In order to unify the approaches followed for Bitnami containers and Bitnami Helm charts, we are moving the different bitnami/bitnami-docker-<container> repositories to a single monorepo bitnami/containers. Please follow bitnami/containers to keep you updated about the latest Bitnami images.

More information here: https://blog.bitnami.com/2022/07/new-source-of-truth-bitnami-containers.html

SonarQube packaged by Bitnami

What is SonarQube?

SonarQube is an open source quality management platform that analyzes and measures code's technical quality. It enables developers to detect code issues, vulnerabilities, and bugs in early stages.

Overview of SonarQube

Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.

TL;DR

$ curl -sSL https://raw.githubusercontent.com/bitnami/bitnami-docker-sonarqube/master/docker-compose.yml > docker-compose.yml
$ docker-compose up -d

Warning: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the Environment Variables section for a more secure deployment.

Why use Bitnami Images?

• Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems.
• With Bitnami images the latest bug fixes and features are available as soon as possible.
• Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs.
• All our images are based on minideb a minimalist Debian based container image which gives you a small base container image and the familiarity of a leading Linux distribution.
• All Bitnami images available in Docker Hub are signed with Docker Content Trust (DCT). You can use DOCKER_CONTENT_TRUST=1 to verify the integrity of the images.
• Bitnami container images are released on a regular basis with the latest distribution packages available.

Why use a non-root container?

Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers in our docs.

Supported tags and respective Dockerfile links

Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags in our documentation page.

• 9, 9-debian-11, 9.5.0, 9.5.0-debian-11-r4, latest (9/debian-11/Dockerfile)
• 8, 8-debian-11, 8.9.9, 8.9.9-debian-11-r10 (8/debian-11/Dockerfile)

Subscribe to project updates by watching the bitnami/sonarqube GitHub repo.

Get this image

The recommended way to get the Bitnami SonarQube Docker Image is to pull the prebuilt image from the Docker Hub Registry.

$ docker pull bitnami/sonarqube:latest

To use a specific version, you can pull a versioned tag. You can view the list of available versions in the Docker Hub Registry.

$ docker pull bitnami/sonarqube:[TAG]

If you wish, you can also build the image yourself.

$ docker build -t bitnami/sonarqube:latest 'https://github.com/bitnami/bitnami-docker-sonarqube.git#master:9/debian-11'

How to use this image

SonarQube requires access to a PostgreSQL database to store information. We'll use the Bitnami Docker Image for PostgreSQL for the database requirements.

Run the application using Docker Compose

The main folder of this repository contains a functional docker-compose.yml file. Run the application using it as shown below:

$ curl -sSL https://raw.githubusercontent.com/bitnami/bitnami-docker-sonarqube/master/docker-compose.yml > docker-compose.yml
$ docker-compose up -d

Using the Docker Command Line

If you want to run the application manually instead of using docker-compose, these are the basic steps you need to run:

Step 1: Create a network

$ docker network create sonarqube-network

Step 2: Create a volume for PostgreSQL persistence and create a PostgreSQL container

$ docker volume create --name postgresql_data
$ docker run -d --name postgresql \
  --env ALLOW_EMPTY_PASSWORD=yes \
  --env POSTGRESQL_USERNAME=bn_sonarqube \
  --env POSTGRESQL_PASSWORD=bitnami \
  --env POSTGRESQL_DATABASE=bitnami_sonarqube \
  --network sonarqube-network \
  --volume postgresql_data:/bitnami/postgresql \
  bitnami/postgresql:latest

Step 3: Create volumes for SonarQube persistence and launch the container

$ docker volume create --name sonarqube_data
$ docker run -d --name sonarqube \
  -p 8080:8080 -p 8443:8443 \
  --env ALLOW_EMPTY_PASSWORD=yes \
  --env SONARQUBE_DATABASE_USER=bn_sonarqube \
  --env SONARQUBE_DATABASE_PASSWORD=bitnami \
  --env SONARQUBE_DATABASE_NAME=bitnami_sonarqube \
  --network sonarqube-network \
  --volume sonarqube_data:/bitnami/sonarqube \
  bitnami/sonarqube:latest

Access your application at http://your-ip/

Persisting your application

If you remove the container all your data will be lost, and the next time you run the image the database will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.

For persistence you should mount a directory at the /bitnami/sonarqube path. If the mounted directory is empty, it will be initialized on the first run. Additionally you should mount a volume for persistence of the PostgreSQL data.

The above examples define the Docker volumes named postgresql_data and sonarqube_data. The SonarQube application state will persist as long as volumes are not removed.

