Clean, secure, and controlled code
Automatically detect bugs, vulnerabilities, and technical debt in your code with SonarQube, installed and maintained by DINAO. Your source code stays on our French servers, never exposed to a third-party cloud.
What is SonarQube?
SonarQube is a static code analysis platform that inspects your source code to detect bugs, security vulnerabilities, and code smells across more than 35 programming languages. It brings together quality monitoring (reliability, maintainability, duplication, test coverage) and security analysis (vulnerability detection, security hotspots) in a single dashboard.
The Community edition, open source, runs as a self-hosted server backed by a PostgreSQL database. SonarQube integrates naturally with CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins) and enforces Quality Gates that block non-compliant code before it reaches production. It is the reference tool for managing technical debt and application security within a development team.
Host SonarQube at DINAO
Resource tiers compatible with SonarQube prerequisites (minimum 2 vCPU / 2 Go / 10 Go). Hosted in France, fully managed.
- 2 dedicated vCPU
- 4 Go RAM
- 40 GB NVMe
- Daily backups
- Managed & monitored by DINAO
- 4 dedicated vCPU
- 8 Go RAM
- 80 GB NVMe
- Daily backups
- Managed & monitored by DINAO
- 8 dedicated vCPU
- 16 Go RAM
- 160 GB NVMe
- Daily backups
- Managed & monitored by DINAO
1 hidden tier(s) (insufficient resources for this app) : Découverte
Technical details
You might be wondering…
Which languages can SonarQube analyze?
The Community edition covers more than 35 languages including Java, JavaScript/TypeScript, Python, PHP, C#, Go, and Kotlin. Ideal for polyglot repositories.
Does my source code leave your servers?
No. The analysis runs entirely on your instance hosted in France. Your code is never sent to a foreign cloud, unlike SaaS offerings.
Can I integrate it into my CI/CD?
Yes. SonarQube connects to GitLab CI, GitHub Actions, Jenkins, and other pipelines to automatically analyze each build and enforce Quality Gates.
What is the difference with the Community edition?
The Community edition, open source, covers basic quality and security analysis. Some advanced features (branch analysis, extended taint analysis) belong to commercial editions — to be evaluated together based on your needs.
Do I need a team to operate it?
No for the infrastructure: DINAO handles installation, the PostgreSQL database, security, and updates. Your developers just need to connect their projects.