diff --git a/sonarqube/README-short.txt b/sonarqube/README-short.txt index d1147e9c9c88..bf41551a0a53 100644 --- a/sonarqube/README-short.txt +++ b/sonarqube/README-short.txt @@ -1 +1 @@ -SonarQube is an open source platform for continuous inspection of code quality. \ No newline at end of file +Official images for SonarQube, code analysis tool for code quality and security diff --git a/sonarqube/content.md b/sonarqube/content.md index 1961b53c4db0..c5b56e7a946e 100644 --- a/sonarqube/content.md +++ b/sonarqube/content.md @@ -1,12 +1,14 @@ -# What is SonarQube? +# What is `sonarqube`? -[SonarQube](https://www.sonarqube.org/) is the leading tool for continuously inspecting the Code Quality and Security of your codebases, and guiding development teams during Code Reviews. Covering 27 programming languages, while pairing-up with your existing software pipeline, SonarQube provides clear remediation guidance for developers to understand and fix issues, and for teams overall to deliver better and safer software. With over 225,000 deployments helping small development teams as well as global organizations, SonarQube provides the means for all teams and companies around the world to own and impact their Code Quality and Security. +`sonarqube` Docker repository stores the official Sonar images for SonarQube Server and SonarQube Community Build. -%%LOGO%% +[SonarQube Server](https://www.sonarsource.com/products/sonarqube/) (formerly SonarQube) is an on-premise analysis tool designed to detect quality and security issues in 30+ languages, frameworks, and IaC platforms. The solution also provides fix recommendations leveraging AI with Sonar’s AI CodeFix capability. By integrating directly with your CI pipeline or on one of the supported DevOps platforms, your code is checked against an extensive set of rules that cover many attributes of code, such as maintainability, reliability, and security issues on each merge/pull request. -# How to use this image +[SonarQube Community Build](https://www.sonarsource.com/open-source-editions/sonarqube-community-edition/) (formerly SonarQube Community) is free and open source SonarQube offering. It provides core features such as bug detection, code smells, and basic security issue identification across 30+ programming languages and frameworks. However, advanced security analysis, enterprise-level integrations, and scalability options are reserved for SonarQube Server. -Here you'll find the Docker images for the Community Edition, Developer Edition, Enterprise Edition, and Data Center Edition of SonarQube. +## How to use this image + +Here you'll find the Docker images for the SonarQube Server (Developer Edition, Enterprise Edition, and Data Center Edition), as well as for SonarQube Community Build. ## Docker Host Requirements @@ -21,7 +23,7 @@ ulimit -n 131072 ulimit -u 8192 ``` -## Try Out SonarQube +## Demo To quickly run a demo instance, see Using Docker on the [Try Out SonarQube](https://docs.sonarqube.org/latest/setup/get-started-2-minutes/) page. When you are ready to move to a more sustainable setup, take some time to read the **Installation** and **Configuration** sections below. @@ -31,7 +33,7 @@ To quickly run a demo instance, see Using Docker on the [Try Out SonarQube](http For installation instructions, see Installing the Server from the Docker Image on the [Install the Server](https://docs.sonarqube.org/latest/setup/install-server/) page. -To run a cluster with the Data Center Edition, please refer to Installing SonarQube from the Docker Image on the [Install the Server as a Cluster](https://docs.sonarqube.org/latest/setup/install-cluster/) page. +To run a cluster with the SonarQube Server Data Center Edition, please refer to Installing SonarQube Server from the Docker Image on the [Install the Server as a Cluster](https://docs.sonarqube.org/latest/setup/install-cluster/) page. > The `lts` tag on Docker images is replaced with every new LTS release. If you want to avoid any automatic major upgrades, we recommend using the corresponding `9.9-` tag instead of `lts-`. @@ -42,18 +44,18 @@ To run a cluster with the Data Center Edition, please refer to Installing SonarQ By default, the server running within the container will listen on port 9000. You can expose the container port 9000 to the host port 9000 with the `-p 9000:9000` argument