Easily deploy SonarQube Server in Azure

Technical Debt is a growing problem for many development teams, and as these teams embrace DevOps, the problem is becoming more pronounced. And while SonarQube is a great tool for resolving this problem, it does pose its own issues with deployment.

What problem does this solution  solve?

SonarSource and Microsoft have provided a good integration of SonarQube with Team Services build tasks for MSBuild and Java. However, this requires a SonarQube server running in the Cloud, or a private agent if you install your SonarQube server on premise. Indeed, the biggest roadblock to adoption for many organizations is the configuration and steps required to deploy a SonarQube instance and, in the case of the cloud, securing it. For many, deploying SonarQube, in an on-premise world is easier to secure behind a firewall. But when deploying to a cloud environment with public endpoints, securing it can be a major hurdle.

We are providing the start of a solution to make it easier for you to deploy a SonarQube installation in Azure. Currently in its beta form, this does not create a secured instance. But the intention of this project is eventually to provide a secured instance that can easily be deployed and leveraged by TFS or your VSTS tenant.

This solution leverages Azure Resource Manager (ARM) templates, and PowerShell DSC (Desired State Configuration) to automate the creation of the necessary components to stand up a SonarQube installation to support your development environment.

Azure Resource Manager provisions  your applications using a declarative template. In a single template, you can deploy multiple services along with their dependencies. You use the same template to repeatedly deploy your application during every stage of the application lifecycle.

How do I make use of it?

You can access this template on the Azure.com documentation site or from the Azure Quickstart Templates GitHub repo.  In either case you can click the Deploy to Azure button to deploy the template to your Azure subscription.

To deploy this template click on the Deploy to Azure button. This will launch the Azure Portal and you will be prompted to provide values for the parameters below.

AzureGallery (002)

The deployment in Azure can take up to 60 minutes. At the end of the deployment, SonarQube will be configured to run as a Windows Service on the SonarQube VM. When the SonarQube service starts for the first time, it will configure its database. This can take an additional 15 minutes  to complete during which time the Azure deployment shows as completed but you still won't be able to reach the SonarQube home page. Please give SonarQube some time to update.

Once the deployment and configuration have finished you will be able to access your SonarQube by entering its public address into a browser. The address format is:



Parameter Descriptions

Parameter Name Description Default value
sqVM_AppName Name of the VM that SonarQube will be installed upon. None
sq_PublicIP_DnsPrefix The prefix of the public URL for the VM on the Internet (Max 63 chars, lower-case). It should match with the following regular expression: ^[a-z][a-z0-9-]{1,61}[a-z0-9]$ or it will raise an error. This will be used to build the fully qualified URL for the SonarQube site in the form of https://[sq_PublicIP_DnsPrefix].[AzureRegion].cloudapp.azure.com Ex: A value of "my-sonarqube" will result in a URL of https://my-sonarqube.eastus.cloudapp.azure.com if the ARM template is deployed into a storage account hosted in the EASTUS Azure region. None
sqVM_AppAdmin_UserName Local Admin account name for the SonarQube VM. None
sqVM_AppAdmin_Password Password for the SonarQube VM Local Admin account. None
sqDB_Admin_UserName Admin account name for Azure SQL Server. None
sqDB_Admin_Password Password for Azure SQL Server Admin account None
sqDB_DBName Name of the SonarQube DB on the Azure SQL Server sonarsql
sqDB_DBEdition Edition of Azure SQL Server to create, Allowed Values: Basic, Business, Premium, Standard, Web Basic
sqStorage_AcctType Type of Azure Storage Acct to create, Standard_LRS, Standard_ZRS, Standard_GRS, Standard_RAGRS, Premium_LRS Basic

What’s planned?

This Beta release deploys a SonarQube Server installation that is not secured, SonarQube Server runs over HTTP [Be warned that data sent can be intercepted and viewed]. While there are multiple ways to secure SonarQube server and force the communication to happen over HTTPS, our plan is to secure the installation by implementing an IIS Reverse Proxy on the SonarQube VM. This is planned for a future release, hopefully in the full v1.0 version.

If you wish to manually configure IIS on your deployed SonarQube installation, please see Running SonarQube behind a reversed proxy.

We look forward to hearing from you

We need your feedback. Here are some ways to connect with us: