library/sonarqube

Quick reference

• Maintained by:
  https://github.com/SonarSource/docker-sonarqube

• Where to get help:
  the SonarSource Community forum, the Docker Community Forums, the Docker Community Slack, or Stack Overflow

Supported tags and respective Dockerfile links

• https://github.com/SonarSource/docker-sonarqube/blob/46da64077d8567ace61a27c3e7c178b1f5511d05/commercial-editions/developer/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/46da64077d8567ace61a27c3e7c178b1f5511d05/commercial-editions/enterprise/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/46da64077d8567ace61a27c3e7c178b1f5511d05/commercial-editions/datacenter/app/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/46da64077d8567ace61a27c3e7c178b1f5511d05/commercial-editions/datacenter/search/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/59e7de50ef26f501eb09471f6d37588025ec9d7c/commercial-editions/developer/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/59e7de50ef26f501eb09471f6d37588025ec9d7c/commercial-editions/enterprise/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/59e7de50ef26f501eb09471f6d37588025ec9d7c/commercial-editions/datacenter/app/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/59e7de50ef26f501eb09471f6d37588025ec9d7c/commercial-editions/datacenter/search/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/e493ac520eba893f488a4980e6edb99128f08abb/commercial-editions/developer/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/e493ac520eba893f488a4980e6edb99128f08abb/commercial-editions/enterprise/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/e493ac520eba893f488a4980e6edb99128f08abb/commercial-editions/datacenter/app/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/e493ac520eba893f488a4980e6edb99128f08abb/commercial-editions/datacenter/search/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/81ba255ef68dcc154df0a5d1cb022419d8cfba77/commercial-editions/developer/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/81ba255ef68dcc154df0a5d1cb022419d8cfba77/commercial-editions/enterprise/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/81ba255ef68dcc154df0a5d1cb022419d8cfba77/commercial-editions/datacenter/app/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/81ba255ef68dcc154df0a5d1cb022419d8cfba77/commercial-editions/datacenter/search/Dockerfile

• https://github.com/SonarSource/docker-sonarqube/blob/3c72218664ce0438f30b81d942426d8316f2fa7c/community-build/Dockerfile

Quick reference (cont.)

• Where to file issues:
  https://github.com/SonarSource/docker-sonarqube/issues?q=

• Supported architectures: (https://github.com/docker-library/official-images#architectures-other-than-amd64)
  https://hub.docker.com/r/amd64/sonarqube/, https://hub.docker.com/r/arm64v8/sonarqube/

• Published image artifact details:
  https://github.com/docker-library/repo-info/blob/master/repos/sonarqube (https://github.com/docker-library/repo-info/commits/master/repos/sonarqube)
  (image metadata, transfer size, etc)

• Image updates:
  https://github.com/docker-library/official-images/issues?q=label%3Alibrary%2Fsonarqube
  https://github.com/docker-library/official-images/blob/master/library/sonarqube (https://github.com/docker-library/official-images/commits/master/library/sonarqube)

• Source of this description:
  https://github.com/docker-library/docs/tree/master/sonarqube (https://github.com/docker-library/docs/commits/master/sonarqube)

What is sonarqube?

sonarqube Docker repository stores the official Sonar images for SonarQube Server and SonarQube Community Build.

SonarQube Server (formerly SonarQube) is an on-premise analysis tool designed to detect quality and security issues in 30+ languages, frameworks, and IaC platforms. The solution also provides fix recommendations leveraging AI with Sonar's AI CodeFix capability. By integrating directly with your CI pipeline or on one of the supported DevOps platforms, your code is checked against an extensive set of rules that cover many attributes of code, such as maintainability, reliability, and security issues on each merge/pull request.

SonarQube Community Build (formerly SonarQube Community) is Sonar's self-managed free offering, released on a monthly schedule. It includes the latest core capabilities available in open source, providing essential features such as bug detection, identification of code smells, and basic security issue analysis across 21 programming languages and frameworks. For advanced security analysis, enterprise-grade integrations, and scalability features, the commercial version, SonarQube Server, is available.

How to use this image

Here, you'll find the Docker images for the SonarQube Server (Developer Edition, Enterprise Edition, and Data Center Edition), as well as for SonarQube Community Build.

