Skip to content
Klutch.sh Docs

Deploying a SonarQube App

Introduction

SonarQube is an open-source platform for continuous code quality and security analysis. Deploying SonarQube with a Dockerfile on Klutch.sh provides reproducible builds, managed secrets, and persistent storage—all configured from klutch.sh/app. This guide covers installation, Dockerfile setup, environment variables, storage, Nixpacks overrides, and sample checks to verify your deployment.

Prerequisites

  • A Klutch.sh account (sign up)
  • A GitHub repository containing your SonarQube Dockerfile (GitHub is the only supported git source)
  • External PostgreSQL database (required)
  • Domain and TLS for secure access

For onboarding, see the Quick Start.

Architecture and ports

  • SonarQube serves HTTP on internal port 9000. Choose HTTP traffic and set the internal port to 9000.
  • Persistent storage is required for data and plugins; primary metadata resides in Postgres.

Repository layout

sonarqube/
├── Dockerfile              # Must be at repo root for auto-detection
└── README.md

Keep secrets out of Git; store them in Klutch.sh environment variables.

Installation (local) and starter commands

Build and run locally (ensure Postgres is reachable):

Terminal window
docker build -t sonarqube-local .
docker run -p 9000:9000 \
  -e SONAR_JDBC_URL=jdbc:postgresql://localhost:5432/sonarqube \
  -e SONAR_JDBC_USERNAME=sonarqube \
  -e SONAR_JDBC_PASSWORD=changeme \
  sonarqube-local

Dockerfile for SonarQube (production-ready)

Place this at the repo root; Klutch.sh auto-detects Dockerfiles.

FROM sonarqube:latest


ENV SONAR_WEB_PORT=9000


EXPOSE 9000
CMD ["bin/run.sh"]

Notes:

  • Pin to a specific tag (e.g., sonarqube:10.5-community) for stability.
  • bin/run.sh starts the server on the configured port.

Environment variables (Klutch.sh)

Set these before deploying:

  • PORT=9000
  • SONAR_WEB_PORT=9000
  • SONAR_JDBC_URL=jdbc:postgresql://<db-host>:5432/<db>
  • SONAR_JDBC_USERNAME=<db-user>
  • SONAR_JDBC_PASSWORD=<db-password>
  • Optional JVM tuning: SONAR_SEARCH_JAVAADDITIONALOPTS, SONAR_WEB_JAVAOPTS

If deploying without the Dockerfile and relying on Nixpacks:

  • NIXPACKS_START_CMD=bin/run.sh

Attach persistent volumes

Add storage in Klutch.sh (path and size only):

  • /opt/sonarqube/data — database cache and indices.
  • /opt/sonarqube/extensions — plugins and custom extensions.
  • /opt/sonarqube/logs — application logs.

Ensure paths are writable inside the container.

Deploy SonarQube on Klutch.sh (Dockerfile workflow)

  1. Push your repository—with the Dockerfile at the root—to GitHub.
  2. Open klutch.sh/app, create a project, and add an app.
  3. Select HTTP traffic and set the internal port to 9000.
  4. Add the environment variables above (Postgres JDBC URL, user, password, and optional JVM tuning).
  5. Attach volumes at /opt/sonarqube/data, /opt/sonarqube/extensions, and /opt/sonarqube/logs sized for your data, plugins, and logs.
  6. Deploy. Access the UI at https://example-app.klutch.sh and complete initial setup.

Sample checks

Landing page:

Terminal window
curl -I https://example-app.klutch.sh

System info (requires auth; replace credentials):

Terminal window
curl -u admin:admin https://example-app.klutch.sh/api/system/status

Health checks and production tips

  • Add an HTTP readiness probe to /api/system/status.
  • Keep DB credentials and any tokens in Klutch.sh secrets; rotate regularly.
  • Pin image versions and test upgrades in staging before production rollout.
  • Back up Postgres and persist /opt/sonarqube/data, /opt/sonarqube/extensions, and /opt/sonarqube/logs.

SonarQube on Klutch.sh delivers reproducible Docker builds, managed secrets, and persistent storage—without extra YAML or CI steps. Configure ports, env vars, and volumes, then launch your code quality platform.