Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languageperl
# The sonar:sonar goal must be executed in a dedicated mvn command
mvn clean install
mvn sonar:sonar
 
# The following command may lead to unexpected issues
mvn clean install sonar:sonar
 
# Use skipTests=true to not run unit tests twice: once during the install goal and again during the sonar:sonar goal
mvn clean install -DskipTests=true
mvn sonar:sonar
Note
titleUsing Eclipse

Make sure you're not using the Eclipse plugin Maven Embedder (m2eclipse). Define a new Maven runtime pointing to your local Maven install, use the latest Maven Eclipse plugin, m2e, and uncheck "resolve workspace artifacts" in the Maven project launch window.
Have a look at the first comment of this ticket: http://jira.codehaus.org/browse/SONAR-929

Note
titleAdvanced Reactor Options

Note that Advanced Reactor Options (such as "--projects" and "--resume-from") are not supported by SonarQube and should not be used.

Code Coverage

Since Java ecosystem 2.2, to get coverage information you have to generate the coverage report. If you are not generating it during your build you can use the following command:

mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent install -Dmaven.test.failure.ignore=true

mvn sonar:sonar

Please check the JaCoCo plugin page for more advanced information

 

Configuring the SonarQube Analysis

...

Include Page
Include - Analysis - Security
Include - Analysis - Security

Excluding a module from SonarQube analysis

You can either:

  • use build profiles to exclude some module (like for integration tests)
  • use Advanced Reactor Options (such as "-pl"). For example mvn sonar:sonar -pl !module2

Sample Projects

To help you get started, a simple project sample is available on github that can be browsed or downloadedprojects/languages/java/maven/java-maven-simple

...

No Format
<build>
  <pluginManagement>
    <plugins>
      <plugin>
        <groupId>org.codehaus.mojo</groupId>
        <artifactId>sonar-maven-plugin</artifactId>
        <version>${sonarVersion}</version>
      </plugin>
    <plugins>
  </pluginManagement>
</build>
<profile>
  <id>maven-2</id>
  <activation>
    <file>
      <!-- basedir expression is only recognized by Maven 3.x (see MNG-2363) -->
      <missing>${basedir}</missing>
    </file>
  </activation>
  <properties>
    <sonarVersion>1.0</sonarVersion>
  </properties>
</profile>
<profile>
  <id>maven-3</id>
  <activation>
    <file>
      <!-- basedir expression is only recognized by Maven 3.x (see MNG-2363) -->
      <exists>${basedir}</exists>
    </file>
  </activation>
  <properties>
    <sonarVersion>2.1</sonarVersion>
  </properties>
</profile>

Analyzing a Multi-language Project

Since SonarQube 4.2, it is possible to run an analysis on a multi-language project. To do so, the sonar.language property just has to be removed. Conversely, if for some reason you want to perform a single language-only analysis, make sure sonar.language is specified. By default the sonar.sources property is set to the value of the Maven sourceDirectory property (usually by default it is src/main/java). Therefore, for a multi-language project, the property usually has to be overridden to: sonar.sources=src.

To help you get started, a multi-language project sample can be browsed or downloaded from github: projects/languages/multi-language/multi-language-java-javascript-maven

Include Page
Include - Language Plugins Compatible with Multi-languageInclude - Language Plugins Compatible with Multi-language
Include Page
Include - Converting a Mono-language Project to a Multi-language Project
Include - Converting a Mono-language Project to a Multi-language Project

...