The <a href="http://docs.sonarqube.org/display/SONAR/Analyzing+with+Maven">Analyzing with Maven
documentation clearly states that you have to do this. However I seem to recall reading somewhere that this was because of some irregularity in the results that occurred with multi module projects and I am pretty sure I have read that this may no longer
be needed and the docs may be out of date. However I can’t find anything to corroborate that now that I am going back and looking for it.
The reason that this is important is that we would like to switch from using check style and findbugz in our maven builds and rather use sonarqube to perform the analysis. However we have the former directly integrated into our master pom file (used as
a parent pom by all projects). In this way checkstyle and find-bugs always runs every time a mvn compile is performed, and we can fail the build if violations occur. Developers do this on their local box. Before we can use SonarQube in place of CS/FB combo,
we need to be able to do this same level of integration. Not having it is a show-stopper for us. How do we set this up with SonarQube?
Again thank you for all the help.
—Regards,
Ken
|
Sorry hit send by accident while editing. The “this” in the first sentence refers to needing to run mvn sonar:sonar in a separate maven reactor run form the mvn install goal.
I should also add that we are evaluating SQ 5.1 and all of our builds are multi-module.
From: <Baltrinic>, Kenneth Baltrinic <[hidden email]>
Date: Friday, May 15, 2015 at 2:30 PM To: "[hidden email]" <[hidden email]> Subject: Is single command maven integration possible? Planned? The <a href="http://docs.sonarqube.org/display/SONAR/Analyzing+with+Maven">Analyzing with Maven
documentation clearly states that you have to do this. However I seem to recall reading somewhere that this was because of some irregularity in the results that occurred with multi module projects and I am pretty sure I have read that this may no longer
be needed and the docs may be out of date. However I can’t find anything to corroborate that now that I am going back and looking for it.
The reason that this is important is that we would like to switch from using check style and findbugz in our maven builds and rather use sonarqube to perform the analysis. However we have the former directly integrated into our master pom file (used as
a parent pom by all projects). In this way checkstyle and find-bugs always runs every time a mvn compile is performed, and we can fail the build if violations occur. Developers do this on their local box. Before we can use SonarQube in place of CS/FB combo,
we need to be able to do this same level of integration. Not having it is a show-stopper for us. How do we set this up with SonarQube?
Again thank you for all the help.
—Regards,
Ken
|
Just wanted wanted to ping on this question again as its fairly important to us. Any input is appreciated.
From: <Baltrinic>, Kenneth Baltrinic <[hidden email]>
Date: Friday, May 15, 2015 at 2:33 PM To: "[hidden email]" <[hidden email]> Subject: Re: Is single command maven integration possible? Planned? Sorry hit send by accident while editing. The “this” in the first sentence refers to needing to run mvn sonar:sonar in a separate maven reactor run form the mvn install goal.
I should also add that we are evaluating SQ 5.1 and all of our builds are multi-module.
From: <Baltrinic>, Kenneth Baltrinic <[hidden email]>
Date: Friday, May 15, 2015 at 2:30 PM To: "[hidden email]" <[hidden email]> Subject: Is single command maven integration possible? Planned? The <a href="http://docs.sonarqube.org/display/SONAR/Analyzing+with+Maven">Analyzing with Maven
documentation clearly states that you have to do this. However I seem to recall reading somewhere that this was because of some irregularity in the results that occurred with multi module projects and I am pretty sure I have read that this may no longer
be needed and the docs may be out of date. However I can’t find anything to corroborate that now that I am going back and looking for it.
The reason that this is important is that we would like to switch from using check style and findbugz in our maven builds and rather use sonarqube to perform the analysis. However we have the former directly integrated into our master pom file (used as
a parent pom by all projects). In this way checkstyle and find-bugs always runs every time a mvn compile is performed, and we can fail the build if violations occur. Developers do this on their local box. Before we can use SonarQube in place of CS/FB combo,
we need to be able to do this same level of integration. Not having it is a show-stopper for us. How do we set this up with SonarQube?
Again thank you for all the help.
—Regards,
Ken
|
Hi Kenneth, I'm not 100% sure but since SQ is no more trying to run any Maven goal by itself it should now be ok to run: mvn clean package sonar:sonar I'll try to do some experiments with multi-module projects but on your side don't hesitate to try and report any issue. ++ 2015-05-20 14:02 GMT+02:00 Baltrinic, Kenneth <[hidden email]>:
|
Hi, @Julien: Do you mean "mvn clean install sonar:sonar" or "mvn clean package sonar:sonar"? For multi-module projects, if you don't run "install" before "sonar:sonar", your other module packages won't be available in your local Maven repository and thus for SonarQube. Then, you'll get lots of "Resource not found: com.xxx" during the analysis and you'll be missing some issues. Correct? Regards, On Fri, May 22, 2015 at 5:13 PM, Julien HENRY <[hidden email]> wrote:
|
Julien, thank you for the update. I’ll give it a try soon as I have a chance. Focus has currently shifted to evaluating SonarQube’s .Net capabilities.
David,
Of course I know nothing, nothing! But if we run sonar:sonar in the same maven reactor run as the package goal, would it not have access to the internal cache of build artifacts that all other goals/plugins in the run have? I.e. Its not necessary for
a jar to be installed before another jar the depends on it in the same multi-module project can be built. Would the same not hold for sonar? I was always under the impression that the install was needed because the convention is to run sonar is a second
reactor run after the first, in which case it does not have access to the internal cache of the first. Again, I only have a general conceptual understanding of how maven works so I could be completely wrong when it come to the reality of the matter.
—Ken
From: David Racodon <[hidden email]>
Reply-To: "[hidden email]" <[hidden email]> Date: Friday, May 22, 2015 at 11:48 AM To: user <[hidden email]> Subject: Re: [sonar-user] Re: Is single command maven integration possible? Planned? Hi,
@Julien: Do you mean "mvn clean install sonar:sonar" or "mvn clean
package sonar:sonar"?
For multi-module projects, if you don't run "install" before "sonar:sonar", your other module packages won't be available in your local Maven repository and thus for SonarQube. Then, you'll get lots of "Resource
not found: com.xxx" during the analysis and you'll be missing some issues. Correct?
Regards,
On Fri, May 22, 2015 at 5:13 PM, Julien HENRY
<[hidden email]> wrote:
|
Free forum by Nabble | Edit this page |