Improve your team’s code quality with Sonarqube. Docker + SSL Guide.
This is a guide to setting up a self-hosted sonarqube instance with a docker-compose stack using traefik reverse proxy and auto-generated SSL for https traffic. We will set it up on AWS EC2 so it’s not technically free but you can offset the cost with startup credits in most small teams.
For the uninitiated,
SonarQube is an open-source platform that provides developers with a comprehensive set of code analysis tools to detect and fix bugs, code smells, and vulnerabilities in their source code. It offers detailed reports and metrics to identify and prioritize technical debt, track code quality over time, and monitor code modifications. SonarQube integrates with various code repositories, build tools, and continuous integration systems, and supports customizable rules and Quality Gates to enforce quality standards and prevent code quality issues from propagating to higher environments. Overall, it helps maintain technical excellence and high-quality code standards throughout the development process.
Reasons for going self-hosted:
- Pricing: Although Sonarcloud offers a version at 10eur / month, they are limited to 100K LOC. This was actually my preferred choice until we crossed that limit. For 250K LOC, which is the next tier, it costs 75eur / month, which sounds uncomfortable.
- Flexibility: Sonarcloud only has login with either provider like gitlab / bitbucket etc and all users you add have to come from a provider. Most PMs / Testers won’t have that login. You can’t even connect multiple accounts like bitbucket + gitlab.
Make sure you only allow traffic on port 80,443 for traffic and 22 for ssh to set the server up.
After a few mins, the sonarqube interface will be available on your domain with https enabled. The default login is admin — admin.
Now go catch some pesky bugs!