Must-share information (formatted with Markdown):
- 9.9.8-community and 25.2.0.102705-community
- how is SonarQube deployed: Docker
- what are you trying to achieve
I want to upgrade my docker compose setup from 9.9.8 to 25.2, but I’m getting a permission denied error regarding theentrypoint.sh.
I’ve observed the following changes between the Dockerfile of 9.9.8 and 25.2:
- group
sonarqubewith gid 1000 is no longer used (not relevant for the issue) /opt/sonarqubeand the volumes are longer accessible for others
Up 'til now, I’ve configured my docker-compose.yml so that sonarqube is run under a uid I’ve under control on the host:
services:
sonarqube:
image: sonarqube:9.9.8-community
container_name: sonarqube
depends_on:
- db
user: "201:201"
environment:
SONAR_WEB_JAVAADDITIONALOPTS: -Djavax.net.ssl.trustStore=/opt/sonarqube/data/truststore.jks -Djavax.net.ssl.trustStorePassword=changeit
SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
SONAR_JDBC_USERNAME: sonar
SONAR_JDBC_PASSWORD: sonar
...
volumes:
- ./data:/opt/sonarqube/data
- ./extensions:/opt/sonarqube/extensions
- ./logs:/opt/sonarqube/logs
...
But this doesn’t work with the current version.
I still do not want to use uid 1000, as this is uid is already in use on the host. What is the recommended approach in this case?
- what have you tried so far to achieve this
I’ve tried a wrapper Dockerfile:
FROM sonarqube:25.2.0.102705-community
USER root
RUN usermod -u 201 sonarqube && \
chown -R sonarqube "${SONARQUBE_HOME}"
VOLUME ["${SQ_DATA_DIR}", "${SQ_EXTENSIONS_DIR}", "${SQ_LOGS_DIR}", "${SQ_TEMP_DIR}"]
USER sonarqube
But this doesn’t work. /opt/sonarqube/temp is still owned by 1000:0 with mode 07700, as I’m not mounting this volume. I don’t know, why my recursive chown doesn’t work for this folder.