Quickstart guide for Enterprises
A checklist for administrators setting up their initial installation of SonarQube Server Enterprise edition.
If you are installing developer edition please check out the Quickstart guide.
Required Infrastructure
A dedicated VM or container is recommended for each of the following:
SonarQube Application Server From ZIP file or From Docker image
External Database, see Installing database
Reverse Proxy to enforce HTTPS (i.e. Nginx or IIS)
Caution: Self-signed certificates are not recommended. For further information, see Reverse Proxy below.
See Server host requirementsfo more details.
Please refer to the following reference architectures for sizing estimates Up to 10 M LOC and Up to 50 M LOC.
Required Networking
Network connectivity is required from all SonarScanners to the SonarQube Server. Additionally, ensure your SonarQube Server can connect to your self-hosted or Cloud DevOps platform.
Advanced Security requires an outbound connection to URLs listed here.
Required Software
SonarQube Server Enterprise
Java 21 or 25
Ensure all build agents support Java 21 (recommended), as it is required to run the latest versions of the SonarScanners
Identify and provision the correct SonarScanners for your primary technology stacks
Sonar’s Build Wrapper for analyzing C/C++ Code
Verify that necessary build tools are installed and configured on the build agents
Node.js for analyzing JS code
.NET Core, .NET Framework, or Nuget for analyzing C# code - see here for requirements
For Azure DevOps Pipelines, install the SonarQube extension from the Azure Marketplace
For Advanced Security, additional build tools may be required for generating lock files for SCA analysis
For AI Enabled workflows, SonarQube MCP Server is available as a Docker container
Installation Steps
SonarQube Server can be installed Server From ZIP fileon aor From Docker image to a container. See Try out SonarQube Serverfor help once you are ready to install SonarQube Server.
To connect SonarQube to an external database, provide the configuration to the SonarQube server on startup. The configuration can be provided via the sonar.properties configuration file or via environment variables. If your SonarQube installation fails to start due to database connection issues, please set the log level to DEBUG, restart the SonarQube server, and check the Server logs for error messages related to the database connection.
DevOps Platform integration
A SonarQube Application must be installed in your organization or workspace for Github, see Setting up GitHub integration at global level
A Personal Access Token (PAT) is required for Azure DevOps, Bitbucket, and GitLab.
Reverse Proxy
By default, SonarQube communicates via HTTP. To enforce mandatory HTTPS, the server must sit behind a Reverse Proxy. See Securing behind a proxy for more details. Caution: Self-signed certificates are not recommended as they require extra setup on every CI build agent's JVM trust store. For more information, please refer to these TLS certificates on client side.
Advanced Security
Advanced Security is only available on SonarQube Server v2025.3 or later
To enable Advanced Security , navigate to Administration > Configuration > General > Advanced Security and click "Enable Advanced Security". SonarQube Advanced Security requires an outbound network connection. You can find out more about the connectivity requirements here.
Develop with Sonar
Now that you have installed SonarQube Server with your DevOps platforms or CI pipeline, managers and tech leads can check out the Security reports and Portfolios features to begin monitoring the security and releasability of projects.
Related online learning
Last updated
Was this helpful?