Is sonar-project.properties file only for SonarQube Runner? - sonarqube

I've been asked to get SonarQube up and running, but we'll be using maven instead of SonarQube Runner.
Is the sonar-project.properties configuration file only used for analysis with SonarQube Runner, or is it necessary for other analyzers, such as maven?

It is only for SonarQube Runner. If you want to pass extra properties to maven you have to pass it on command line with -D prefix. Example: mvn sonar:sonar -Dsonar.language=java.

Yes, as has been said, it is only for Sonar Runner because in this file you define your Project Name, Project Version, default locale from the source code of your Project and so on...
And in your case, using maven, the information like Project Name, Project Version and all about Project is defined in the pom.xml from your Project, and in the Maven you followed a folder structure and so you don't need to tell the source code locale.

In case of C# analysis also you need to add '-D' prefix. --
Something like this.
-Dsonar.language=cs
-Dsonar.dotnet.visualstudio.solution.file="EventProcessing.sln"
-Dsonar.gendarme.mode=
-Dsonar.gallio.coverage.tool=OpenCover
-Dsonar.dotnet.visualstudio.testProjectPattern=*.Tests*

Related

How can I specify the directory where to create the project for archetype:generate?

I am using mvn archetype:generate -B ... to generate a maven project.
It places the generated project in the current working directory.
Can this be customized to place the generated project in a directory I specify? I don't see any options to do so in the command line --help menu.
You cannot specify a directory for archetype:generate, this plugin always targets the current working directory.
The Maven Archetype docs suggest using the basedir parameter. Something like this perhaps:
mvn archetype:generate
-DgroupId=foo
-DartifactId=bar
-Dbasedir=/some/other/directory
But, unfortuntately that doesn't work, even with that parameter specified the archetype is generated into the current working directory. Looking at the Maven Archetype JIRA I can see that there is an open issue for this:
https://issues.apache.org/jira/browse/ARCHETYPE-311
This issue has been open since April 2010 and it has been raised against version 2.2.0 of the archetype plugin and I have just verified that this issue still exists with in latest version of the archetype plugin, the following command completed but created bar in the current working directory rather than in /some/other/path ...
mvn org.apache.maven.plugins:maven-archetype-plugin:3.0.1:generate
-DarchetypeArtifactId=maven-archetype-quickstart
-DinteractiveMode=false
-DgroupId=bar
-DartifactId=foo
-Dbasedir=/some/other/directory
So, if you want to use archetype:generate and you want the generated project to exist somewhere else then I think you might have to write a simple script which ...
Invokes the plugin
Moves the created directory to your desired location once the plugin has finished running
-Dbasedir doesn't work.
You could specify output directory by passing -DoutputDirectory=/some/other/directory
Here's the documentation
https://maven.apache.org/archetype/maven-archetype-plugin/generate-mojo.html

SonarQube Jacoco JUnit : SonarScanner get many unexpected problems

I have a simple project that need to Run JUnit test and let SonarQube to scan / run the Test of JUnit result with SonarScanner. I put my project at Github here
There are some problems:
WARN: Class "XXX" is not accessible through the classloader sonar (Reference)
No jacoco-it.exec and jacoco-ut.exec, only run jacoco.exec at SonarScanner
Cannot exclude some files when running Test JUnit, because I only want to Run Test in my Service Folder (Reference)
This is my sonar-project.properties :
# Required metadata
sonar.projectKey=com.example:Sample
sonar.projectName=Java :: Example :: SonarQube Scanner
sonar.projectVersion=1.0
# Comma-separated paths to directories with sources (required)
sonar.sources=src
sonar.exclusions=src/main/resources/**
#sonar.test.inclusions=src/main/java/com/example/service/**, src/test/java/**
#sonar.test.exclusions=src/main/java/com/example/controller/**
# Encoding of the source files
sonar.sourceEncoding=UTF-8
#Jacoco
sonar.junit.reportsPath=target/surefire-reports
sonar.jacoco.reportPath =target/jacoco.exec
sonar.jacoco.reportMissing.force.zero=true
sonar.java.binaries=target/classes/**
#sonar.java.libraries=libs/**
When I Run Maven Test until build success, It create some files and folders in folder Target.
After that I run my SonarScanner to Scan my project, but I got those problems.
My question:
How can I run my SonarQube Scanner without any WARN ?
How to exclude files properly when scanning JUnit result? Because I use the reference settings, and Coverage still scan the files
How to create jacoco-it.exec and jacoco-ut.exec and run it on SonarScanner?
My project is based on this Reference
Use SonarQube Scanner for Maven instead of just SonarQube Scanner. Otherwise you fall into troubles with configuration, into which you fall, because need to do everything manually:
sonar.sources most likely is incorrect - should be src/main/java and will be properly configured by Scanner for Maven, and that's why you're getting undesired test files analysed as main files
as well as sonar.tests that normally for Maven based projects points to src/test/java
sonar.java.libraries is empty and that's why you're getting Class "XXX" is not accessible through the classloader sonar - it might be quite hard to list all required JAR files of dependencies of your Maven project, while again Scanner for Maven will do this automatically and most importantly will do this correctly
sonar.projectKey with Scanner for Maven will be set automatically to Maven groupId:artifactId
sonar.projectName and sonar.version with Scanner for Maven will be set correctly to Maven project name and version respectively, so that you don't need to change version, when it will change in Maven project
others such as sonar.sourceEncoding, sonar.java.binaries, sonar.java.test.binaries and sonar.java.test.libraries with Scanner for Maven will also be set automatically
If needed you'll still be able to provide other additional properties
via command line such as mvn ... sonar:sonar -Dsonar.something=something
or in SonarQube UI
or specify them directly in properties section of pom.xml
How to create jacoco-it.exec and jacoco-ut.exec and run it on SonarScanner?
Usually jacoco-ut.exec refers to coverage data about unit tests and jacoco-it.exec refers to coverage data about integration tests. They are created by jacoco-maven-plugin, in your pom.xml you configured jacoco-maven-plugin for creation of jacoco.exec.

