Install SonarQube on Ubuntu

Ankita LunawatAnkita Lunawat
3 min read

🔍 What is SonarQube?

SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality, performing static code analysis to detect bugs, vulnerabilities, code smells, and technical debt in your codebase.

✅ Key Features

  • Multi-language support: Java, JavaScript, Python, C#, PHP, Go, TypeScript, and more.

  • Static Code Analysis: SonarQube finds bugs, security issues, and performance bottlenecks before they reach production.

  • Quality Gates: Enforce quality standards by setting thresholds on metrics like code coverage and duplications.

  • Security Analysis: SonarQube identifies OWASP Top 10 vulnerabilities, making it a great tool for DevSecOps.

  • Integration: Works with CI/CD tools like Jenkins, GitHub Actions, Azure DevOps, Bitbucket, and GitLab, among others.

  • Customizable Dashboards: Track project health over time with customizable dashboards.

🛠️ How SonarQube Works

  1. Developer writes code

  2. Code is committed and pushed

  3. The CI/CD pipeline triggers a SonarQube scan.

  4. SonarQube server analyzes the code with rules and creates a report.

  5. Developers review and fix issues as needed after receiving the report.

🧩 Components

  • SonarQube Server: Web UI, rule engine, and dashboard.

  • Sonar Scanner: The Sonar Scanner is a CLI or plugin that sends source code to the server for analysis.

  • Database: The database stores results using systems like PostgreSQL or MySQL.

  • SonarLint: IDE plugin providing real-time code feedback.

🚀 Benefits in DevOps

  • Ensures "Shift Left" testing in CI/CD

  • Supports secure coding practices (DevSecOps)

  • Encourages clean code culture

  • Reduces technical debt over time

  • Improves code maintainability

Prerequisites

  • Ubuntu 20.04 or 22.04

  • Minimum 2 GB RAM (4 GB+ recommended)

  • Java 17 (required for SonarQube 9.x and above)

  • PostgreSQL (recommended DB)

  • Access to sudo/root

  • Port 9000 open in your firewall/security group

🛠️ Step-by-Step Installation

🔹 1. Update System

sudo apt update && sudo apt upgrade -y

🔹 2. Install Java 17

sudo apt install openjdk-17-jdk -y
java -version

🔹 3. Install and Configure PostgreSQL

sudo apt install postgresql postgresql-contrib -y

Then, create the database and user.

sudo -u postgres psql

In the psql shell, create a database and user by entering the necessary SQL commands.

CREATE USER sonar WITH PASSWORD 'StrongPassword';
CREATE DATABASE sonarqube OWNER sonar;
\q

🔹 4. Create Sonar System User

sudo adduser --system --no-create-home --group --disabled-login sonar

🔹 5. Download and Extract SonarQube

/opt
sudo apt install unzip -y
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-10.4.1.88267.zip
sudo unzip sonarqube-10.4.1.88267.zip
sudo mv sonarqube-10.4.1.88267 sonarqube
sudo chown -R sonar:sonar /opt/sonarqube

🔹 6. Configure SonarQube

Edit the configuration file.

sudo nano /opt/sonarqube/conf/sonar.properties

Update these lines in the configuration.

sonar.jdbc.username=sonar
sonar.jdbc.password=StrongPassword
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube

🔹 7. Create a Systemd Service

sudo vi /etc/systemd/system/sonarqube.service

Paste the following.

[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
User=sonar
Group=sonar
Restart=always
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

Reload and enable the service by executing sudo systemctl daemon-reload followed by sudo systemctl enable sonarqube.service, and then start the service with sudo systemctl start sonarqube.service.

sudo systemctl daemon-reload
sudo systemctl enable sonarqube

🔹 8. Start SonarQube

sudo systemctl start sonarqube
sudo systemctl status sonarqube

🔹 9. Access SonarQube

Open a browser and go to http://localhost:9000 to access SonarQube.

http://<your-server-ip>:9000

Login credentials:

  • Username: *****

  • Password: ***** (you'll be prompted to change it)

✅ Allow Port 9000 on EC2

If you're on AWS EC2, allow TCP port 9000 in your Security Group.

✅ Logs & Troubleshooting

Logs are located in

/opt/sonarqube/logs/

Tail logs

tail -f /opt/sonarqube/logs/sonar.log

Some screenshot:

We have successfully Install SonarQube on Ubuntu.

Happy Learning….!

0
Subscribe to my newsletter

Read articles from Ankita Lunawat directly inside your inbox. Subscribe to the newsletter, and don't miss out.

sonarqube installationAWSPostgreSQL

Written by

Ankita Lunawat
Ankita Lunawat

Hi there! I'm a passionate AWS DevOps Engineer with 2+ years of experience in building and managing scalable, reliable, and secure cloud infrastructure. I'm excited to share my knowledge and insights through this blog. Here, you'll find articles on: AWS Services: Deep dives into core AWS services like EC2, S3, Lambda, and more. DevOps Practices: Best practices for CI/CD, infrastructure as code, and automation. Security: Tips and tricks for securing your AWS environments. Serverless Computing: Building and deploying serverless applications. Troubleshooting: Common issues and solutions in AWS. I'm always eager to learn and grow, and I hope this blog can be a valuable resource for fellow DevOps enthusiasts. Feel free to connect with me on [LinkedIn/Twitter] or leave a comment below!