Enable Dark Mode!
By: Cybrosys Technologies

How to Use Sonarqube for Improving Code Quality


Testing is an essential aspect of software development, helping developers address various types of bugs. In software development, several methods are available for software testing, with static and dynamic methods being two prominent approaches.

Static testing involves evaluating the software application without executing the code. The primary objective is to ensure code quality by identifying bugs or errors in the early stages of development.

Dynamic testing, also referred to as functional testing, requires code execution and analysis of the software's functionality under different conditions.

SonarQube is a comprehensive code quality analysis tool that combines both static and dynamic analysis tools to examine the source code and generate reports on the code quality of your project. It identifies bugs in the code by scanning the project and notifies developers to address them. To implement SonarQube, you need to install the tool and, subsequently, install a scanner and create projects for scanning.

Install SonarQube on Ubuntu 20.04LTS

1. Prepare your Ubuntu server.

sudo apt update
sudo apt upgrade -y

2. Install OpenJDK 11

sudo apt install -y openjdk-11-jdk

3. Install and Configure PostgreSQL

* Add a PostgreSQL repository.

sudo sh -c 'echo "deb 
http://apt.postgresql.org/pub/repos/apt/ `lsb_release 
-cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'

Add PostgreSQL signing key.

wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -

* Install PostgreSQL.

sudo apt install -y postgresql postgresql-contrib

* Enable DB server to start automatically on reboot.

sudo systemctl enable postgresql

* Start DB server.

sudo systemctl start postgresql

* Change the default PostgreSQL password.

sudo passwd postgres

* Switch to the postgres user.

su - postgres

*Create a user named sonar.

createuser sonar

* Log into PostgreSQL.


* Set a password for the sonar user. Use a strong password in place of my_password.

ALTER USER sonar WITH ENCRYPTED password 'my_password';

* Create a SonarQube database and set its owner to sonar.

CREATE DATABASE sonarqube OWNER sonar;

*Assign full privileges on the SonarQube database to the user sonar


Exit PostgreSQL.


Return to your non-root sudo user account.


4. Download and Install SonarQube 

* Install the zip utility, which is needed to unzip the SonarQube files.

sudo apt install -y zip

Locate the latest download URL from SonarQube official download page


Download the SonarQube distribution files.

sudo wget hhttps://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-

Unzip the downloaded file.

sudo unzip sonarqube-

Move the unzipped files to /opt/sonarqube directory 

sudo mv sonarqube- /opt/sonarqube

5. Add SonarqubeGroup and Group User.

* Create a sonar group

sudo groupadd sonar

Create a sonar user and set /opt/sonarqube as the home directory.

sudo useradd -d /opt/sonarqube -g sonar sonar

Grant the sonar user access to the /opt/sonarqube directory.

sudo chown sonar:sonar /opt/sonarqube -R

6. Configure SonarQube

Edit the SonarQube configuration file.

sudo nano /opt/sonarqube/conf/sonar.properties

Step 1: Find the following lines.


Step 2: Uncomment the lines, and add the database user sonar and password my_password you created in Section 3.


Step 3: Below those two lines, sonar.jdbc.url


Step 4: Save and exit the file.

Edit the sonar script file.

sudo nano /opt/sonarqube/bin/linux-x86-64/sonar.sh

Step 1: About 50 lines down, locate this line.


Uncomment the line and change it to


Save and exit the file

7. Setup Systemd Service

Create a systemd service file to start SonarQube at system boot.

sudo nano /etc/systemd/system/sonar.service

Step 1: Paste the following lines to the file.


Description=SonarQube service
After=syslog.target network.target
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop

Step 2: Save and exit the file.

Enable the SonarQube service to run at system startup.

sudo systemctl enable sonar

Start the SonarQube service.

sudo systemctl start sonar

Check the service status.

sudo systemctl status sonar

8. Modify Kernel System Limits 

Edit the sysctl configuration file.

sudo nano /etc/sysctl.conf

Step 1: Add the following lines

ulimit -n 65536
ulimit -u 4096

Step 2: Save and exit the file.

Reboot the system to apply the changes.

sudo reboot

9. Access SonarQube Web Interface

Access SonarQube in a web browser at your server's IP address on port 9000. For example:


After logging in with the username 'admin' and password 'admin,' SonarQube will prompt you to update your password."

10. Make SonarQube more secure.

After logging in, you can change the username and password. Generate a token for a specific user by clicking the button in the Security column and giving it a name. Remember to keep this token secure, as you'll need it when you run the code scanner.

11. Setting Up the Code Scanner

Create a directory for the scanner

sudo mkdir /opt/sonarscanner

Enter into that directory

cd /opt/sonarscanner

Download the SonarQube scanner for Linux using wget

sudo wget https://binaries.sonarsource.com/Distribution/sonar-scanner/sonar-scanner-

Extract the scanner

sudo unzip sonar-scanner-	

Delete the zip archive file

sudo rm sonar-scanner-

Afterwards, you will need to adjust a few settings to configure the scanner for your server installation. Open the configuration file for editing.

sudo nano sonar-scanner-

Step 1: Initially, specify to the scanner where it should submit the code analysis results. Uncomment the line that begins with 'sonar.host.url' and configure it with the URL of your SonarQube server


Step 2: Save and close the file.

Make the scanner binary executable:

sudo chmod +x sonar-scanner-

Establish a symbolic link for convenient access to the scanner without needing to specify the full path.

sudo ln -s /opt/sonarscanner/sonar-scanner- /usr/local/bin/sonar-scanner

12. Run a scan on your code.
Create a new project.

 How to Use Sonarqube for Improving Code Quality-cybrosys

Create a token after creating the project. Further, you will get a window like this showing the generated token:

 How to Use Sonarqube for Improving Code Quality-cybrosys

You’re ready to run a code quality analysis on your own code. Run sonar-scanner again, passing your token. For this, you can paste commands shown in the window onto your project terminal.

Once the scan is complete, you’ll see a summary screen similar to this:

 How to Use Sonarqube for Improving Code Quality-cybrosys

* A scanned report of the project will be available in the dashboard.

 How to Use Sonarqube for Improving Code Quality-cybrosys

You can view the line of codes on which errors or warnings occurred in the issues column. Rules and coding standards of different languages are available in the rules column.

If you need any assistance in odoo, we are online, please chat with us.


Leave a comment




Cybrosys Technologies Pvt. Ltd.
Neospace, Kinfra Techno Park
Kakkancherry, Calicut
Kerala, India - 673635



Cybrosys Technologies Pvt. Ltd.
1st Floor, Thapasya Building,
Infopark, Kakkanad,
Kochi, India - 682030.



Cybrosys Techno Solutions
The Estate, 8th Floor,
Dickenson Road,
Bangalore, India - 560042

Send Us A Message