...

The plugin enables analysis of PHP projects within SonarSonarQube.

It is compatible with the Issues Report plugin to run pre-commit local analysis.

It relies on well-known external tools: PHPUnit, PHP Depend, PHPMD and PHP _ CodeSniffer.

Installation

1. Install the PHP Environment
2. Install the Sonar PHP plugin through the Update Center or download it into the SONAR SONARQUBE_HOME/extensions/plugins directory
3. Restart the Sonar SonarQube server

Usage

Run

...

anAnalysis with the

...

SonarQube Runner (Recommended Way)

To launch a Sonar run an analysis of your PHP project, use the Sonar SonarQube Runner.

Sample projects are available on GitHub that can be browsed or downloaded: /projects/languages/php.

...

You can also have a look at the SonarQube Runner documentation page to define a multi-module PHP project.

Run an Analysis with the other Analyzers

Maven and Ant can also be used to launch analysis on PHP projects.

...

sonar.phpPmd.skip=true
sonar.phpCodesniffer.skip=true
sonar.phpDepend.skip=true    # Deactiving the PHP Depend plugin is highly discouraged since all the basic metrics rely on it.
sonar.phpUnit.skip=true
sonar.phpUnit.coverage.skip=true

Configuring PHPUnit to be run by

...

SonarQube

To configure the execution of PHPUnit, you can set the following properties:

...

Key

...

Default value

...

Description

it is recommended to create a configuration file and set the path to this file with the sonar.phpUnit.configuration

...

property.

If a configuration file is not used, the following property can be set to configure the execution of PHPUnit:

...

To reuse existing reports from PHP Depend, PHPUnit, etc.:

1. Set the property 'sonar.<external_tool>.analyzeOnly' property to 'true'
2. Set the 'sonar.<external_tool>.reportFileName' path to the name of the reportSet the 'report in sonar.<external_tool>.reportFileRelativePath' reportPath. Path is relative to the path where the report has been placedbase directory (where you for a mono-module project...

#PHPMD
sonar.phpPmd.analyzeOnly=true
sonar.phpPmd.reportFileName=myPmdReport.xml 
#default is logs; parent is $PROJECT_HOME/.sonar/target when the analysis is triggered with the Sonar Runner, $PROJECT_HOME/target when triggered with Maven
sonar.phpPmd.reportFileRelativePath=<relative_path_from_parent_to_xml_report>reportPath=path/to/myPmdReport.xml 
 
#PHP_ CodeSniffer
sonar.phpCodesniffer.analyzeOnly=true
sonar.phpCodesniffer.reportFileName=myCodeSnifferReport.xml    #default is codesniffer.xml
#default is logs; parent is $PROJECT_HOME/.sonar/target when the analysis is triggered with the Sonar Runner, $PROJECT_HOME/target when triggered with Maven
sonar.phpCodesniffer.reportFileRelativePath=<relative_path_from_parent_to_xml_report>reportPath=path/to/myCodeSnifferReport.xml
 
#PHP Depend
sonar.phpDepend.analyzeOnly=true
sonar.phpDepend.reportFileName=myPhpDependReport.xml    #default is pdepend.xml
#default is logs; parent is $PROJECT_HOME/.sonar/target when the analysis is triggered with the Sonar Runner, $PROJECT_HOME/target when triggered with Maven
sonar.phpDepend.reportFileRelativePath=<relative_path_from_parent_to_xml_report>reportPath=path/to/myPhpDependReport.xml
sonar.phpDepend.reportType=summary-xml    #Type of report generated by PHP Depend. Valid values: summary-xml (default), phpunit-xml
(default value, deprecated)
 
#PHPUnit
sonar.phpUnit.analyzeOnly=true
sonar.phpUnit.reportFileNamereportPath=path/to/myPhpUnitReport.xml
   #default is phpunit.xml
#default is logs; parent is $PROJECT_HOME/.sonar/target when the analysis is triggered with the Sonar Runner, $PROJECT_HOME/target when triggered with Maven
sonar.phpUnit.reportFileRelativePath=<relative_path_from_parent_to_xml_report>

sonar.phpUnit.coverage.analyzeOnly=true
sonar.phpUnit.coverageReportFile=myCoverageReport.xml    #default is phpunit.coverage.xml
#Same path as sonar.phpUnit.reportFileRelativePath

FAQ and Troubleshooting

• PHP Plugin FAQ
• PHP Plugin Troubleshooting

sonar.phpUnit.coverage.reportPath=path/to/myCoverageReport.xml

Excluding files

Most of the time, using the exclusion properties will be enough to exclude files from being reported by SonarQube. However, there might be some cases where you really want to exclude files from being analyzed by an external tool (may it be PHP CodeSniffer,  PHPMD or PHP Depend):

• a file is badly written and the tool is crashing when analyzing this file, thus preventing SonarQube from completing the analysis
• a big number of files must be excluded and there's no need for the external tools to spend time analyzing files that won't be reported in SonarQube

For these specific cases, you should use the sonar.xxxx.argumentLine property of the external tool to manually define exclusions. For instance, for PHP CodeSniffer, you would add the following property:

sonar.phpCodesniffer.argumentLine=--ignore=Database/*    # on Linux, would be --ignore=Database\* on Windows

This would tell PHP CodeSniffer to ignore every PHP file located in the Database folder.

FAQ

See PHP FAQ.

Metrics

See Metrics documentation page.

Extending Coding Rules

See the tutorial to extend coding rules with PHP _ CodeSniffer and/or PHPMD.

...

...

...