← Back to catalog SonarQube · managed by DINAO

Clean, secure, and controlled code

Automatically detect bugs, vulnerabilities, and technical debt in your code with SonarQube, installed and maintained by DINAO. Your source code stays on our French servers, never exposed to a third-party cloud.

Hosted in France35+ languages analyzedSecurity & SASTGDPR CompliantOfficial Docker image
Overview

What is SonarQube?

SonarQube is a static code analysis platform that inspects your source code to detect bugs, security vulnerabilities, and code smells across more than 35 programming languages. It brings together quality monitoring (reliability, maintainability, duplication, test coverage) and security analysis (vulnerability detection, security hotspots) in a single dashboard.

The Community edition, open source, runs as a self-hosted server backed by a PostgreSQL database. SonarQube integrates naturally with CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins) and enforces Quality Gates that block non-compliant code before it reaches production. It is the reference tool for managing technical debt and application security within a development team.

Compatible offers

Host SonarQube at DINAO

Resource tiers compatible with SonarQube prerequisites (minimum 2 vCPU / 2 Go / 10 Go). Hosted in France, fully managed.

Standard
2 vCPU · 4 Go · 40 Go
19,90 € /month excl. VAT
  • 2 dedicated vCPU
  • 4 Go RAM
  • 40 GB NVMe
  • Daily backups
  • Managed & monitored by DINAO
Order
Dédié
8 vCPU · 16 Go · 160 Go
79,90 € /month excl. VAT
  • 8 dedicated vCPU
  • 16 Go RAM
  • 160 GB NVMe
  • Daily backups
  • Managed & monitored by DINAO
Order

1 hidden tier(s) (insufficient resources for this app) : Découverte

Under the hood

Technical details

vCPU
2 vCPU
ideal : 4 vCPU
Memory
2 Go
ideal : 8 Go
Disk
10 Go
ideal : 50 Go
Image : docker.io/library/sonarqube:community Registry : Docker Hub Services : sonarqube, db Ports : 9000
FAQ

You might be wondering…

Which languages can SonarQube analyze?

The Community edition covers more than 35 languages including Java, JavaScript/TypeScript, Python, PHP, C#, Go, and Kotlin. Ideal for polyglot repositories.

Does my source code leave your servers?

No. The analysis runs entirely on your instance hosted in France. Your code is never sent to a foreign cloud, unlike SaaS offerings.

Can I integrate it into my CI/CD?

Yes. SonarQube connects to GitLab CI, GitHub Actions, Jenkins, and other pipelines to automatically analyze each build and enforce Quality Gates.

What is the difference with the Community edition?

The Community edition, open source, covers basic quality and security analysis. Some advanced features (branch analysis, extended taint analysis) belong to commercial editions — to be evaluated together based on your needs.

Do I need a team to operate it?

No for the infrastructure: DINAO handles installation, the PostgreSQL database, security, and updates. Your developers just need to connect their projects.