A SonarQube Helm chart with plugins, profiles and config used at ICTU
9.4K
A SonarQube container image with plugins, profiles and configuration used at ICTU https://github.com/ICTU/sonar
When starting the SonarQube image, new quality profiles will be automatically created for supported languages. These newly created profiles are set to be the default profile, but can also be extended with your own custom rules.
Extending the default can be done by ensuring that the current profile has a name ending with EXTENDED (or extended).
Alternatively, the automatic overriding of default profile can be avoided by ensuring that the current profile has a name ending with DEFAULT (or default).
Warning: If an adjustment has been made to a rule in an EXTENDED profile, where the specific rule was originally disabled in the Sonar Way profile, this adjustment will not be retained after a restart of the SonarQube instance.
Add the project code (it will be used as a prefix for the quality profile name) to the environment variable PROJECT_CODE.
Add a list of semicolon separated rule ids to be enabled or disabled to the environment variable PROJECT_RULES.
Example to explicitly enable (+) a C# rule and disable (-) a TypeScript rule:
PROJECT_CODE=PROJ1
PROJECT_RULES=+csharpsquid:S104;-typescript:S1301
It is also possible to adjust individual rule parameter values:
PROJECT_CODE=PROJ1
PROJECT_RULES=+csharpsquid:S110|max=6;-typescript:S1301
The Helm chart can be pulled as ictu/ictu-sonarqube from Docker hub as OCI artifact:
helm pull oci://registry-1.docker.io/ictu/ictu-sonarqube
As specified in the Helm values.yaml, the credentials monitoringCredential, postgresqlCredential and sonarAdminCredential can be used.
Additional environment variables can be passed to the SonarQube container as a list of key-value pairs in env_vars, specified in the Helm values.
Note that the default value specified in sonarqube.extraConfig.configmaps assumes the release name ictu-sonarqube, which you may need to override.
Alternatively, environment variables can be passed directly through the sonarqube.env dict in the Helm values (i.e. for secrets).
Note that the Helm chart does not deploy a PostgreSQL database by default, because the upstream SonarQube chart is shipped with a legacy Bitnami version.
Because the Bitnami charts are no longer publicly maintained, (security) patches are not available and a new deployment is already insecure.
This means that a production deployment with this Helm chart should come with a separately managed db, configured in the sonarqube.jdbcOverwrite values.
Point of contact for this repository is Dennie Bouman, who can be reached by opening a new issue in this repository's issue tracker.
Content type
Helm
Digest
sha256:d646934c3…
Size
192.2 kB
Last updated
30 days ago
helm pull oci://registry-1.docker.io/ictu/ictu-sonarqube --version 2026.3.1