Integrating SonarQube into a DevOps Pipeline: Architecture, Docker Installation, and Configuration (LDAP & GitLab)
This guide explains SonarQube's architecture, shows how to deploy it with Docker, and details configuration steps including forced login, LDAP integration, and GitLab authentication, providing code snippets and screenshots for a complete DevOps quality‑management setup.
This chapter introduces SonarQube integration for quality management in a DevOps environment, covering its architecture, installation, and configuration.
1. Understanding SonarQube
SonarQube Server consists of three main processes: a Web server for UI access, an Elasticsearch‑based Search Server, and a Compute Engine that processes analysis reports and stores them in the SonarQube database. The database holds instance configuration, quality snapshots, and plugin data. Multiple plugins (language, SCM, authentication, etc.) can be installed, and SonarScanner runs on CI servers to analyze projects.
Working Principle
Developers can install the SonarLint plugin in their IDE for pre‑commit scanning; commits trigger Jenkins to run SonarScanner automatically.
Versions
Available editions: Community (open‑source), Developer, Enterprise, and Data Center.
Installation
The example uses Docker to start a test environment:
docker run --rm -d --name sonarqube \
-p 9000:9000 \
-v ${LOCALDIR}/sonar/sonarqube_conf:/opt/sonarqube/conf \
-v ${LOCALDIR}/sonar/sonarqube_extensions:/opt/sonarqube/extensions \
-v ${LOCALDIR}/sonar/sonarqube_logs:/opt/sonarqube/logs \
-v ${LOCALDIR}/sonar/sonarqube_data:/opt/sonarqube/data \
sonarqube:7.9.2-communityAfter the container starts, access the UI at http://127.0.0.1:9000 .
2. SonarQube Configuration Management
Forced Login
By default projects are publicly viewable; configure the instance to require authentication for all users.
LDAP Integration
Install the LDAP plugin and edit sonar.properties with the following settings, then restart the server:
#LDAP settings
#admin
sonar.security.realm=LDAP
ldap.url=ldap://192.168.1.200:389
ldap.bindDn=cn=admin,dc=devops,dc=com
ldap.bindPassword=ldap12344
#users
ldap.user.baseDn=ou=jenkins,dc=devops,dc=com
ldap.user.request=(&(objectClass=inetOrgPerson)(cn={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mailGitLab Authentication Integration
Install the GitLabAuth plugin, create an application in GitLab (System Settings → Application Management), and set the callback URL to http://sonarserver:9000/oauth2/callback/gitlab . Then configure the GitLab details in SonarQube’s UI.
After completing these steps, logging into SonarQube will present the GitLab authentication option, confirming a successful integration.
DevOps Cloud Academy
Exploring industry DevOps practices and technical expertise.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.