SonarQube kubernetes Pod Security Standards

isma · July 31, 2024, 8:57am

which versions are you using (SonarQube)

Hello , hope you’re doing great.
We are thinking of deploying our SonarQube on kubernetes and we’re not quite understanding the section of the Pod Security Standards.

in the version 9.9 LTA : Pod security standards doc 9.9 LTA

Should we set both Baseline and Restricted ?
Is it mandatory to have securityContext.privileged=true and securityContext.allowPrivilegeEscalation=true and also running as root ?

*If it is mandatory , why it is not mandatory in the version 10.6 ? Pod security standards DOC 10.6

can we use an external Elastic search ?

Thanks in advance

davi.vidal · July 31, 2024, 9:11am

Hi @isma, welcome to our community.

We made many improvements to ensure you can use our Helm charts in more restricted environments. That’s why you see different information on 10.6 compared to 9.9.

In terms of Pod Security Standards, it is up to the Kubernetes Administrator to choose which Standard to use. However, it’s important to note that if your cluster uses Baseline or Restricted standards, you may encounter some issues that are outlined in our production use-case notes, which need to be addressed.

This is currently not possible.

Topic		Replies	Views
6 rules to find security misconfigurations in your Kubernetes files Sonar Updates kubernetes , iac	6	2695	August 7, 2023
Is it possible to run SonarQube Helm chart without high privileges? SonarQube Server / Community Build helm	3	648	August 7, 2023
Support external Elasticsearch cluster Product Manager for a Day docker , elasticsearch , kubernetes	13	4990	October 24, 2024
Deploy SonarQube 10.0.0 in a non-privileged environment SonarQube Server / Community Build sonarqube	1	203	January 16, 2024
Running multiple Sonarqube pods SonarQube Server / Community Build sonarqube , kubernetes	5	1609	April 5, 2022

SonarQube kubernetes Pod Security Standards

Related topics