Can I analyze pom files correctness using Sonar? (like the maven enforcer plugin rules)
The short answer is no. The slightly longer answer is maybe. There is no plugin listed on the office plugins page with this functionality, but it's possible to write a plugin that could run some rules on a maven project and report the issues as like with any other metric...
Related
We currently use the sonar-scanner utility to run sonar analysis on our maven multi-modules java project.
I wanted to move from the sonar-scanner to the sonar-maven-plugin, but the first tests shows a big discrepancy in the reported metrics.
For example the number of lines of code went from 466'000 to 154'000.
The main difference seems to be that the maven plugin does not analyse the src/test directories whereas the scanner does. Another reason could be that the maven plugin only analyses the modules which are enabled.
Do this behavior seems normal to you ?
or did I miss some configuration in the plugin or the scanner. They both should pull the config from our sonarqube server.
If this is the normal behavior then should I stay with the scanner and keep the metrics history or should I start over with the maven plugin ?
I could redo some analysis for all versions we released to have some comparisons and trends.
Thanks for your advices.
Update:
Settings the sonar.sources and sonar.inclusions like mentioned there gives some better results...
sonar-maven-plugin: extending sonar.sources in multi-module project
I'm switching a large project from Maven to Gradle. Existing Maven project uses com.googlecode.maven-java-formatter-plugin to format the Java code. Looked for the equivalent in Gradle. Found https://plugins.gradle.org/plugin/com.github.sherter.google-java-format, but it spewed a bunch of errors out, was really slow, and didn't generate the same output as the Maven plugin.
Also looked here: https://github.com/google/google-java-format - no help.
Is there a Gradle plugin which will give me same result as the Maven plugin?
There is this other Gradle plugin, which uses the Eclipse formatter. Maybe you can tweak it to achieve the same results as with the maven plugin you mentioned (I'm not using this plugin myself).
Note that it is an explicit non-goal of google-java-format and the corresponding Gradle plugin to be configurable. If you are not happy with the formatting style then this tool is probably not appropriate for you.
(if you have technical problems with my Gradle plugin, feel free to provide more details or open a ticket on Github)
I understand that the maven-compiler plugin is used to compile the code. Some of my project does not have that plugin in the pom file? When is it required?
I am trying to answer my own question based on what I learned since posted this question. If this answer is correct or incorrect please comment. Thanks.
If this plugin is not defined, the Maven Super POM contains all the default plugins you will be using. It works fine for small and non-serious projects. However, the best practice is to define these plugins in a company-wise POM and so that when you upgrade maven, you would not end up using a different version of plugin.
Have a look at the Goals Overview Section in Apache Maven Compiler Plugin
The Compiler Plugin has two goals. Both are already bound to their proper phases within the Maven Lifecycle and are therefore, automatically executed during their respective phases.
You only have to add it if you want to change the default parameters
I discovered generating aggregate reports in multi-module projects only works if the maven aggregator pom project is also the parent project for sub modules. This really does not work for a lot enterprise level projects in which maven aggregator is not always the parent.
Really appreciate any suggestions!
Cobertura is an inactive project. Check out JaCoCo as a viable replacement, and it supports aggregate.
But if the issue is related to the NPE you get, check out this: https://jira.codehaus.org/browse/MCOBERTURA-151. We're using 2.5.1 of that plugin w/ that patch applied and it allows us to build using aggregate, but the output isn't really aggregate.
Are there any good tools that can scan many levels into maven projects / subprojects and generate reports or charts about all of the dependencies, version discrepancies between the same packages in different projects, etc etc?
Is there some other smart way to manage large maven projects that have several layers of subprojects with a large number of dependencies in each one?
Get a repository manager like Nexus, use the Maven Dependency plugin, use Sonar, use Hudson/Jenkins, check out Sonatype Insight and the Insight for CI plugin, use the dependency viewer in Eclipse, use a parent pom for your organization to centralize dependency versions and so on. Lots to do for you.
You can use Jenkins. It has got all you need to do with a maven project.
Jenkins with sonar the best combination for managing huge maven projects.
Depending on how "deep" you want to go, the maven site builds can use the reporting plugins to generate much of what you want. If you want much more info, then something like Sonar is probably more of what you want.
The simplest solution is to use the maven-dependency-plugin which can produce reports either ASCII or in different formats. Or you use the dependency-hierarchy in your IDE (m2e Plugin Eclipse) to look into the dependencies.