Message-ID: <245314465.157.1417164694679.JavaMail.email@example.com> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_156_1419830047.1417164694679" ------=_Part_156_1419830047.1417164694679 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
This analyzer is recommended to launch analysis on Java Maven project.= p>
Analyzing a Maven project consists of running a Maven goal:
sonar in the directory where the pom.xml file sits.
A pom.xml file sample is available here.
Additional analysis parameters are listed on the Analysis Parameters page.
Any user who's granted Execute Analysis permission can run an analysis.
If the Anyone group is not granted Execute A=
nalysis permission or if the SonarQube instance is secured (the
eAuthentication property is set to
true), the credentials of a user having been granted Execut=
e Analysis permission have to be provided through the
sonar-runner -Dsonar.login=3DmyLogin -Dsonar.passwor=
Note that for a preview/increme= ntal analysis, the user also has to be granted the Browse = ;permission on the project to be analyzed.
If a project cannot be accessed anonymously, the
sonar.password properties =
are required to run an analysis on this project. These properties have to b=
e set to the credentials of a user having the User role =
on this project. You can set them either:
-Dsonar.login=3DmyLog= in -Dsonar.password=3DmyPassword
A project cannot be anonymously accessed when either:
sonar.forceAut= henticationproperty is set to
sonar.force= Authenticationproperty is set to
false&n= bsp;and the Anyone group has not been granted a User role on the project
There is no security restriction.
You can either:
To help you get started, a simple = project sample is available on github that can be browsed<= span style=3D"color: rgb(51,51,51);"> or d= ownloaded: project= s/languages/java/maven/java-maven-simple
It is recommended to lock down= versions of Maven plugins. Two versions of the Sonar maven plugin exis= t, one for Maven 2 and one for Maven 3. Fixing its version depends on the M= aven versions used to analyse the project:
Add the following code to the pom.xml file:=20 =20 =20
Since SonarQube 4.2, it is possible to run an analysis on a multi-langua=
ge project. To do so, the
sonar.language property ju=
st has to be removed. Conversely, if for some reason you want to perfo=
rm a single language-only analysis, make sure
sonar.language is specified. By default the
sonar.sources property i=
s set to the value of the Maven
sourceDirectory property (by d=
efault it is src/main/java). Therefore, for a multi-language =
project, the property usually has to be overridden to:
The first step is to choose which one of these two mono-language project= s you will convert to a multi-language project. You will lose the history (= timeline, false positives, action plans, etc.) on the one that won't get co= nverted to a multi-language project. In this example, we'll choose to conve= rt the Java project to a multi-language project as most of our code (and th= erefore history) is Java.
The second step is to run another analysis of this Java project the old =
way (make sure to explicitly set the
java). This step is mandatory to keep the his=
tory on the project.
The third and last step is to remove the
sonar.language property and set the
sonar.sources property t=
You can now run another analysis. You will finally be able to browse your =
first multi-language project!