Install SonarQube on Ubuntu

Ankita LunawatAnkita Lunawat
3 min read

🔍 What is SonarQube?

SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality, performing static code analysis to detect bugs, vulnerabilities, code smells, and technical debt in your codebase.


✅ Key Features

  • Multi-language support: Java, JavaScript, Python, C#, PHP, Go, TypeScript, and more.

  • Static Code Analysis: SonarQube finds bugs, security issues, and performance bottlenecks before they reach production.

  • Quality Gates: Enforce quality standards by setting thresholds on metrics like code coverage and duplications.

  • Security Analysis: SonarQube identifies OWASP Top 10 vulnerabilities, making it a great tool for DevSecOps.

  • Integration: Works with CI/CD tools like Jenkins, GitHub Actions, Azure DevOps, Bitbucket, and GitLab, among others.

  • Customizable Dashboards: Track project health over time with customizable dashboards.


🛠️ How SonarQube Works

  1. Developer writes code

  2. Code is committed and pushed

  3. The CI/CD pipeline triggers a SonarQube scan.

  4. SonarQube server analyzes the code with rules and creates a report.

  5. Developers review and fix issues as needed after receiving the report.


🧩 Components

  • SonarQube Server: Web UI, rule engine, and dashboard.

  • Sonar Scanner: The Sonar Scanner is a CLI or plugin that sends source code to the server for analysis.

  • Database: The database stores results using systems like PostgreSQL or MySQL.

  • SonarLint: IDE plugin providing real-time code feedback.


🚀 Benefits in DevOps

  • Ensures "Shift Left" testing in CI/CD

  • Supports secure coding practices (DevSecOps)

  • Encourages clean code culture

  • Reduces technical debt over time

  • Improves code maintainability


Prerequisites

  • Ubuntu 20.04 or 22.04

  • Minimum 2 GB RAM (4 GB+ recommended)

  • Java 17 (required for SonarQube 9.x and above)

  • PostgreSQL (recommended DB)

  • Access to sudo/root

  • Port 9000 open in your firewall/security group


🛠️ Step-by-Step Installation

🔹 1. Update System

sudo apt update && sudo apt upgrade -y

🔹 2. Install Java 17

sudo apt install openjdk-17-jdk -y
java -version

🔹 3. Install and Configure PostgreSQL

sudo apt install postgresql postgresql-contrib -y

Then, create the database and user.

sudo -u postgres psql

In the psql shell, create a database and user by entering the necessary SQL commands.

CREATE USER sonar WITH PASSWORD 'StrongPassword';
CREATE DATABASE sonarqube OWNER sonar;
\q

🔹 4. Create Sonar System User

sudo adduser --system --no-create-home --group --disabled-login sonar

🔹 5. Download and Extract SonarQube

/opt
sudo apt install unzip -y
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-10.4.1.88267.zip
sudo unzip sonarqube-10.4.1.88267.zip
sudo mv sonarqube-10.4.1.88267 sonarqube
sudo chown -R sonar:sonar /opt/sonarqube

🔹 6. Configure SonarQube

Edit the configuration file.

sudo nano /opt/sonarqube/conf/sonar.properties

Update these lines in the configuration.

sonar.jdbc.username=sonar
sonar.jdbc.password=StrongPassword
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube

🔹 7. Create a Systemd Service

sudo vi /etc/systemd/system/sonarqube.service

Paste the following.

[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
User=sonar
Group=sonar
Restart=always
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

Reload and enable the service by executing sudo systemctl daemon-reload followed by sudo systemctl enable sonarqube.service, and then start the service with sudo systemctl start sonarqube.service.

sudo systemctl daemon-reload
sudo systemctl enable sonarqube

🔹 8. Start SonarQube

sudo systemctl start sonarqube
sudo systemctl status sonarqube

🔹 9. Access SonarQube

Open a browser and go to http://localhost:9000 to access SonarQube.

http://<your-server-ip>:9000

Login credentials:

  • Username: *****

  • Password: ***** (you'll be prompted to change it)


✅ Allow Port 9000 on EC2

If you're on AWS EC2, allow TCP port 9000 in your Security Group.


✅ Logs & Troubleshooting

Logs are located in

/opt/sonarqube/logs/

Tail logs

tail -f /opt/sonarqube/logs/sonar.log

Some screenshot:

We have successfully Install SonarQube on Ubuntu.

Happy Learning….!

0
Subscribe to my newsletter

Read articles from Ankita Lunawat directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Ankita Lunawat
Ankita Lunawat

Hi there! I'm a passionate AWS DevOps Engineer with 2+ years of experience in building and managing scalable, reliable, and secure cloud infrastructure. I'm excited to share my knowledge and insights through this blog. Here, you'll find articles on: AWS Services: Deep dives into core AWS services like EC2, S3, Lambda, and more. DevOps Practices: Best practices for CI/CD, infrastructure as code, and automation. Security: Tips and tricks for securing your AWS environments. Serverless Computing: Building and deploying serverless applications. Troubleshooting: Common issues and solutions in AWS. I'm always eager to learn and grow, and I hope this blog can be a valuable resource for fellow DevOps enthusiasts. Feel free to connect with me on [LinkedIn/Twitter] or leave a comment below!