Running SonarQube with Docker Compose 

SonarQube is a code review tool to identify defects, smells in code, and weaknesses. It's an open-source platform, however, SonarSource also provides Enterprise and Data Center licenses that come with advanced features.

SonarQube offers a range of programming languages, such as Java, C#, and C/C++. JavaScript, TypeScript, COBOL, Apex, PHP, Kotlin, Ruby, Scala, HTML, CSS, ABAP, Flex, Objective-C, Python, Go, Swift, PL/SQL, TQLQTL, VB.NET, VB6, and XML. Certain programs require a commercial license, however.

It is not necessary to alter your workflow or learn new tools to work with SonarQube. It is compatible with the most common build tools, such as Ant, Maven, Make, MSBuild, and Gradle. You just need to install the appropriate plugin, and then you'll be able to analyze your build in your normal build process.

Run SonarQube with Docker Compose

SonarQube with a reliable back-end database is the tool you use to run SonarQube. The composed file is used to set up SonarQube using PostgreSQL:

• version: "3"
• services:
• sonarqube
• image: sonarqube
• restart: unless-stopped
• environment:- SONARQUBE_JDBC_USERNAME=sonarqube
• SONARQUBE_JDBC_PASSWORD=sonarpass
• SONARQUBE_JDBC_URL=jdbc: postgresql://db:5432/sonarqube

ports:

-"9000:9000"

-"9092:9092"

volumes

- sonarqube_conf:/opt/sonarqube/conf

- sonarqube_data:/opt/sonarqube/data

- sonarqube_extensions:/opt/sonarqube/extensions

- sonarqube_bundled_plugins:/opt/sonarqube/lib/bundled-plugins

DB:

image: postgres

restart: unless-stopped

environment: POSTGRES_USER=sonarqube

- POSTGRES_PASSWORD=sonarpass

- POSTGRES_DB=sonarqube

volumes

sonarqube_db:/var/lib/postgresql

postgresql_data:/var/lib/PostgreSQL/data

volumes

postgresql_data

sonarqube_bundled-plugins:

sonarqube_conf

sonarqube_data

sonarqube_db:

sonarqube_extensions

The SonarQube section begins at line No. The SonarQube section begins on the line number. 4. Instead of specifying a specific version of the file, the composing file utilizes the most current image.

The section on the environment specifies variables that allow you to connect to the PostgreSQL database.

On line 14, it specifies SonarQube in four volumes for configuration storage. This container will keep its information between restarts.

Then, the PostgreSQL section is using the most recent container too. It also has an environment section that specifies variables to allow SonarQube to login and also the database SonarQube specifies as part of its JDBC connection string.

In addition, it utilizes 2 volumes that it has created on its own.

Begin the container using docker-compose:

$ sudo docker-compose up -d

Creating network "sonarqube_default" with the default driver

Creating volume "sonarqube_postgresql_data" with the default driver

Creating volume "sonarqube_sonarqube_db" with the default driver

Creating volume "sonarqube_sonarqube_data" with the default driver

Creating volume "sonarqube_sonarqube_bundled-plugins" with the default driver

Creating volume "sonarqube_sonarqube_conf" with the default driver

Creating volume "sonarqube_sonarqube_extensions" with the default driver

Creating sonarqube_db_1 ...

Creating sonarqube_sonarqube_1 ...

Creating sonarqube_db_1

Creating sonarqube_db_1 ... done

Navigate to http://localhost:9000 and log in with the default admin account and password admin.

You'll be asked to change your administrator password.

You're in! You've created a SonarQube server. Now, let's throw a Java version at it.

SonarQube as well as Gradle

SonarSource has sample projects available on GitHub. Copy this repo. For this example, you'll use the sonarqube-scanner-Gradle project.

Its build The Gradle file has been set up to work with SonarQube.

Plugins

id "jacoco" id="java" id="application" version="3.0" id="org.sonarqube" ( description =' Example of SonarQube Scanner for Gradle Usage' version = '1.0' sonarqube properties {property 'sonar.project name,' 'Example of SonarQube Scanner for Gradle Usage' } }

Line No. 5 also includes an upgrade to the SonarQube Gradle plugin.

Line Number 8 defines the SonarQube project's name. The server will create the project even if it does not exist.

Therefore, all you have to do is enter the server's address and an authentication token into the Build command line.

First, create a token.

Go to My Account

Create a token in the Security section. Give it a title and hit the Generate button.

When you click "Generate," you'll get your token. Copy it.

You can now start the build. You can pass the token using -Dsonar. login and your host using -Dsonar, host. URL.

%./gradlew-Dsonar.login=5b2034e871ec685ce42a1399ba6b2080b2c2490d-Dsonar.host.url=http://myhost:9000 sonarqube BUILD SUCCESSFULLY IN 15 MINUTES3 actionable tasks: 1 executed, 2 up-to-date

Then, look at your SonarQube console for results from the build.

The server has created an entirely new project and then included the results of static analysis into it for you to use.

You'll get a complete analysis by clicking on the project's name.

You've built a SonarQube server and then sent statically analyzed results back to it.

Static SonarQube Analysis

In this article, you will learn how to create a SonarQube server and incorporate static analysis into a Java build.

SonarQube is an effective tool that will assist you in developing more efficient code. It's already clear how simple it is to integrate it into your current workflow. Find out more about the ways you can incorporate SonarQube into your design process with Cprime's SonarQube Bootcamp.

Conclusion

In this article, you will learn how to run SonarQube using Docker to compose an application. It is evident how simple it is to incorporate Sonar within your existing development workflow.

However, it is advised to work with a knowledgeable DevOps supplier when you are experimenting with using your current code. For more customized technical assistance, contact our development experts to assist you in navigating an easier development process.