Sonar as a Service (SQS)

Sonar as a Service based on SonarQube is an open-source tool for continuous code quality inspection. Together with Jenkins, Gerrit and Artifactory, it creates a complete CI/CD environment for the EPAM Systems development community.

Sonar as a Service supports SonarQube version 7.

For more details on working with SonarQube, visit the official SonarQube website.

Have a Question?

The current page gives the general information on the service and the main workflows. However, while working with the services, our users encounter new questions they need assistance with. The most frequently asked questions on EPAM Cloud Services are gathered on the Cloud Services FAQ page.
Visit the page to check whether we have a ready answer for your question.

Related CLI Commands

The table below provides the list of service-related commands and their descriptions:

Command Short Command Description
or2-manage-service...-s sonar -a or2ms Activates the Sonar service in the specified project and region
or2-describe-instances...-S sonar or2din Displays the details of VMs created during the service activation
or2-describe-services...-S sonar or2dser Describes the Sonar service activated in the specified project and region
or2-sonar-quality-profiles… -a create -n name -l language or2sqp Creates a Sonar quality profile for the specified project and region
or2-sonar-quality-profiles… -a activate-rules -q quality_profile_key -R rule_key or2sqp Activates a Sonar rule for the specified quality profile
or2-sonar-rules... or2sr Retrieves Sonar rules from the specified repository or quality profile

Further on this page, you can find more details on the Sonar service manipulation.

Service Activation and Manipulation

To activate Sonar as a Service, use the or2-manage-service (or2ms) command with the -a/--activate flag and the -s/--service-name parameter with the sonar value:

or2ms -p project -r region -a -s sonar

By default, the service starts SonarQube version 5.6. To start version 5.2, add the -v/--version parameter to the or2ms command:

or2ms -p project -r region -a -s sonar -v 5.2

Sonar as a Service is not supported in AWS-type regions.

The service, when activated, by default starts a Sonar server VM with the following configuration:

  • Image: Ubuntu20.04 64-bit
  • Shape: MEDIUM

During the service activation, a PostgreSQL database is installed on the same virtual machine.

You can find the details on the VMs created within the service activation, by calling the or2-describe-instances (or2din) with the -S sonar parameter or or2-describe-services (or2dser) commands with -s sonar parameter:

or2din -p project -r region -S sonar

Sonar Quality Profiles

After activating Sonar as a Service, you can set up a Sonar quality profile for your project and populate it with rules by which the code quality will be verified.

To set up a Sonar quality profile, use the or2-sonar-quality-profiles (or2sqp) command with the -a create option. Specify the project and region to which the quality profile is to apply, the quality profile name and the profile language:

or2sqp -p project -r region -a create -n profile_name -l language

During a quality profile creation, a profile key is generated to be used in all further profile management actions:

You can use the same command to retrieve the list of all quality profiles set for the project and region (just send the -p project and -r region parameters) or delete a quality profile (send the -a delete parameter and specify the key of the profile to be deleted).

To activate Sonar rules for a quality profile, use the or2-sonar-quality-profiles (or2sqp) command with the -a activate-rules parameter. The command should contain one or several keys of the rules to be activated:

or2sqp -p project -r region -a activate-rules -q quality_profile_key -R rule_key1 -R rule_key2

The same command with the -a deactivate-rules parameter will deactivate the rules with the specified keys.

Sonar Rules

To retrieve the Sonar rules from a repository or a quality profile, use the or2-sonar-rules(or2sr) command. For example, to obtain the list of Sonar rules from a repository run the command as follows:

or2sr -p project -r region -R repository -n page_number

To retrieve Sonar rules from a quality profile, send the -q quality_profile_key parameter instead of -R repository.

Web UI

Once the Sonar service has been activated, you can access its Web UI. The URL, login and password can be found in the response to the or2dser command. The password is generated dynamically for each Sonar instance.

In addition, Sonar supports integration with Active Directory with users added to static groups where the permissions are applied to the entire group. Groups are to be created and configured according to the Group Mapping rules.

Use these credentials to login to the SonarQube Web UI.


The service usage price is defined by the price of the VM on which Sonar is running.

The default parameters of a Sonar instance are:

  • Shape: MEDIUM
  • Image: Ubuntu 20.04 64-bit

Therefore, the approximate monthly cost of a Sonar server with 100% and 24/7 load is about $30.64 in EPAM-BY2 region (as to July 2020). The price can vary depending on the region and the usage pattern.
To get more detailed estimations, please, use our Cost Estimator tool.


More information on the Sonar Service can be found in the EPAM Cloud Services Guide. For detailed description of the Maestro CLI commands used to manage the Sonar Service, refer to the Maestro CLI User Guide.