In this post, I will walk you through some of the best practices that helps you to complete post deployment configuration of SonarQube.

Change Admin Password

First Thing First

Post-deployment login into SonarQube using following default credentials for SonarQube.

  • user: admin
  • password: admin

After login, go to the administration and select security - users

Change Admin Password

Change Password

New Admin Password

Force authentication

Force authentication

After enabling the force security option no one able to see the project’s analysis summary without login.

Configure Server base URL

Add user

Create Project

SonarQube provides 2 ways to create a project.

CreateProject

Provide Project Key (without space) and Display Name.

Create Project Setup

This key will require when you will configure the Sonarqube with Azure Pipelines.

Create Project Setup

Configure Tokens

Recommanded

If you want to enforce security by not providing credentials of a real SonarQube user to run your code scan or to invoke web services, you can provide a User Token as a replacement of the user login. This will increase the security of your installation by not letting your analysis user’s password going through your network.

These tokens are used to create Service endpoint with Azure DevOps.

Administrator - My Account - Security

Token

You can have 1 token across the projects or you can have individual tokens.

Token1

Token2

Create and Add Users

Create User

SonarQube allows creating local users

Add user

Add user

Add user

Add User to project

Add user to project

Add user to project with desired permissions by selecting the checkbox.

Add user to project

Let’s assign this user Execute Analysis Permission and see the difference.

Add user to project

Menu options are limited now.

Configure with AAD

Refer sonar-auth-aad document to configure AAD authentication for SonarQube.

Work with Azure DevOps Pipeline

Refer MS Documentation to configure SonarQube server with Azure DevOps pipeline.

Other Readings

Related Posts

About Ajeet Chouksey

With a robust background spanning more than 18 years, I am an adept Azure and Azure DevOps architect and engineer, dedicated to crafting Azure-centric solutions that prioritize customer requirements and agile methodologies. My expertise encompasses steering extensive cloud migration initiatives and advocating for Azure best practices, all aimed at streamlining costs and steering multinational teams towards success. Fueled by a passion for technological innovation, I am committed to perpetual learning, constantly advancing my proficiency in Azure, AI, MLOps, and Product Management to stay at the forefront of the industry..