sonarqube (2025.2.0-enterprise-patched)
Published 2025-04-15 09:53:24 +00:00 by friedkiwi
Installation
docker pull git.cyber.gent/friedkiwi/sonarqube:2025.2.0-enterprise-patchedsha256:165fa98966589f60fcb981494c2215c561020bed3b674e55e09ea16ede16b1acImage Layers
| ARG RELEASE |
| ARG LAUNCHPAD_BUILD_ARCH |
| LABEL org.opencontainers.image.ref.name=ubuntu |
| LABEL org.opencontainers.image.version=24.04 |
| ADD file:1d7c45546e94b90e941c5bf5c7a5d415d7b868581ad96171d4beb76caa8ab683 in / |
| CMD ["/bin/bash"] |
| ENV JAVA_HOME=/opt/java/openjdk |
| ENV PATH=/opt/java/openjdk/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin |
| ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 |
| RUN /bin/sh -c set -eux; apt-get update; DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends curl wget gnupg fontconfig ca-certificates p11-kit tzdata locales ; echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen; locale-gen en_US.UTF-8; rm -rf /var/lib/apt/lists/* # buildkit |
| ENV JAVA_VERSION=jdk-21.0.6+7 |
| RUN /bin/sh -c set -eux; ARCH="$(dpkg --print-architecture)"; case "${ARCH}" in amd64) ESUM='7fc9d6837da5fa1f12e0f41901fd70a73154914b8c8ecbbcad2d44176a989937'; BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.6%2B7/OpenJDK21U-jre_x64_linux_hotspot_21.0.6_7.tar.gz'; ;; arm64) ESUM='f1b78f2bd6d505d5e0539261737740ad11ade3233376b4ca52e6c72fbefd2bf6'; BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.6%2B7/OpenJDK21U-jre_aarch64_linux_hotspot_21.0.6_7.tar.gz'; ;; ppc64el) ESUM='381e31581af3858d4c471829c3da3263e83dfe8ac5d36b58403babb57f6e202c'; BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.6%2B7/OpenJDK21U-jre_ppc64le_linux_hotspot_21.0.6_7.tar.gz'; ;; riscv64) ESUM='a8d219a4a97f9c53ba88cb8927910005d4f3d08a87ab1bdebff921ef41afa93d'; BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.6%2B7/OpenJDK21U-jre_riscv64_linux_hotspot_21.0.6_7.tar.gz'; ;; s390x) ESUM='7165f6df22dcd8d5bb351560fb0eb0a507d2fc12897b3c8163a36f4eb34e47ce'; BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.6%2B7/OpenJDK21U-jre_s390x_linux_hotspot_21.0.6_7.tar.gz'; ;; *) echo "Unsupported arch: ${ARCH}"; exit 1; ;; esac; wget --progress=dot:giga -O /tmp/openjdk.tar.gz ${BINARY_URL}; wget --progress=dot:giga -O /tmp/openjdk.tar.gz.sig ${BINARY_URL}.sig; export GNUPGHOME="$(mktemp -d)"; gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B; gpg --batch --verify /tmp/openjdk.tar.gz.sig /tmp/openjdk.tar.gz; rm -rf "${GNUPGHOME}" /tmp/openjdk.tar.gz.sig; echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; mkdir -p "$JAVA_HOME"; tar --extract --file /tmp/openjdk.tar.gz --directory "$JAVA_HOME" --strip-components 1 --no-same-owner ; rm -f /tmp/openjdk.tar.gz; find "$JAVA_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; ldconfig; java -Xshare:dump; # buildkit |
| RUN /bin/sh -c set -eux; echo "Verifying install ..."; echo "java --version"; java --version; echo "Complete." # buildkit |
| COPY --chmod=755 entrypoint.sh /__cacert_entrypoint.sh # buildkit |
| ENTRYPOINT ["/__cacert_entrypoint.sh"] |
| LABEL io.k8s.description=SonarQube Server is a self-managed, automatic code review tool that systematically helps you deliver Clean Code. |
| LABEL io.openshift.min-cpu=400m |