To avoid inadvertent removal of volumes, you can mount host directories as data volumes. Alternatively you can make use of volume plugins to host the volume data.

Mount host directories as data volumes with Docker Compose

This requires a minor change to the docker-compose.yml file present in this repository:

   postgresql:
     ...
     volumes:
-      - 'postgresql_data:/bitnami/postgresql'
+      - /path/to/postgresql-persistence:/bitnami/postgresql
   ...
   sonarqube:
     ...
     volumes:
-      - 'sonarqube_data:/bitnami/sonarqube'
+      - /path/to/sonarqube-persistence:/bitnami/sonarqube
   ...
-volumes:
-  postgresql_data:
-    driver: local
-  sonarqube_data:
-    driver: local

NOTE: As this is a non-root container, the mounted files and directories must have the proper permissions for the UID 1001.

Mount host directories as data volumes using the Docker command line

Step 1: Create a network (if it does not exist)

$ docker network create sonarqube-network

Step 2. Create a PostgreSQL container with host volume

$ docker run -d --name postgresql \
  --env ALLOW_EMPTY_PASSWORD=yes \
  --env POSTGRESQL_USERNAME=bn_sonarqube \
  --env POSTGRESQL_PASSWORD=bitnami \
  --env POSTGRESQL_DATABASE=bitnami_sonarqube \
  --network sonarqube-network \
  --volume /path/to/postgresql-persistence:/bitnami/postgresql \
  bitnami/postgresql:latest

Step 3. Create the SonarQube container with host volumes

$ docker run -d --name sonarqube \
  -p 8080:8080 -p 8443:8443 \
  --env ALLOW_EMPTY_PASSWORD=yes \
  --env SONARQUBE_DATABASE_USER=bn_sonarqube \
  --env SONARQUBE_DATABASE_PASSWORD=bitnami \
  --env SONARQUBE_DATABASE_NAME=bitnami_sonarqube \
  --network sonarqube-network \
  --volume /path/to/sonarqube-persistence:/bitnami/sonarqube \
  bitnami/sonarqube:latest

Configuration

Environment variables

When you start the SonarQube image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the docker run command line. If you want to add a new environment variable:

• For docker-compose add the variable name and value under the application section in the docker-compose.yml file present in this repository:

  sonarqube:
    ...
    environment:
      - SONARQUBE_PASSWORD=my_password
    ...

• For manual execution add a --env option with each variable and value:

  $ docker run -d --name sonarqube -p 80:8080 -p 443:8443 \
    --env SONARQUBE_PASSWORD=my_password \
    --network sonarqube-tier \
    --volume /path/to/sonarqube-persistence:/bitnami \
    bitnami/sonarqube:latest

Available environment variables:

User and Site configuration

• SONARQUBE_USERNAME: SonarQube application username. Default: admin
• SONARQUBE_PASSWORD: SonarQube application password. Default: bitnami
• SONARQUBE_EMAIL: SonarQube application email. Default: [email protected]
• SONARQUBE_SKIP_BOOTSTRAP: Whether to skip performing the initial bootstrapping for the application. This is necessary in case you use a database that already has SonarQube data. Default: no
• SONARQUBE_PORT_NUMBER: SonarQube Web application port number. Default: 9000
• SONARQUBE_ELASTICSEARCH_PORT_NUMBER: SonarQube Elasticsearch application port number. Default: 9001
• SONARQUBE_WEB_CONTEXT: SonarQube prefix used to access to the application. Default: /
• SONARQUBE_MAX_HEAP_SIZE: Maximum heap size for SonarQube services (CE, Search and Web). No defaults.
• SONARQUBE_MIN_HEAP_SIZE: Minimum heap size for SonarQube services (CE, Search and Web). No defaults.
• SONARQUBE_CE_JAVA_ADD_OPTS: Additional Java options for Compute Engine. No defaults.
• SONARQUBE_ELASTICSEARCH_JAVA_ADD_OPTS: Additional Java options for Elasticsearch. No defaults.
• SONARQUBE_WEB_JAVA_ADD_OPTS: Additional Java options for Web. No defaults.
• SONARQUBE_EXTRA_PROPERTIES: Comma separated list of properties to be set in the sonar.properties file, e.g. my.sonar.property1=property_value,my.sonar.property2=property_value. No defaults.
• SONARQUBE_START_TIMEOUT: Timeout for the application to start in seconds. Default: 300.

