This analyzer is recommended to launch analysis on Java Maven project.
Analyzing a Maven Project
Analyzing a Maven project consists of running a Maven goal in the directory where the pom.xml file sits. If possible, an install goal should be performed prior to the sonar one.
skipTests=true not to run unit tests twice: during the install goal and again during the sonar goal. You can also deactivate the integration tests execution. Please refer to the Maven documentation.
When the above configuration is not possible, you can run an analysis in one command, but unit tests will run twice: once in the install goal and once in the sonar one. Do not use the DskipTests=true parameter, otherwise Sonar will not execute unit tests and therefore not report on them.
The -Dmaven.test.failure.ignore=true is there to make sure that even if unit tests fail, the Sonar analysis will be performed.
Configuring the Sonar Analysis
A pom.xml file sample is available here.
Additional analysis parameters are listed on the Analysis Parameters page.
Since Sonar 3.4, if the project cannot be accessed anonymously, the 'sonar.login' and 'sonar.password' properties are required to run an analysis. These properties have to be set to the credentials of a user having the 'User' role on this project. You can set them either:
- directly on the command line by adding -Dsonar.login=myUser -Dsonar.password=myPassword
- or in the pom.xml project configuration file
- or in the Maven profile (settings.xml file)
A project cannot be anonymously accessed when either:
How to Fix Version of Maven Plugin
It is recommended to lock down versions of Maven plugins. Two versions of the Sonar maven plugin exist, one for Maven 2 and one for Maven 3. Fixing its version depends on the Maven versions used to analyse the project:
Project analyzed with Maven 2 only
Add the following code to the pom.xml file:
Project analyzed with Maven 3 only
Project analyzed with both Maven 2 and Maven 3
Analyzing a Multi-module and Multi-language Project
Since Sonar 3.3, it is possible to run an analysis on a multi-module project whose modules contains source code from different languages.
To do so, just add the 'sonar.language' property to the pom of each module.