I have a multimodules project with many dependencies. Until now after successful build I was performing sonar analysis of whole project. To save time and build project I detect which modules have been changed and run maven command:
mvn install -pl module1,module5,module2 -amd
Is there any way to do static analysis only for built modules? Something like mvn sonar:sonar -pl module1,module5,module2 -amd? of course it doesn't work, do you have any idea?
I know that there is option:
mvn sonar:sonar -pl !module2
but my project has more than 50 modules so if commit change only 5 modules I will have to list 45 others modules.
SonarQube always requires full scan. If you exclude some modules and execute the scanner, then excluded modules will disappear from SonarQube. It means there is no such flag.
Read more: How to analyse only new added lines of code?
Related
Working with a multi-module project. Want to run maven commands as follows:
mvn clean compile
Then maven install phase without again executing maven compile
Not possible.
You would need to call the goals directly, phases cannot be run separately.
you can (now) skip phases by directly calling the goal via
mvn <plugin>:<goal>
e.g.
mvn compiler:compile
see this answer for details.
for install it should be mvn install:install
I added to my maven project the a PMD and checkstyle plugins. And when I run them the work perfectly. But when I remove them from the pom.xml I can still run mvn checkstyle:checkstyle or mvn pmd:pmd even though I removed them. Also after removing them I ran mvn clean install. ANy idea of what could happen ?
The commands you execute are plugin goals (plugin:goal) and unlike "mvn install" not a phase.
you can run almost any plugin on a project if maven can find it. The apache maven plugins allow that shortcut notation (pmd:pmd) since maven will try to resolve them in the apache namespace.
Plugins from other sources would need to be run with their full name, for example:
org.codehaus.mojo:versions-maven-plugin:2.5:display-dependency-updates
The plugin itself decides if it can run a goal on its own or if it requires a running reactor and only works within the maven life-cycle (usually because it depends on outputs from other phases)
So in your case: mvn install should not run the pmd plugin anymore if its not in the pom - and install is a phase. mvn pmd:pmd will run it directly with its default config - since pmd:pmd is a plugin goal.
The default plugins per packaging and phase are documented here. These may run if in the pom or not (depending on whats in the project).
Based on the question Sonar + Clover only runs on src-instrumented, it is suggested using first mvn clean clover2:setup install clover2:clover, then: mvn sonar:sonar.
Just wonder why we cannot use mvn clean clover2:setup install clover2:clover sonar:sonar?
In the past it was the recommended way to run goal sonar:sonar alone. This is no more the case since SonarQube Scanner for Maven stopped trying to run unit tests + collect coverage for you by forking a new Maven lifecycle.
General advice is now to run goals in a single command. For example mvn clean package sonar:sonar
In the case of Clover the clover:setup goal will alter the Maven Model to make all other plugins (like surefire) use instrumented classes instead of original source code. This is indeed a problem because it will prevent SonarQube to match class files. So in your case you should either stick with two separate goals, or manually configure sonar.sources to refer to original source code.
Compared the maven logs and found the possible reason:
The "mvn clean clover2:setup install clover2:clover sonar:sonar" seems having issue to find the Source dirs. The log shows it uses ${project}\target\clover\src-instrumented and ${project}\target\generated-sources\annotations as the source dirs.
If explicitly specify src/main/java, then this single command works well. The only tricky thing is why running the goals separately doesn't need to specify sonar.sources but the plugin can still find the right folder for source dirs.
I have seen sonar builds failing if I run mvn package or mvn verify as build goals, however if I change it to mvn install it passes.
Can you explain why maven install goal is needed for sonar to work properly?
In a multi-module build an aggregator plugin can't resolve dependencies from target folder. So you have two options:
mvn clean install && mvn sonar:sonar as two separate processes
mvn clean package sonar:sonar as a single reactor
What exactly happens during this command:
mvn -pl ABC –am -amd?
Does it compile the code?
The reason I asked is I have purposely put an invalid file and when I run mvn -pl ABC -am -amd option I get successful result and I'm confused why Maven is not complaining about the errored file?
But if I use mvn install command it errors!
-pl or --projects allows you to select a specific set of projects to apply your goal, (e.g. clean install) this way saving the time you would spend waiting for a full build on a big project if you just need to build a couple modules.
You might wanna check the following section:
Specifying a Subset of Projects
-pl makes maven build only specified modules and not the whole project (in this case it's only ABC).
-am makes maven figure out what modules our target depends on and build them too(in this case it's ABC's dependencies).
If you say mvn -pl, and give no argument to -pl, you are asking maven to do absolutely nothing.
-pl assumes that you are sitting in a project with multiple modules, and want to build a subset. You just asked for the null subset.
You haven't actually given it a goal to run. mvn -pl Abc:Xyz -am -amd has two problems with it.
First of all, -amd implies -am, so you don't need both.
Secondly, you haven't given it a goal to run, like install, package, test, or compile.