Database connection configuration

• SONARQUBE_DATABASE_HOST: Hostname for PostgreSQL server. Default: postgresql
• SONARQUBE_DATABASE_PORT_NUMBER: Port used by the PostgreSQL server. Default: 5432
• SONARQUBE_DATABASE_NAME: Database name that SonarQube will use to connect with the database. Default: bitnami_sonarqube
• SONARQUBE_DATABASE_USER: Database user that SonarQube will use to connect with the database. Default: bn_sonarqube
• SONARQUBE_DATABASE_PASSWORD: Database password that SonarQube will use to connect with the database. No default.
• ALLOW_EMPTY_PASSWORD: It can be used to allow blank passwords. Default: no

Create a database for SonarQube using postgresql-client

• POSTGRESQL_CLIENT_DATABASE_HOST: Hostname for the PostgreSQL server. Default: postgresql
• POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER: Port used by the PostgreSQL server. Default: 5432
• POSTGRESQL_CLIENT_POSTGRES_USER: Database admin user. Default: root
• POSTGRESQL_CLIENT_POSTGRES_PASSWORD: Database password for the database admin user. No default.
• POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES: List of new databases to be created by the postgresql-client module. No default.
• POSTGRESQL_CLIENT_CREATE_DATABASE_USER: New database user to be created by the postgresql-client module. No default.
• POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD: Database password for the POSTGRESQL_CLIENT_CREATE_DATABASE_USER user. No default.
• POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS: PostgreSQL extensions to enable in the specified database during the first initialization. No default.
• POSTGRESQL_CLIENT_EXECUTE_SQL: SQL code to execute in the PostgreSQL server. No defaults.
• ALLOW_EMPTY_PASSWORD: It can be used to allow blank passwords. Default: no

SMTP Configuration

To configure SonarQube to send email using SMTP you can set the following environment variables:

• SONARQUBE_SMTP_HOST: SMTP host.
• SONARQUBE_SMTP_PORT_NUMBER: SMTP port.
• SONARQUBE_SMTP_USER: SMTP account user.
• SONARQUBE_SMTP_PASSWORD: SMTP account password.
• SONARQUBE_SMTP_PROTOCOL: If specified, SMTP protocol to use. Allowed values: tls, ssl. No default.

Examples

SMTP configuration using a Gmail account

This would be an example of SMTP configuration using a Gmail account:

• Modify the docker-compose.yml file present in this repository:

    sonarqube:
      ...
      environment:
        - SONARQUBE_DATABASE_USER=bn_sonarqube
        - SONARQUBE_DATABASE_NAME=bitnami_sonarqube
        - ALLOW_EMPTY_PASSWORD=yes
        - SONARQUBE_SMTP_HOST=smtp.gmail.com
        - SONARQUBE_SMTP_PORT_NUMBER=587
        - [email protected]
        - SONARQUBE_SMTP_PASSWORD=your_password
    ...

• For manual execution:

  $ docker run -d --name sonarqube -p 80:8080 -p 443:8443 \
    --env SONARQUBE_DATABASE_USER=bn_sonarqube \
    --env SONARQUBE_DATABASE_NAME=bitnami_sonarqube \
    --env SONARQUBE_SMTP_HOST=smtp.gmail.com \
    --env SONARQUBE_SMTP_PORT_NUMBER=587 \
    --env [email protected] \
    --env SONARQUBE_SMTP_PASSWORD=your_password \
    --network sonarqube-tier \
    --volume /path/to/sonarqube-persistence:/bitnami \
    bitnami/sonarqube:latest

Connect SonarQube container to an existing database

The Bitnami SonarQube container supports connecting the SonarQube application to an external database. This would be an example of using an external database for SonarQube.

• Modify the docker-compose.yml file present in this repository:

     sonarqube:
       ...
       environment:
  -      - SONARQUBE_DATABASE_HOST=mariadb
  +      - SONARQUBE_DATABASE_HOST=mariadb_host
         - SONARQUBE_DATABASE_PORT_NUMBER=3306
         - SONARQUBE_DATABASE_NAME=sonarqube_db
         - SONARQUBE_DATABASE_USER=sonarqube_user
  -      - ALLOW_EMPTY_PASSWORD=yes
  +      - SONARQUBE_DATABASE_PASSWORD=sonarqube_password
       ...

