bouayed
1 min read
sonarqube

what is SAST

SAST, or Static Application Security Testing, scans the source code of an application to identify vulnerabilities within the code itself

what is sonarqube

SonarQube Server is an on-premise analysis tool designed to detect coding issues in 30+ languages, frameworks, and IaC platforms. By integrating directly with your CI pipeline or on one of our supported DevOps platforms, your code is checked against an extensive set of rules that cover many attributes of code, such as maintainability, reliability, and security issues on each merge/pull request.

As a core element of the Sonar solution, SonarQube Server completes the analysis loop to help you deliver clean code that meets high-quality standards.

how to Install sonarqube:

add these lines to /etc/sysctl.conf:

1
2

vm.max_map_count=524288
fs.file-max=131072

To apply the changes, run:

1

sudo sysctl -p

create folder sonarqube:

1

mkdir sonarqube && cd sonarqube

create docker-compose.yaml:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

services:
  sonarqube:
    image: sonarqube:latest
    container_name: sonarqube
    ports:
      - "9000:9000"
    networks:
      - sonarnet
    environment:
      - SONAR_JDBC_URL=jdbc:postgresql://db:5432/sonar
      - SONAR_JDBC_USERNAME=sonar
      - SONAR_JDBC_PASSWORD=sonar
    volumes:
      - sonarqube_data:/opt/sonarqube/data
      - sonarqube_extensions:/opt/sonarqube/extensions
      - sonarqube_logs:/opt/sonarqube/logs
    depends_on:
      - db

  db:
    image: postgres:17
    container_name: postgres
    networks:
      - sonarnet
    environment:
      POSTGRES_USER: sonar
      POSTGRES_PASSWORD: sonar
      POSTGRES_DB: sonar
    volumes:
      - postgresql_data:/var/lib/postgresql/data
      - postgresql_data_conf:/etc/postgresql/postgresql.conf

networks:
  sonarnet:
    driver: bridge

volumes:
  sonarqube_data:
  sonarqube_extensions:
  sonarqube_logs:
  postgresql_data:
  postgresql_data_conf:

run the command:

1

docker-compose up -d

Once the containers are up and running, you can access SonarQube by navigating to http://localhost:9000 in your web browser.

Log in with the default credentials:

  • Username: admin
  • Password: admin

After logging in, you will be prompted to change the default password.

DevOps
docker test devops ci
This post is licensed under CC BY 4.0 by the author.