This is how i execute my sonar analysis,
mvn sonar:sonar -Dsonar.issuesReport.html.enable=true
In Sonar 4.0 i was able to generate HTML reports, But in SonarWube 5.6.1 its not working out (No errors thrown)
I have googled a lot and couldn't find an alternate plugin or any fix for this.
If some one can suggest me, that will be helpful
Take a look at SonarLint for Command Line. The functionality was moved there.
EDIT SonarLint for Command Line has been dropped. The recommendation is now to use SonarLint in your IDE or Branch Analysis, which is available in Developer Edition($)
Related
I'm using sonarqube for AEM. But when I run mvn sonar:sonar on any module, it shows an error and the project analysis results in failure. Attaching the screenshot for that
I tried upgrading sonarqube too. But I'm not able to do that. Steps mentioned in the sonarqube docs are not quite understandable. Please let me know if there is any solution for this.
Tried upgrading the sonarqube but not able to do that. If that could solve my problem, suggest me how to do that.
I'm using Sonarqube 7.9 and Gitlab with a maven docker image that calls my Sonarqube using mvn --batch-mode verify sonar:sonar -DskipTests=true -Drevision=$REVISION_UNSTABLE $SONAR_OPTS -Dsonar.analysis.mode=issues.
The thing is that the parameter sonar.analysis.mode is not used anymore since version 7.4 but I can't find out what parameter do I need to use instead.
At the build development branch I just want to check the issues related to the code and I don't want to publish anything. Only when I publish a tag or a production code I must publish results to Sonarqube interface. So what do I need to run my code with the previous issues and publish parameters? Is there any alternative to sonar.analysis.mode?
The direction SonarSource are pushing people in is to use branch/pull-request analysis to detect new issues across branches. I'd suggest you want to be using feature branches for your typical analysis if you're not wanting to retain history for a long time.
The branch analysis feature requires you use Developer Edition to work out-the-box, however there is a plugin that provides branch support on developer edition should you want to try it.
Your build/scan command would then become something similar to:
mvn verify sonar:sonar -DskipTests=true -Drevision=$REVISION_UNSTABLE $SONAR_OPTS -Dsonar.branch.name=develop
I have upgraded my sonar version from sonar-3.2 to sonar-3.5.1 and upgraded sonar-runner from sonar-runner-1.1 to sonar-runner-2.2.2, now when i am deploying project on newly installed sonar 3.5.1 it run successfully and showing ANALYSIS SUCCESSFUL, it also show project name on sonar server when i use localhost:9000 on browser but code is not showing there, no violations are coming etc.
i am using sonar in two ways and both results the same. Two ways are:
1. using sonar standalone through sonar runner from cmd.
2. integrating sonar with Jenkins(1.515) and using maven(3.0.4)
when i do sonar analysis on sonar 3.2 everything is working fine in both of the above cases but problem comes only when i use sonar 3.5.1.
Can anybody help me out on this issue??
Please suggest what would be the possible way to overcome this issue..
your revert will be appreciable.. Thanks in advance!!
Please refer below for logs
and sonar dashboard
So I do confirm that the Sonar Java plugins have been deleted from the extensions/plugins directory and that's why you don't get any measures/violations when analysing a java project. Here is the link to download version 1.2 of the Sonar Java plugin ecosystem : http://docs.codehaus.org/download/attachments/230396085/JavaEcosystem-1.2.zip. You just have to decompress this archive, place all jar(s) in the extensions/plugins directory and relaunch the Sonar server.
I am using sonar to review my code for a java project. the version that I am using is v.2.9, I am using sonar for the first time. I have no idea how to add project in sonar server.
Please help on this
Thanks.
There's no option to "add" a project in Sonar from Sonar UI. Projects are automatically added to Sonar whenever a successful analysis occurs.
I'd suggest you the following :
Upgrade to a more recent Sonar version. http://www.sonarqube.org/downloads/
Read the analyzing source code guide where you can find instructions for all available methods to trigger a new analysis
Update : Sonarqube allows (I think after 5.x version) provisioning of projects as described in their documentation
With Administrator role, you can "Provision" a project.
Log in as administrator
Select Settings from the menu
Select System -> Provisioning from the sub-menu
Click Create (at the very far right of the frame)
It's pretty straight forward with the newest version. All you have to do is installing as the guide. And it will prompt a command which you need to execute with your build tool at the project folder.
For an example for maven it would be like
mvn sonar:sonar -Dsonar.host.url=http://localhost:9000 -Dsonar.login=4aa32e977ab1513e3fe5c3ac0c7883528d01a5e8.
With a command similar to this reports will be sent to the Sonarqube. And code analysis will be done
We are trying to install a CI Platform with (Jenkins,sonar,eclipse ...).
So that every developer can make analysis on his code before commit, I'm wondering between two alternatives :
running local analysis with the sonar plugin.
install the different plugins that sonar use (findbug,pmd,checkstyle ...) and configure them to meet the sonar configuration.
I'm not sure which alternative to use? I used to work with findbugs,pmd, checkstyle in eclipse and they look great.
Can you tell me which is the best alternative?
Thanks in advance.
Regards.
With Sonar plugin you can manage the violations like:
Create a review
Mark a violations as false positive or fixed
View the hot classes and hot violations
View yours reviews
If you use separate plugins you have to go sonar web to do that.
The great advance of sonar is the reviews.
Other question is how many projects you have and will have. I currently work with more than 70 projects and many profiles. Is more simple to me run analysis with one plugin, because I need just add the server and find the project. With other plugin you need add the link for each project in each plugin configuration.
Why not install the Sonar Eclipse plugin?
This was designed to solve the following problems:
Sonar does not support parallel analysis of the same project. This issue rules out the option of each developer running Sonar locally. (See SONAR-2761, SONAR-3306)
You don't really want developers uploading metrics and source code into the Sonar database. They could be working on an uncommitted workspace and would therefore cause both inaccuracies and confusion if Sonar is being used for code review.
Sonar is really designed to be run from a continuous integration server (like Jenkins), building code that has been submitted onto a shared codestream (or branch)
The big advantages of using the Eclipse plugin are:
True local analysis, no updates of the Sonar database
Configuration of the other tools is retrieved from the Sonar server and jars automatically downloaded.
Centralized management of Sonar quality profiles