The plugin enables analysis of PHP projects within with SonarQube.
It is compatible with the Issues Report plugin to run pre-commit local analysis.
It relies on well-known external tools: PHPUnit, PHP Depend, PHPMD and PHP CodeSniffer.
- Install the PHP Environment
- Install the plugin through the Update Center or download it into the SONARQUBE_HOME/extensions/plugins directory
- Restart the SonarQube server
an Analysis with the SonarQube Runner (Recommended
To run an analysis of your PHP project, use the SonarQube Runner.
You can also have a look at the SonarQube Runner documentation page to define a multi-module PHP project.
If set to
The project main test file including the relative path, ie: "/source/tests/AllTests.php". If not present, PHPUnit will look looks for phpunit.xml file in the test directory.
Ignore the unit tests files matching this pattern.
Use this bootsrap file to initialize the unit tests.
If set to
|Only runs tests from the specified group(s).|
|To specify which |
Reusing existing reports
To reuse existing reports from PHP Depend, PHPUnit, etc.:
- Set the
- Set the path to the report in
sonar.<external_tool>.reportPath. Path is relative to the base directory (where you for a mono-module project...
#PHPMD sonar.phpPmd.analyzeOnly=true sonar.phpPmd.reportPath=path/to/myPmdReport.xml #PHP CodeSniffer sonar.phpCodesniffer.analyzeOnly=true sonar.phpCodesniffer.reportPath=path/to/myCodeSnifferReport.xml #PHP Depend sonar.phpDepend.analyzeOnly=true sonar.phpDepend.reportPath=path/to/myPhpDependReport.xml sonar.phpDepend.reportType=summary-xml #Type of report generated by PHP Depend. Valid values: summary-xml (default), phpunit-xml #PHPUnit sonar.phpUnit.analyzeOnly=true sonar.phpUnit.reportPath=path/to/myPhpUnitReport.xml sonar.phpUnit.coverage.reportPath=path/to/myCoverageReport.xml
Most of the time, using the exclusion properties will be enough to exclude files from being reported by SonarQube. However, there might be some cases where you really want to exclude files from being analyzed by an external tool (may it be PHP CodeSniffer, PHPMD or PHP Depend) because:
- a file is badly written and the tool is crashing when analyzing this fileit, thus preventing SonarQube from completing the analysis
- a big large number of files must be excluded and there's no need for the external tools to spend time analyzing files that won't be reported in SonarQube
When specifying exclusions directly for each tool, you should also consider to set setting the
- PHP 1.2 - short-term activity (see the JIRA open tickets)
- Improve the PHP CodeSniffer rule repository (adding missing parameters, descriptions, ...)
- Work on the "Sonar Way", PEAR and Zend profiles (<= for PHP gurus! )
- PHP 2.0 - mid-term activity
- Handle multiple files with the same name
- Consider root folders as "Projects"
- Non structured PHP files
- If it turns out that those tickets are technically difficult/long to implement, then they can be postponed