This page describes how to integrate SonarQube into a build script for Apache Ant.
You must have previously installed the SonarQube Ant Task and read Analyzing Source Code.
The Ant task is a thin wrapper around the SonarQube Runner, which works by invoking the runner and passing to it all properties named following a sonar.* convention. This has the downside of not being very Ant-y, but the upside of providing instant availability of any new analysis parameter introduced by a new version of a plugin or of SonarQube itself. Therefore, successful use of the SonarQube Ant task requires strict adherence to the property names shown below.
You may also consult the list of analysis parameters for additional properties which will be honored in an Ant-based analysis.
Define a new
sonar Ant target in your Ant build script:
<project name="My Project" default="all" basedir="." xmlns:sonar="antlib:org.sonar.ant"> ... <!-- Define the SonarQube global properties (the most usual way is to pass these properties via the command line) --> <property name="sonar.jdbc.url" value="jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8" /> <property name="sonar.jdbc.username" value="sonar" /> <property name="sonar.jdbc.password" value="sonar" /> ... <!-- Define the SonarQube project properties --> <property name="sonar.projectKey" value="org.codehaus.sonar:example-java-ant" /> <property name="sonar.projectName" value="Simple Java Project analyzed with the SonarQube Ant Task" /> <property name="sonar.projectVersion" value="1.0" /> <property name="sonar.language" value="java" /> <property name="sonar.sources" value="src" /> <property name="sonar.binaries" value="build/*.jar" /> ... <!-- Define the SonarQube target --> <target name="sonar"> <taskdef uri="antlib:org.sonar.ant" resource="org/sonar/ant/antlib.xml"> <!-- Update the following line, or put the "sonar-ant-task-*.jar" file in your "$HOME/.ant/lib" folder --> <classpath path="path/to/sonar/ant/task/lib/sonar-ant-task-*.jar" /> </taskdef> <!-- Execute Sonar --> <sonar:sonar /> </target> ...
Run the following command from the project base directory to launch the analysis:
Any user who's granted Execute Analysis permission can run an analysis.
If the Anyone group is not granted Execute Analysis permission or if the SonarQube instance is secured (the
sonar.forceAuthentication property is set to
true), the credentials of a user having been granted Execute Analysis permission have to be provided through the
sonar.password properties. Example:
sonar-runner -Dsonar.login=myLogin -Dsonar.password=myPassword
SonarQube 3.4 to 3.6.3
If a project cannot be accessed anonymously, the
sonar.password properties are required to run an analysis on this project. These properties have to be set to the credentials of a user having the User role on this project. You can set them either:
A project cannot be anonymously accessed when either:
sonar.forceAuthenticationproperty is set to
sonar.forceAuthenticationproperty is set to
falseand the Anyone group has not been granted a User role on the project
There is no security restriction.
To help you getting started, a simple project sample is available on github that can be browsed or downloaded: projects/languages/java/ant/java-ant-simple
The configuration for parent and modules must be done in the parent build.xml file:
... <!-- Set modules IDs --> <property name="sonar.modules" value="module-one,module-two"/> <!-- For modules, properties are inherited from the parent. They can be overridden as shown below: --> <property name="module-one.sonar.projectName" value="Module One" /> <property name="module-one.sonar.sources" value="sources/java" /> <property name="module-one.sonar.binaries" value="target" /> <!-- Default module base directory is <curent_directory>/<module_ID>. It can be overridden if necessary --> <property name="module-one.sonar.projectBaseDir" value="Module 1" /> ...
To help you getting started, project samples are available on github that can be browsed or downloaded:
Since SonarQube 3.3, it is possible to run an analysis on a multi-module project whose modules contains source code from different languages.
In addition to the multi-module configuration, the only mandatory property to set is the language for each module:
<property name="module1.sonar.language" value="java"/> <property name="module2.sonar.language" value="js"/> ...
Additional analysis parameters can be defined in the build.xml file or through command-line parameters.
The SonarQubeAnt Task 2.0 can run analyses from configuration files designed for SonarQube Ant Task 1.X.
This compatibility mode is automatically activated. But we highly recommend you to migrate to the new format as this compatibility mode will be dropped sooner or later in the next versions.