aloknecessary/sonar-dotnet-v9.0
A production-ready, multi-architecture Docker image for running SonarQube analysis on .NET projects, preloaded with all required tooling to eliminate repetitive setup in CI pipelines.
SonarQube .NET Analyzer Image
A production-ready, multi-architecture Docker image for running SonarQube analysis on .NET projects, preloaded with all required tooling to eliminate repetitive setup in CI pipelines.
This image is designed for GitHub Actions (container jobs) and self-hosted runners, providing faster, deterministic Sonar analysis with minimal workflow complexity.
What’s Included
- .NET SDK 9.0
- OpenJDK 17 (required for SonarQube)
- dotnet-sonarscanner 5.13.0
- Non-root default user (UID 1001) to avoid permission issues
- OCI-compliant metadata labels
- Multi-architecture support
Why Use This Image?
Typical Sonar workflows repeatedly:
- Install Java
- Install SonarScanner
- Fix root-owned workspace permissions
This image bakes all of that in, resulting in:
- Faster pipeline execution
- Deterministic builds
- Cleaner GitHub Actions YAML
- No post-job
chown/chmodworkarounds
Supported Architectures
| Architecture | Supported |
|---|---|
| amd64 | ✅ |
| arm64 | ✅ |
Built using Docker Buildx and published as a single multi-platform manifest.
Tags
| Tag | Description |
|---|---|
latest |
Latest stable release |
X.Y.Z |
Versioned release aligned with Git tags |
It is recommended to pin to a version tag for production pipelines.
Usage Example (GitHub Actions)
jobs:
sonar:
runs-on: [self-hosted, sonar]
container:
image: aloknecessary/sonar-dotnet-v9.0:latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Analyze with SonarQube
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
run: |
dotnet-sonarscanner begin \
/k:"my-project-key" \
/d:sonar.login="$SONAR_TOKEN" \
/d:sonar.host.url="$SONAR_HOST_URL"
dotnet build
dotnet-sonarscanner end \
/d:sonar.login="$SONAR_TOKEN"