Docker Host Requirements

Because SonarQube uses an embedded Elasticsearch, make sure that your Docker host configuration complies with the Elasticsearch production mode requirements and File Descriptors configuration.

For example, on Linux, you can set the recommended values for the current session by running the following commands as root on the host:

console
sysctl -w vm.max_map_count=524288
sysctl -w fs.file-max=131072
ulimit -n 131072
ulimit -u 8192

Demo

To quickly run a demo instance, see Using Docker on the Try Out SonarQube page. When you are ready to move to a more sustainable setup, take some time to read the Installation and Configuration sections below.

Installation

Multi-platform support: Starting from SonarQube 9.9, the docker images support running both on amd64 architecture and arm64-based Apple Silicon.

For installation instructions, see Installing the Server from the Docker Image on the Install the Server page.

To run a cluster with the SonarQube Server Data Center Edition, please refer to Installing SonarQube Server from the Docker Image on the Install the Server as a Cluster page.

Long-Term Active (LTA) versions

LTA refers to the version of SonarQube Server that will stay active for a longer period of time. Currently, 2026.1 is the latest LTA version and should be used when LTA version is preferred. To install the latest LTA, you can pull one of the 2026-lta-<edition> tags.

Configuration

Port binding

By default, the server running within the container will listen on port 9000. You can expose the container port 9000 to the host port 9000 with the -p 9000:9000 argument to docker run, like the command below:

console
docker run --name sonarqube-custom -p 9000:9000 sonarqube:community

You can then browse to http://localhost:9000 or http://host-ip:9000 in your web browser to access the web interface.

Database

By default, the image will use an embedded H2 database that is not suited for production.

Warning: Only a single instance of SonarQube Server or SonarQube Community Build can connect to a database schema. If you're using a Docker Swarm or Kubernetes, make sure that multiple instances are never running on the same database schema simultaneously. This will cause the SonarQube to behave unpredictably, and data will be corrupted. There is no safeguard, as described on SONAR-***. The SonarQube Server Data Center Edition has the same limitation in that only one cluster can connect to one database schema at the same time.

Set up a database by following the "Installing the Database" section.

Use volumes

We recommend creating volumes for the following directories:

• /opt/sonarqube/data: data files, such as the embedded H2 database and Elasticsearch indexes
• /opt/sonarqube/logs: contains SonarQube logs about access, web process, CE process, Elasticsearch logs
• /opt/sonarqube/extensions: for 3rd party plugins

Beginning with SonarQube Server 2026.1, the use of the Java Attach API for ElasticSearch 8.x initialization creates socket files in the hardcoded and unchangeable path /tmp/.java_pid<PID>. It is essential to ensure that SonarQube Server processes have both read and write access to the /tmp/ folder to function correctly.

Warning: You cannot use the same volumes on multiple instances of SonarQube.

Upgrading

For upgrade instructions, see Upgrading from the Docker Image on the Upgrade the Server page.

Advanced configuration

Customized image

In some environments, it may make more sense to prepare a custom image containing your configuration. A Dockerfile to achieve this may be as simple as:

dockerfile
FROM sonarqube:community
COPY sonar-custom-plugin-1.0.jar /opt/sonarqube/extensions/

You could then build and try the image with something like:

console
$ docker build --tag=sonarqube-custom .
$ docker run -ti sonarqube-custom

Avoid hard termination

The instance will stop gracefully, waiting for any tasks in progress to finish. Waiting for in-progress tasks to finish can take a large amount of time, which the docker does not expect by default when stopping. To avoid having the instance killed by the Docker daemon after 10 seconds, it is best to configure a timeout to stop the container with --stop-timeout. For example:

console
docker run --stop-timeout 3600 sonarqube

Administration

Information about administering your instance of SonarQube Server begins here.

License

SonarQube Community Build is licensed under GNU Lesser General Public License, Version 3.0. SonarQube Server Developer, Enterprise, and Data Center Editions are licensed under SonarSource Terms and Condition.

As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).

Some additional license information which was able to be auto-detected might be found in https://github.com/docker-library/repo-info/tree/master/repos/sonarqube.

As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.