sonarqube
SonarQube is an open source product for continuous inspection of code quality.
See sonarqube.org for more information
This image is built by IBM to run on the IBM Z architecture and is not affiliated with any other community that provides a version of this image.
License View license information here As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.
Versions Use the pull string below for the version of this image you require.
| 9.2.4-community | docker pull icr.io/ibmz/sonarqube@sha256:fc7d3a11c7b3903f136771217da3402936087459a228e8fd116486a394690cdd | Vulnerability Report | 01-14-2022 | 10.0.0.68432-community | docker pull icr.io/ibmz/sonarqube@sha256:b0f557b906329c94c0e77a3f867a71cd7d962d1f91500c97e57057e13919e460 | Vulnerability Report | 10-18-2023 | 9.3.0-community | docker pull icr.io/ibmz/sonarqube@sha256:ad26604713b70a829f48e25ead46c82953941fe7d2a69cbc904fc41d1675890f | Vulnerability Report | 03-18-2022 | 8.5.1.38104 | docker pull icr.io/ibmz/sonarqube@sha256:3d8882bf20203889eec4eda80f575a9e883c315e9bc289761ac6b2cf33f7f418 | Vulnerability Report | 10-18-2023 |
| Version | Pull String | Security (IBM Cloud) | Created |
|---|---|---|---|
Usage Notes
Start a SonarQube container:docker run --name sonarqube -d -p 9000:9000 icr.io/ibmz/sonarqube:[version]To quickly run a demo instance, see Using Docker on the Get Started in Two Minutes Guide page. When you are ready to move to a more sustainable setup, take some time to read the Configuration section below.
Configuration
By default, the image will use an embedded H2 database that is not suited for production.Warning: Only a single instance of SonarQube can connect to a database schema. If you're using a Docker Swarm or Kubernetes, make sure that multiple SonarQube instances are never running on the same database schema simultaneously. This will cause SonarQube to behave unpredictably and data will be corrupted. There is no safeguard until SONAR-10362.
Set up a database by following the "Installing the Database" section of the official docs.Use volumes
We recommend creating volumes for the following directories:/opt/sonarqube/conf: for Version 7.9.x only, configuration files, such as sonar.properties.
/opt/sonarqube/data: data files, such as the embedded H2 database and Elasticsearch indexes
/opt/sonarqube/logs: contains SonarQube logs about access, web process, CE process, Elasticsearch logs
/opt/sonarqube/extensions: plugins, such as language analyzers
Warning: You cannot use the same volumes on multiple instances of SonarQube.First Installation
For installation instructions, see Installing the Server from the Docker Image on the Install the Server page.Upgrading
For upgrade instructions, see Upgrading from the Docker Image on the Upgrade the Server page.
Advanced configuration:
In some environments, it may make more sense to prepare a custom image containing your configuration. A Dockerfile to achieve this may be as simple as:
FROM icr.io/ibmz/sonarqube:[version]
COPY sonar.properties /opt/sonarqube/conf/docker build --tag=sonarqube-custom .docker run -ti sonarqube-customAvoid hard termination of SonarQube
Starting from SonarQube 7.8, SonarQube stops gracefully, waiting for any tasks in progress to finish. Waiting for in-progress tasks to finish can take a large amount of time which the docker does not expect by default when stopping. To avoid having the SonarQube instance killed by the Docker daemon after 10 seconds, it is best to configure a timeout to stop the container with
--stop-timeout.For example:
docker run --stop-timeout 3600 icr.io/ibmz/sonarqube:[version]