• For manual execution:

  $ docker run -d --name sonarqube\
    -p 8080:8080 -p 8443:8443 \
    --network sonarqube-network \
    --env SONARQUBE_DATABASE_HOST=mariadb_host \
    --env SONARQUBE_DATABASE_PORT_NUMBER=3306 \
    --env SONARQUBE_DATABASE_NAME=sonarqube_db \
    --env SONARQUBE_DATABASE_USER=sonarqube_user \
    --env SONARQUBE_DATABASE_PASSWORD=sonarqube_password \
    --volume sonarqube_data:/bitnami/sonarqube \
    bitnami/sonarqube:latest

In case the database already contains data from a previous SonarQube installation, you need to set the variable SONARQUBE_SKIP_BOOTSTRAP to yes. Otherwise, the container would execute the installation wizard and could modify the existing data in the database. Note that, when setting SONARQUBE_SKIP_BOOTSTRAP to yes, values for environment variables such as SONARQUBE_USERNAME, SONARQUBE_PASSWORD or SONARQUBE_EMAIL will be ignored.

Logging

The Bitnami SonarQube Docker image sends the container logs to stdout. To view the logs:

$ docker logs sonarqube

Or using Docker Compose:

$ docker-compose logs sonarqube

You can configure the containers logging driver using the --log-driver option if you wish to consume the container logs differently. In the default configuration docker uses the json-file driver.

Maintenance

Backing up your container

To backup your data, configuration and logs, follow these simple steps:

Step 1: Stop the currently running container

$ docker stop sonarqube

Or using Docker Compose:

$ docker-compose stop sonarqube

Step 2: Run the backup command

We need to mount two volumes in a container we will use to create the backup: a directory on your host to store the backup in, and the volumes from the container we just stopped so we can access the data.

$ docker run --rm -v /path/to/sonarqube-backups:/backups --volumes-from sonarqube busybox \
  cp -a /bitnami/sonarqube /backups/latest

Restoring a backup

Restoring a backup is as simple as mounting the backup as volumes in the containers.

For the PostgreSQL database container:

 $ docker run -d --name postgresql \
   ...
-  --volume /path/to/postgresql-persistence:/bitnami/postgresql \
+  --volume /path/to/postgresql-backups/latest:/bitnami/postgresql \
   bitnami/postgresql:latest

For the SonarQube container:

 $ docker run -d --name sonarqube \
   ...
-  --volume /path/to/sonarqube-persistence:/bitnami/sonarqube \
+  --volume /path/to/sonarqube-backups/latest:/bitnami/sonarqube \
   bitnami/sonarqube:latest

Upgrade this image

Bitnami provides up-to-date versions of PostgreSQL and SonarQube, including security patches, soon after they are made upstream. We recommend that you follow these steps to upgrade your container. We will cover here the upgrade of the SonarQube container. For the PostgreSQL upgrade see: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#upgrade-this-image

The bitnami/sonarqube:latest tag always points to the most recent release. To get the most recent release you can simple repull the latest tag from the Docker Hub with docker pull bitnami/sonarqube:latest. However it is recommended to use tagged versions.

Step 1: Get the updated image

$ docker pull bitnami/sonarqube:latest

Step 2: Stop the running container

Stop the currently running container using the command

$ docker-compose stop sonarqube

Step 3: Take a snapshot of the application state

Follow the steps in Backing up your container to take a snapshot of the current application state.

Step 4: Remove the currently running container

Remove the currently running container by executing the following command:

docker-compose rm -v sonarqube

Step 5: Run the new image

Update the image tag in docker-compose.yml and re-create your container with the new image:

$ docker-compose up -d

Notable Changes

9.0.0-debian-10-r0

• The size of the container image has been decreased.
• The configuration logic is now based on Bash scripts in the rootfs/ folder.
• The SonarQube container image has been migrated to a "non-root" user approach. Previously the container ran as the root user and the SonarQube daemon was started as the sonarqube user. From now on, both the container and the SonarQube daemon run as user 1001. You can revert this behavior by changing USER 1001 to USER root in the Dockerfile, or user: root in docker-compose.yml. Consequences:
  • Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the SonarQube site by exporting its content, and importing it on a new SonarQube container. Follow the steps in Backing up your container and Restoring a backup to migrate the data between the old and new container.

Contributing

We'd love for you to contribute to this container. You can request new features by creating an issue, or submit a pull request with your contribution.

Issues

If you encountered a problem running this container, you can file an issue. For us to provide better support, be sure to include the following information in your issue:

• Host OS and version
• Docker version (docker version)
• Output of docker info
• Version of this container
• The command you used to run the container, and any relevant output you saw (masking any sensitive information)

License

Copyright © 2022 Bitnami

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.