The plugin enables analysis of PHP projects within Sonar.with SonarQube.
It is compatible with the Issues Report plugin to run pre-commit local analysis.
It relies on well-known external tools: PHPUnit, PHP Depend, PHPMD and PHP _ CodeSniffer.
- Install the PHP Environment
- Install the Sonar PHP plugin through the Update Center or download it into the SONAR SONARQUBE_HOME/extensions/plugins directory
- Restart the Sonar SonarQube server
an Analysis with the
SonarQube Runner (Recommended
To launch a Sonar run an analysis of your PHP project, use the Sonar SonarQube Runner.
You can also have a look at the SonarQube Runner documentation page to define a multi-module PHP project.
Run an Analysis with the other Analyzers
sonar.phpPmd.skip=true sonar.phpCodesniffer.skip=true sonar.phpDepend.skip=true # Deactiving the PHP Depend plugin is highly discouraged since all the basic metrics rely on it. sonar.phpUnit.skip=true sonar.phpUnit.coverage.skip=true
Configuring PHPUnit to be run by
To configure the execution of PHPUnit, you can set the following properties:
it is recommended to create a configuration file and set the path to this file with the
If a configuration file is not used, the following property can be set to configure the execution of PHPUnit:
If set to
The project main test file including the relative path, ie: "/source/tests/AllTests.php". If not present, PHPUnit will look looks for phpunit.xml file in the test directory.
Ignore the unit tests files matching this pattern.
Use this bootsrap file to initialize the unit tests.
If set to
|Only runs tests from the specified group(s).|
|To specify which |
Reusing existing reports
To reuse existing reports from PHP Depend, PHPUnit, etc.:
- Set the property '
sonar.<external_tool>.analyzeOnly' property to '
- Set the 'sonar.<external_tool>.reportFileName' path to the name of the reportSet the 'report in
sonar.<external_tool>.reportFileRelativePath' to the path where the report has been placed
reportPath. Path is relative to the base directory.
#PHPMD sonar.phpPmd.analyzeOnly=true sonar.phpPmd.reportFileName=myPmdReport.xml #default is logs; parent is $PROJECT_HOME/.sonar/target when the analysis is triggered with the Sonar Runner, $PROJECT_HOME/target when triggered with Maven sonar.phpPmd.reportFileRelativePath=<relative_path_from_parent_to_xml_report>reportPath=path/to/myPmdReport.xml #PHP_ CodeSniffer sonar.phpCodesniffer.analyzeOnly=true sonar.phpCodesniffer.reportFileName=myCodeSnifferReport.xml #default is codesniffer.xml #default is logs; parent is $PROJECT_HOME/.sonar/target when the analysis is triggered with the Sonar Runner, $PROJECT_HOME/target when triggered with Maven sonar.phpCodesniffer.reportFileRelativePath=<relative_path_from_parent_to_xml_report>reportPath=path/to/myCodeSnifferReport.xml #PHP Depend sonar.phpDepend.analyzeOnly=true sonar.phpDepend.reportFileName=myPhpDependReport.xml #default is pdepend.xml #default is logs; parent is $PROJECT_HOME/.sonar/target when the analysis is triggered with the Sonar Runner, $PROJECT_HOME/target when triggered with Maven sonar.phpDepend.reportFileRelativePath=<relative_path_from_parent_to_xml_report>reportPath=path/to/myPhpDependReport.xml sonar.phpDepend.reportType=summary-xml #Type of report generated by PHP Depend. Valid values: summary-xml (default), phpunit-xml (default value, deprecated) #PHPUnit sonar.phpUnit.analyzeOnly=true sonar.phpUnit.reportFileNamereportPath=path/to/myPhpUnitReport.xml #default is phpunit.xml #default is logs; parent is $PROJECT_HOME/.sonar/target when the analysis is triggered with the Sonar Runner, $PROJECT_HOME/target when triggered with Maven sonar.phpUnit.reportFileRelativePath=<relative_path_from_parent_to_xml_report> sonar.phpUnit.coverage.analyzeOnly=true sonar.phpUnit.coverageReportFile=myCoverageReport.xml #default is phpunit.coverage.xml #Same path as sonar.phpUnit.reportFileRelativePath
Note that the reports should be generated with the recommended version of each tool. Otherwise you may face some incompatibility issues.
FAQ and Troubleshooting
Most of the time, using the exclusion properties will be enough to exclude files from being reported by SonarQube. However, there might be some cases where you really want to exclude files from being analyzed by an external tool (may it be PHP CodeSniffer, PHPMD or PHP Depend) because:
- a file is badly written and the tool is crashing when analyzing it, thus preventing SonarQube from completing the analysis
- a large number of files must be excluded and there's no need for the external tools to spend time analyzing files that won't be reported in SonarQube
For these specific cases, you should use the
sonar.xxxx.argumentLine property of the external tool to manually define exclusions. For instance, for PHP CodeSniffer, you would add the following property:
sonar.phpCodesniffer.argumentLine=--ignore=Database/* # on Linux, would be --ignore=Database\* on Windows
This would tell PHP CodeSniffer to ignore every PHP file located in the Database folder.
When specifying exclusions directly for each tool, you should also consider setting the
See PHP FAQ.
Extending Coding Rules
See the tutorial to extend coding rules with PHP _ CodeSniffer and/or PHPMD.
- PHP 1.2 - short-term activity (see the JIRA open tickets)
- Improve the PHP CodeSniffer rule repository (adding missing parameters, descriptions, ...)
- Work on the "Sonar Way", PEAR and Zend profiles (<= for PHP gurus! )
- PHP 2.0 - mid-term activity
- Handle multiple files with the same name
- Consider root folders as "Projects"
- Non structured PHP files
- If it turns out that those tickets are technically difficult/long to implement, then they can be postponed