Automatically derive mandatory SonarQube properties from pom file in Jenkins

Situation:
I want to analyze my project with SonarQube (5.4) triggered by Jenkins (1.642.4). It is a java project build with maven.
I see two ways to trigger the analysis:
Post Build Action "SonarQube analysis with maven" but it's deprecated, so I don't want to use it
Post Build Step "Execute SonarQube Scanner", is the recommended way.
Problem:
If I use the deprecated Post Build Action, the properties for sonar project configuration are derived automatically from the project pom.
It I use the recommended Post Build Step, I receive the Exception
You must define the following mandatory properties for 'Unknown': sonar.projectKey, sonar.projectName, sonar.projectVersion, sonar.sources
Undesired Solution:
The solution is to provide the required properties, via sonar-project.properties file in the java project or via parameters in Jenkins step.
IMHO: this is duplication. All relevant information is defined in the Maven pom: projectKey can be derived from artifactId, projectName and projectVerstion are same properties in maven. Especially the projectVersion is critical. I don't want to update the project version after each release (or write some code in release plugin to update it automatically).
What I want
I want to use the recommended Post Build Step in Jenkins, without redefine all project properties for all my project to make sonar happy. Instead sonar/jenkins/plugin/whatever should derive the properties from my maven pom file. Is there an additional plugin I can use? Can I reconfigure my Jenkins-Sonar-Plugin?
I don't want to provide any sonar specific information in my pom/project, because the project shouldn't care about sonar. It should contain only information required to build the project.
The documentation (although slightly confusing, see edit below) explains how to use a generic post-build step (leveraging environment variables), instead of the deprecated post-build action. in short:
install latest SonarQube Plugin (v2.4 as of now) in Jenkins
in System Config under SonarQube servers: check Enable injection of SonarQube server configuration as build environment variables
in the configuration of your Maven project:
check Prepare SonarQube Scanner environment
add a post-build step Invoke top-level Maven targets and leverage the injected environment variables in the Goals field e.g.:
$SONAR_MAVEN_GOAL -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_AUTH_TOKEN
Edit: when the documentation says The Post-build Action for Maven analysis is deprecated. , it refers to the old post-build action which is not documented anymore. The paragraph after that warning (summarized in this answer) really is the recommended procedure. Illustration here if it's still not clear.
Using SonarQube Scanner as a post build step you can configure it with at least this properties in Analysis properties:
sonar.projectKey=${POM_ARTIFACTID}
sonar.projectName=${POM_DISPLAYNAME}
sonar.projectVersion=${POM_VERSION}
sonar.sources=src
sonar.java.binaries=target
sonar.language=java
sonar.sourceEncoding=UTF-8
POM_* variables are mapped by Jenkins from Maven GAV info, look here: https://github.com/jenkinsci/jenkins/pull/933/files

Can I make a Maven plugin that generates a project and then builds that project?

Is it possible to combine the capabilities of an archetype and a normal Maven plugin into a single plugin?
I have a custom language which I can compile into Java source code. I've written a Maven plugin which does this in the generate-sources phase, adds the Java source to the project, and builds the project. It works as I'd expect.
However, to use it, I need to first write out a pom.xml file referencing my plugin and describing where the input files live. I'd like to be able to go straight from raw input files to compiled code in a single maven command.
For example, suppose I have this directory structure:
my-project/
some-input-file.dsl
I want to run
bash$ mvn com.waisbrot.plugin:generate -DgroupID=com.waisbrot package
and after Maven's done running have:
my-project/
some-input-file.dsl
pom.xml
target/
generated-sources/
plugin/
SomeInputFile.java
classes/
com/
waisbrot/
SomeInputFile.class
some-input-file-1.0.jar
Actually, the integration testing of the archetype allows you to declare the parameter and goals. So do this:
Pick the template project you want to create
mvn archetype:create-from-project. It will create a new archetype
Review src/test/resources/projects, especially goal.txt and archetype.properties (source: http://maven.apache.org/archetype/maven-archetype-plugin/integration-test-mojo.html). Tweak so install will be implicity
mvn verify will be able to build the archetype, run the it, and get it installed
Hope it helps

is it possible to do a Maven build using Build Forge?

Is it possible to do a Maven build using Build Forge? Currently we use Build Forge, ClearCase and ClearQuest with Ant scripts; would like to try a Maven build. Not sure if I can I have no test environment so don't want to mess up any thing and still learning all this stuff too
Maven can be invoked from any build automation framework.
Create a buildforge step that invokes your Maven build as follows:
mvn -s /path/to/maven/settings/files/mysettings.xml clean package
Explicitly selecting the settings file is recommended as this enables you customise the Maven configuration for each project.
Project isolation can be further enhanced by ensuring that each project has it's own local repository location (See the "localRepository" parameter in the settings file documentation)

Resources