I have following situation - in Teamcity I set up two builds for sonar
First - by use of maven sonar:sonar
Second - with special teamcity step "SonarQube"
In the second case I see in sonar logs that it run Jacoco sensors, but in the first case, when running from maven, Jacoco sensors did not start.
So, I have a general question about this situation - who controls which sensors will be started for a build? Is it some environment variables that I should setup for maven, or is it somehow controled by SonarQube server?
Sensor itself describes when it should be executed - see https://github.com/SonarSource/sonar-java/blob/4.5.0.8398/java-jacoco/src/main/java/org/sonar/plugins/jacoco/JaCoCoSensor.java#L65 and https://github.com/SonarSource/sonarqube/blob/6.2.1/sonar-plugin-api/src/main/java/org/sonar/api/batch/sensor/SensorDescriptor.java#L37-L42
Related
after fighting now with integrating JaCoCo results into my SonarQube to see code coverage for more then one working day, I will try to open another post regarding this topic, because the internet is really messed with postings.
Preconditions:
SonarQube: Version 6.7.2
Maven: 3.5.2
Windows Server2012 R2
I successfully integrated Sonar Scan and results are published. I added the configuration for JaCoCo in the pom.xml of my application and the result files are generated after the build and just using the JaCoCo Jenkins plugin they can be displayed on the Jenkins dashboard. But I did not figure out what Analysis properties the Jenkins action "Execute SonarQube Scanner" needs in order to import the results and display them.
Is "scan" the correct operation or do I need something else to trigger the import?
I saw so many variantes of giving JaCoCo and Sonar the correct parameters, that I do not have a clear picture any more. Any hints maybe looking at my parameters?
As described in the docs, since you're building with Maven you should analyze with it too. There's some global setup you want to do (see the docs) but once that's done, you'll add this to your job instead of your current SonarQube Scanner build step:
$SONAR_MAVEN_GOAL -Dsonar.host.url=$SONAR_HOST_URL
Note that this needs to come after your build and test execution. The JaCoCo reports should be picked up automatically.
I successfully integrated it now with these Analyses properties and it is working.
sonar.projectName=
sonar.projectKey=
sonar.login =
sonar.password =
sonar.sources=./
sonar.java.binaries=./
sonar.jacoco.reportPaths=./trackingboard-service/target/jacoco.exec
sonar.jacoco.reportMissing.force.zero=true
I want to use SonarQube for Code Quality analysis. I have Hudson as the CI tool and have integrated clearcase. How do I use SonarQube when the Ant build happens? Do I need to install SonarQube in a server and use a plugin to access it?
Can someone help me?
Install SonarQube web server as a first step. Default port will be localhost:9000.
After installing SonarQube you need to create an Ant target. Sample Script is available on GitHub. If Hudson is working correctly earlier. It will pick up the changes in Ant Script and perform the Analysis. After the completion of Analysis report will be generated and accessible at SonarQube Web Dashboard.
Last day I was configuring a jenkins job to run sonar on my java project. I had sonar and jacoco plugins configured in my job. Sonar was throwing some error for which my sysadmin asked me to remove the jacoco plugin configuration from job. I removed and now sonar is saying it cannot find cobertura.xml.
So I am curious to know if sonar does analysis on already run jacoco or cobertura task or does it runs its own coverage analysis?
Short answer : In general, coverage is imported to SonarQube by reading a coverage report generated prior to any work of sonarQube.
Longer answer : Historically (read, about two years ago), SonarQube used to try to run coverage tool for java. This was a nightmare to maintain for every use cases and as such it is now up to the developers to provide a coverage report to SonarQube which will only act on those data (linking them to source, compute metrics, display them nicely).
In your case, that means you most probably have the cobertura plugin installed on your SQ instance and it is looking for a report to import.
We are currently using Bamboo for our build tool and one of our stages contains a task to run Sonar analysis.
It works great except for the fact that results are published for both master and feature branches. Of course this means that if we build a branch then results will override the existing ones.
We have looked into Auto Branch in the Sonar task but we don't want a large number of branch projects in Sonar so this is a no-go for us.
How else can we selectively run Sonar analyses depending on the branch? I heard that using a property in our Maven pom.xml could work, I wonder if anyone has an example of that?
I add the -Dsonar.projectVersion=${bamboo.repository.branch.name} at runtime. That adds the branch as the project version.
I am using sonar-runner to execute the sonar analysis so since you're using maven, your mileage may vary - in other words convert that to whatever the maven version of that argument is.
So when I run the sonar-runner task I include that -D argument on the command line. Even running it with maven you should be able to pass it in on the command line. Whatever branch is building that's the one that will show up on the SonarQube dashboard.
The group that I work in has standardized on Jenkins for Continuous Integration builds. Code check-in triggers a standard build, Cobertura analysis and publish to an Artifactory SNAPSHOT repo. I've just finished adding a new target to the master build file that'll kick off a Sonar run but I don't want that running on every check-in.
Is there a way to schedule a nightly build of a specific build target in Jenkins? Jenkins obviously facilitates scheduled builds but it'll run the project's regular build every time. I'd like to be able to schedule the Sonar build target to run nightly.
I could, of course, create a separate Jenkins project just to run the Sonar target on a schedule but I'm trying to avoid that if I can. Our Jenkins server already has several hundred builds on it; doubling that for the sake of scheduling nightly builds isn't very desirable. I looked for a Jenkins plug-in that might facilitate this but I couldn't find anything. Any suggestions?
Here's one way to do it, if you are ok with triggering the build using cron or some other scheduling tool:
Make the build parameterized, and use a parameter in your build file to decide if the Sonar build target should run or not.
Trigger the build remotely by HTTP POST:ing the parameter values as a form to http://[jenkins-host]/jobs/[jobname]/buildWithParameters. Depending on your Jenkins version and configuration, you might need to add an Authentication Token and include this in your url.
Authenticate your POST using a username and password.
wget --auth-no-challenge --http-user=USERNAME --http-password=PASSWORD "https://[jenkins-host]/job/[jobname]/buildWithParameters?token=<token defined in job configuration>&<param>=<value>&<param2>=<value2>"
I am also looking for a solution for this. My current solution in my mind is to create 2 triggers in the regular build, one is the nightly build, another one is Polling SCM
In the sonar plugin configuration, it has the options to skip the builds triggered by the SCM change. Therefore, only the nightly build will start a sonar analysis.
I didn't get a chance to test it now, but I suppose this will work.
Updated on 12/19/2011
The above solution doesn't work if the sonar analysis is invoked as a standalone build step. To make the sonar analysis run conditionally, you could use the following 2 plugins:
Conditional BuildStep Plugin - this allows the sonar analysis to be run conditionally
Jenkins Environment Injector Plug-in - this allows you to inject the variables to indicate how the build is triggered.