| LABEL io.openshift.min-memory=2048M |
| LABEL io.openshift.non-scalable=true |
| LABEL io.openshift.tags=sonarqube,static-code-analysis,code-quality,clean-code |
| LABEL org.opencontainers.image.url=https://github.com/SonarSource/docker-sonarqube |
| ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 |
| ARG SONARQUBE_VERSION=2025.2.0.105476 |
| ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/CommercialDistribution/sonarqube-enterprise/sonarqube-enterprise-2025.2.0.105476.zip |
| ENV DOCKER_RUNNING=true JAVA_HOME=/opt/java/openjdk SONARQUBE_HOME=/opt/sonarqube SONAR_VERSION=2025.2.0.105476 SQ_DATA_DIR=/opt/sonarqube/data SQ_EXTENSIONS_DIR=/opt/sonarqube/extensions SQ_LOGS_DIR=/opt/sonarqube/logs SQ_TEMP_DIR=/opt/sonarqube/temp |
| ENV ES_TMPDIR=/opt/sonarqube/temp |
| RUN |2 SONARQUBE_VERSION=2025.2.0.105476 SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/CommercialDistribution/sonarqube-enterprise/sonarqube-enterprise-2025.2.0.105476.zip /bin/sh -c set -eux; deluser ubuntu; useradd --system --uid 1000 --gid 0 sonarqube; apt-get update; apt-get --no-install-recommends -y install bash curl fonts-dejavu gnupg unzip; echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; for server in $(shuf -e hkps://keys.openpgp.org hkps://keyserver.ubuntu.com) ; do gpg --batch --keyserver "${server}" --recv-keys 679F1EE92B19609DE816FDE81DB198F93525EC1A && break || : ; done; mkdir --parents /opt; cd /opt; curl --fail --location --output sonarqube.zip --silent --show-error "${SONARQUBE_ZIP_URL}"; curl --fail --location --output sonarqube.zip.asc --silent --show-error "${SONARQUBE_ZIP_URL}.asc"; gpg --batch --verify sonarqube.zip.asc sonarqube.zip; unzip -q sonarqube.zip; mv "sonarqube-${SONARQUBE_VERSION}" sonarqube; rm sonarqube.zip*; rm -rf ${SONARQUBE_HOME}/bin/*; ln -s "${SONARQUBE_HOME}/lib/sonar-application-${SONARQUBE_VERSION}.jar" "${SONARQUBE_HOME}/lib/sonarqube.jar"; chown -R sonarqube:root ${SONARQUBE_HOME}; chown -R sonarqube:root "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}"; chmod -R 550 ${SONARQUBE_HOME}; chmod -R 770 "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}"; apt-get remove -y gnupg unzip; rm -rf /var/lib/apt/lists/*; # buildkit |
| VOLUME [/opt/sonarqube/data /opt/sonarqube/extensions /opt/sonarqube/logs /opt/sonarqube/temp] |
| COPY --chown=root:root --chmod=555 entrypoint.sh /opt/sonarqube/docker/ # buildkit |
| WORKDIR /opt/sonarqube |
| EXPOSE map[9000/tcp:{}] |
| USER sonarqube |
| STOPSIGNAL SIGINT |
| ENTRYPOINT ["/opt/sonarqube/docker/entrypoint.sh"] |
| COPY dvt-SonarQube-KeyMaker.jar /tool.jar |
| COPY patch.sh /patch.sh |
| RUN /patch.sh |
| RUN rm -v /tool.jar /patch.sh |
Labels
| Key | Value |
|---|---|
| io.k8s.description | SonarQube Server is a self-managed, automatic code review tool that systematically helps you deliver Clean Code. |
| io.openshift.min-cpu | 400m |
| io.openshift.min-memory | 2048M |
| io.openshift.non-scalable | true |
| io.openshift.tags | sonarqube,static-code-analysis,code-quality,clean-code |
| org.opencontainers.image.ref.name | ubuntu |
| org.opencontainers.image.url | https://github.com/SonarSource/docker-sonarqube |
| org.opencontainers.image.version | 24.04 |
Details
Versions (3)
View all