Forge Home


SonarQube installation and configuration


442 latest version

4.7 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 5.3.0 (latest)
  • 5.2.0
released Aug 8th 2023
This version is compatible with:
  • Puppet Enterprise 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
  • Puppet >= 7.0.0 < 9.0.0
  • , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'markt-sonarqube', '5.3.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add markt-sonarqube
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install markt-sonarqube --version 5.3.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



markt/sonarqube — version 5.3.0 Aug 8th 2023


Build Status Puppet Forge Puppet Forge

Table of Contents

  1. Overview
  2. Usage
  3. Reference
  4. Development
  5. License


A puppet module to install and configure SonarQube (former Sonar).

The main goal is compatibility with the latest LTS release of SonarQube. Older versions are not supported. However, newer versions should usually work too.


Basic usage

The minimum configuration should at least specify the desired version:

class { 'java': }
class { 'sonarqube':
  version => '',

NOTE: The $version parameter expects a 4 digit version number (, which can be found on the SonarQube download page (hidden in the filename).

A more complex example could look like this:

class { 'java': }
class { 'sonarqube':
  version       => '',
  edition       => 'community',
  user          => 'sonar',
  group         => 'sonar',
  service       => 'sonar',
  installroot   => '/opt/sonar-install',
  home          => '/opt/sonar-data',
  log_folder    => '/var/log/sonar',
  download_url  => '',
  jdbc          => {
    url         => 'jdbc:h2:tcp://localhost:9092/sonar',
    username    => 'sonar',
    password    => 'secretpassword',
  web_java_opts => '-Xmx1024m',
  updatecenter  => 'true',
  http_proxy        => {
    host            => '',
    port            => '8080',
    ntlm_domain     => '',
    user            => '',
    password        => '',
    non_proxy_hosts => 'localhost|127.*|[::1]',
  sso             => {
    enable        => 'true',
    emailheader   => 'X-Forwarded-Email',
    groupsheader  => 'X-Forwarded-Groups',
    loginheader   => 'X-Forwarded-Login',
    nameheader    => 'X-Forwarded-Name',
    refreshintervalinminutes => '5',

SonarQube Plugins

The sonarqube::plugin defined type can be used to install SonarQube plugins. Plugins are available from many different sources, so this module supports multiple download sources as well. It will also purge old plugin versions.

A plugin can be removed by setting the parameter ensure to absent.

Probably the best source for plugins is SonarSource. To download and install one of these plugins, use the following example:

sonarqube::plugin { 'sonar-kotlin-plugin':
  version => '',

Be sure to use the full version number as demonstrated in this example. Check and for a list of available plugins.

If the plugin is hosted on GitHub, then you only need to provide a GitHub identifier, which is essentially a combination of the GitHub username and project name:

sonarqube::plugin { 'checkstyle-sonar-plugin':
  version => '4.31',
  ghid    => 'checkstyle/sonar-checkstyle',

Note that the GitHub project must provide jar files for its releases. Otherwise the download is prone to fail.

If none of these methods work, you may also specify a direct download URL, which should be seen as a last resort:

sonarqube::plugin { 'sonar-detekt':
  version => '2.0.0',
  url     => '',

Note that in this case the filename must exactly match the plugin name and version, otherwise this will not work.

Finally the old way to install plugins using Maven is still available, but it requires to set the $legacy parameter:

class { 'maven::maven': }

sonarqube::plugin { 'sonar-javascript-plugin':
  legacy  => true,
  groupid => 'org.sonarsource.javascript',
  version => '2.10',

The defunct maestrodev/puppet-maven module is required to make this work. And it is most likely not very useful on newer versions of SonarQube and may be removed in future versions of this module. (Please open an issue on GitHub if you think this is still useful.)

LDAP Configuration

The sonarqube class provides an easy way to configure security with LDAP, Crowd or PAM. Here's an example with LDAP:

$ldap = {
  url          => 'ldap://',
  user_base_dn => 'ou=Users,dc=mycompany,dc=com',
  local_users  => ['foo', 'bar'],

class { 'java': }
-> class { 'sonarqube':
  ldap    => $ldap,
  version => ''

# Do not forget to add the SonarQube LDAP plugin that is not provided out of
# the box on SonarQube versions older than 8.0. Same thing with Crowd or PAM.
sonarqube::plugin { 'sonar-ldap-plugin':
  version => '',


Classes and parameters are documented in



Please use the GitHub issues functionality to report any bugs or requests for new features. Feel free to fork and submit pull requests for potential contributions.

All contributions must pass all existing tests, new features should provide additional unit/acceptance tests.


Copyright 2019-2022 GmbH & Co. KG
Copyright 2011-2013 MaestroDev, Inc

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.