Install SonarQube on Ubuntu

🔍 What is SonarQube?
SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality, performing static code analysis to detect bugs, vulnerabilities, code smells, and technical debt in your codebase.
✅ Key Features
Multi-language support: Java, JavaScript, Python, C#, PHP, Go, TypeScript, and more.
Static Code Analysis: SonarQube finds bugs, security issues, and performance bottlenecks before they reach production.
Quality Gates: Enforce quality standards by setting thresholds on metrics like code coverage and duplications.
Security Analysis: SonarQube identifies OWASP Top 10 vulnerabilities, making it a great tool for DevSecOps.
Integration: Works with CI/CD tools like Jenkins, GitHub Actions, Azure DevOps, Bitbucket, and GitLab, among others.
Customizable Dashboards: Track project health over time with customizable dashboards.
🛠️ How SonarQube Works
Developer writes code
Code is committed and pushed
The CI/CD pipeline triggers a SonarQube scan.
SonarQube server analyzes the code with rules and creates a report.
Developers review and fix issues as needed after receiving the report.
🧩 Components
SonarQube Server: Web UI, rule engine, and dashboard.
Sonar Scanner: The Sonar Scanner is a CLI or plugin that sends source code to the server for analysis.
Database: The database stores results using systems like PostgreSQL or MySQL.
SonarLint: IDE plugin providing real-time code feedback.
🚀 Benefits in DevOps
Ensures "Shift Left" testing in CI/CD
Supports secure coding practices (DevSecOps)
Encourages clean code culture
Reduces technical debt over time
Improves code maintainability
✅ Prerequisites
Ubuntu 20.04 or 22.04
Minimum 2 GB RAM (4 GB+ recommended)
Java 17 (required for SonarQube 9.x and above)
PostgreSQL (recommended DB)
Access to sudo/root
Port 9000 open in your firewall/security group
🛠️ Step-by-Step Installation
🔹 1. Update System
sudo apt update && sudo apt upgrade -y
🔹 2. Install Java 17
sudo apt install openjdk-17-jdk -y
java -version
🔹 3. Install and Configure PostgreSQL
sudo apt install postgresql postgresql-contrib -y
Then, create the database and user.
sudo -u postgres psql
In the psql shell, create a database and user by entering the necessary SQL commands.
CREATE USER sonar WITH PASSWORD 'StrongPassword';
CREATE DATABASE sonarqube OWNER sonar;
\q
🔹 4. Create Sonar System User
sudo adduser --system --no-create-home --group --disabled-login sonar
🔹 5. Download and Extract SonarQube
/opt
sudo apt install unzip -y
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-10.4.1.88267.zip
sudo unzip sonarqube-10.4.1.88267.zip
sudo mv sonarqube-10.4.1.88267 sonarqube
sudo chown -R sonar:sonar /opt/sonarqube
🔹 6. Configure SonarQube
Edit the configuration file.
sudo nano /opt/sonarqube/conf/sonar.properties
Update these lines in the configuration.
sonar.jdbc.username=sonar
sonar.jdbc.password=StrongPassword
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube
🔹 7. Create a Systemd Service
sudo vi /etc/systemd/system/sonarqube.service
Paste the following.
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
User=sonar
Group=sonar
Restart=always
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
Reload and enable the service by executing sudo systemctl daemon-reload
followed by sudo systemctl enable sonarqube.service
, and then start the service with sudo systemctl start sonarqube.service
.
sudo systemctl daemon-reload
sudo systemctl enable sonarqube
🔹 8. Start SonarQube
sudo systemctl start sonarqube
sudo systemctl status sonarqube
🔹 9. Access SonarQube
Open a browser and go to http://localhost:9000
to access SonarQube.
http://<your-server-ip>:9000
Login credentials:
Username: *****
Password: ***** (you'll be prompted to change it)
✅ Allow Port 9000 on EC2
If you're on AWS EC2, allow TCP port 9000 in your Security Group.
✅ Logs & Troubleshooting
Logs are located in
/opt/sonarqube/logs/
Tail logs
tail -f /opt/sonarqube/logs/sonar.log
Some screenshot:
We have successfully Install SonarQube on Ubuntu.
Happy Learning….!
Subscribe to my newsletter
Read articles from Ankita Lunawat directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

Ankita Lunawat
Ankita Lunawat
Hi there! I'm a passionate AWS DevOps Engineer with 2+ years of experience in building and managing scalable, reliable, and secure cloud infrastructure. I'm excited to share my knowledge and insights through this blog. Here, you'll find articles on: AWS Services: Deep dives into core AWS services like EC2, S3, Lambda, and more. DevOps Practices: Best practices for CI/CD, infrastructure as code, and automation. Security: Tips and tricks for securing your AWS environments. Serverless Computing: Building and deploying serverless applications. Troubleshooting: Common issues and solutions in AWS. I'm always eager to learn and grow, and I hope this blog can be a valuable resource for fellow DevOps enthusiasts. Feel free to connect with me on [LinkedIn/Twitter] or leave a comment below!