ictu/ictu-sonarqube

By ictu

Updated 30 days ago

A SonarQube Helm chart with plugins, profiles and config used at ICTU

Helm
Integration & delivery
Developer tools
1

9.4K

ictu/ictu-sonarqube repository overview

ICTU SonarQube container image

A SonarQube container image with plugins, profiles and configuration used at ICTU https://github.com/ICTU/sonar

Creating a new quality profile

When starting the SonarQube image, new quality profiles will be automatically created for supported languages. These newly created profiles are set to be the default profile, but can also be extended with your own custom rules.

Extending the default can be done by ensuring that the current profile has a name ending with EXTENDED (or extended). Alternatively, the automatic overriding of default profile can be avoided by ensuring that the current profile has a name ending with DEFAULT (or default).

Warning: If an adjustment has been made to a rule in an EXTENDED profile, where the specific rule was originally disabled in the Sonar Way profile, this adjustment will not be retained after a restart of the SonarQube instance.

Overriding the ICTU standard quality profiles

Add the project code (it will be used as a prefix for the quality profile name) to the environment variable PROJECT_CODE. Add a list of semicolon separated rule ids to be enabled or disabled to the environment variable PROJECT_RULES.

Example to explicitly enable (+) a C# rule and disable (-) a TypeScript rule:

PROJECT_CODE=PROJ1
PROJECT_RULES=+csharpsquid:S104;-typescript:S1301

It is also possible to adjust individual rule parameter values:

PROJECT_CODE=PROJ1
PROJECT_RULES=+csharpsquid:S110|max=6;-typescript:S1301

Running on Kubernetes with the Helm chart

The Helm chart can be pulled as ictu/ictu-sonarqube from Docker hub as OCI artifact:

helm pull oci://registry-1.docker.io/ictu/ictu-sonarqube

As specified in the Helm values.yaml, the credentials monitoringCredential, postgresqlCredential and sonarAdminCredential can be used. Additional environment variables can be passed to the SonarQube container as a list of key-value pairs in env_vars, specified in the Helm values. Note that the default value specified in sonarqube.extraConfig.configmaps assumes the release name ictu-sonarqube, which you may need to override. Alternatively, environment variables can be passed directly through the sonarqube.env dict in the Helm values (i.e. for secrets).

Note that the Helm chart does not deploy a PostgreSQL database by default, because the upstream SonarQube chart is shipped with a legacy Bitnami version. Because the Bitnami charts are no longer publicly maintained, (security) patches are not available and a new deployment is already insecure. This means that a production deployment with this Helm chart should come with a separately managed db, configured in the sonarqube.jdbcOverwrite values.

Get in touch

Point of contact for this repository is Dennie Bouman, who can be reached by opening a new issue in this repository's issue tracker.

Tag summary

Content type

Helm

Digest

sha256:d646934c3

Size

192.2 kB

Last updated

30 days ago

helm pull oci://registry-1.docker.io/ictu/ictu-sonarqube --version 2026.3.1