to `docker run`, like the command below: ```console -docker run --name sonarqube-custom -p 9000:9000 %%IMAGE%%:10.6-community +docker run --name sonarqube-custom -p 9000:9000 %%IMAGE%%:community ``` -You can then browse to `http://localhost:9000` or `http://host-ip:9000` in your web browser to access the SonarQube web interface. +You can then browse to `http://localhost:9000` or `http://host-ip:9000` in your web browser to access the web interface. ### Database By default, the image will use an embedded H2 database that is not suited for production. -> **Warning:** Only a single instance of SonarQube can connect to a database schema. If you're using a Docker Swarm or Kubernetes, make sure that multiple SonarQube instances are never running on the same database schema simultaneously. This will cause SonarQube to behave unpredictably and data will be corrupted. There is no safeguard until [SONAR-10362](https://jira.sonarsource.com/browse/SONAR-10362). The Data Center Edition has the same limitation in that only one cluster can connect to one database schema at the same time. +> **Warning:** Only a single instance of SonarQube Server or SonarQube Community Build can connect to a database schema. If you're using a Docker Swarm or Kubernetes, make sure that multiple instances are never running on the same database schema simultaneously. This will cause the SonarQube to behave unpredictably and data will be corrupted. There is no safeguard, as described on [SONAR-10362](https://jira.sonarsource.com/browse/SONAR-10362). The SonarQube Server Data Center Edition has the same limitation in that only one cluster can connect to one database schema at the same time. -Set up a database by following the "Installing the Database" section of https://docs.sonarqube.org/latest/setup/install-server/. +Set up a database by following the ["Installing the Database"](https://docs.sonarsource.com/sonarqube/latest/setup-and-upgrade/install-the-server/installing-the-database/) section. ### Use volumes @@ -76,7 +78,7 @@ For upgrade instructions, see Upgrading from the Docker Image on the [Upgrade th In some environments, it may make more sense to prepare a custom image containing your configuration. A `Dockerfile` to achieve this may be as simple as: ```dockerfile -FROM %%IMAGE%%:10.6-community +FROM %%IMAGE%%:community COPY sonar-custom-plugin-1.0.jar /opt/sonarqube/extensions/ ``` @@ -87,9 +89,9 @@ $ docker build --tag=sonarqube-custom . $ docker run -ti sonarqube-custom ``` -### Avoid hard termination of SonarQube +### Avoid hard termination -A SonarQube instance will stop gracefully, waiting for any tasks in progress to finish. Waiting for in-progress tasks to finish can take a large amount of time which the docker does not expect by default when stopping. To avoid having the SonarQube instance killed by the Docker daemon after 10 seconds, it is best to configure a timeout to stop the container with `--stop-timeout`. For example: +The instance will stop gracefully, waiting for any tasks in progress to finish. Waiting for in-progress tasks to finish can take a large amount of time which the docker does not expect by default when stopping. To avoid having the instance killed by the Docker daemon after 10 seconds, it is best to configure a timeout to stop the container with `--stop-timeout`. For example: ```console docker run --stop-timeout 3600 %%IMAGE%% diff --git a/sonarqube/license.md b/sonarqube/license.md index bc16166651ad..542e24334751 100644 --- a/sonarqube/license.md +++ b/sonarqube/license.md @@ -1 +1 @@ -SonarQube Community Edition is licensed under [GNU Lesser General Public License, Version 3.0](http://www.gnu.org/licenses/lgpl.txt). SonarQube Developer, Enterprise, and Data Center Editions are licensed under [SonarSource Terms and Conditions](https://www.sonarsource.com/docs/sonarsource_terms_and_conditions.pdf). +SonarQube Community Build is licensed under [GNU Lesser General Public License, Version 3.0](http://www.gnu.org/licenses/lgpl.txt). SonarQube Server Developer, Enterprise, and Data Center Editions are licensed under [SonarSource Terms and Condition](https://www.sonarsource.com/docs/sonarsource_terms_and_conditions.pdf). diff --git a/sonarqube/logo.png b/sonarqube/logo.png index c17679b539e3..ef9dd66d53c9 100644 Binary files a/sonarqube/logo.png and b/sonarqube/logo.png differ