Difficulty: Introduction
Estimated Time: 10 minutes

SonarQube on Kubernetes


Setting up your SonarQube services(s) as fragile snowflakes is both common and not a recommended technique. Any developer should be able to quickly start a service or rely on a team service that matches the same behaviors. The latest SonarQube version, it's plugins and it's configurations should also be easily adjustable. Your software development lifecycle processes (SDLC) should embrace the versioned configuration and deployment of SonarQube across a variety of cattle (not pets) targets.

Follow these instructions to setup a personal SonarQube engine and dashboard. With this you have a strong static code analysis tool backing your code changes all before you submit your work for pull requests. Within SonarQube there are plugins such as for Checkstyle, PMD and Findbugs. The Fingbugs plugin includes rules for vulnerabilities such as the OWASP top 10.

You will learn how:

  • Install SonarQube onto Kubernetes
  • Use Helm to install SonarQube on Minikube
  • Configure SonarQube plugins with the chart
  • Access SonarQube Dashboard
  • Analyze code and inspect results with a Gradle plugin

SonarQube is an open source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities. -- Wikipedia



Lessons Learned

With these steps you have learned:

  • how TODO,
  • how TODO,
  • how TODO.

Additional information

No Fluff Just Stuff

For a deeper understanding of these topics and more join me, Jonathan Johnson, for a transcendent experience on the No Fluff Just Stuff Software Symposium Tour.


Step 1 of 4

Kubernetes Running for You

As you see, your Kubernetes cluster based on Minikube is will be available in a moment. Verify it's ready for your use:

minikube version && minikube status && kubectl cluster-info

Notice that while Minikube is running, there is nothing deployed except for a single kubernetes item,

kubectl get deployments,pods,services

minikube service list --namespace default

A clean slate, let's deploy our first application.

Kubernetes Dashboard
SonarQube Dashboard