I want to integrate multiple projects in sonarqube(Not multiple modules). Is it possible to integrate multiple projects in sonarqube?
When I used multiple comma-separated sources in sonar.sources attribute of sonar-project.properties file, I got an aggregated report. I want to monitor multiple projects, is it possible to get distinguished reports for multiple sources?
You can use the commercial Views plugin : http://www.sonarsource.com/products/plugins/governance/portfolio-management/
There is an example on how to use it on my blog: http://qualilogy.com/en/your-own-quality-model/
Regards
I would recommend to take a look on the project https://sq.4smart.cloud/. It allows to gather results from multiple projects in one consolidated report.
Related
I have a legacy project, which is having 40M+ lines of code. I just want to configure the sonar during build but when I run sonar with default settings, it fails with OutOfMemoryException or with TimeOutException.
I got to know that this is because of the large codebase that I am having, so I increased the memory arguments to use 5 GB of memory. I tried with more memory but the teamcity server doesn't have much free memory. Still failed.
Finally what I did was, built two pipelines, included a particular file pattern in one using sonar.inclusions rest of the files in other and separated my code into two different pipelines. Now when I run the sonar, it works fine and generates two different reports with different project keys.
But my requirement is to generate a single report because I can't attach two reports in bitbucket. My goal is to show the report in bitbucket. If it is possible to fetch two reports in single repository, that will also do the thing.
Can anyone please help me here to generate a single report even though I run sonar in multiple pipelines in teamcity?
I don't think you can. A project (you call it 'report') is the only unit you can scan in one execution of the sonar scanner - you can't scan part of a project.
If you're using Enterprise edition, you can create a portfolio of multiple projects, which will automatically generate and maintain aggregated metrics.
I know that SonarCube could exclude certain codes or modules.
My question is that, currently i have certain project, i only want to scan part of the codes using all SonarCube rules;
but at same time, for other parts of same project codes, i only want to apply some of the Sonar rules(for example, rules relates to security).
See this image for my example
Any experts can give me some hints, whether sonar can do this using maven or not, and how if possible. thanks.
This is not a common use case, but I see two options:
Create two quality profiles, and analyze your project twice using a different project key and a different quality profile. In SonarQube it will show 2 different projects. Using file inclusion/exclusions, you can partition your modules in the two projects. Note that having two projects could bring some difficulties, for example if you use PR analysis. Still you can have an overall view of the quality using an application to group them.
Keep a single quality profile and single project, but use advanced issue exclusion patterns to exclude issues you don't want on specific files. Managing those exclusions could be a bit tedious.
Say I have the following sources defined in my sonar project properties file.
sonar.sources=src/client/app,src/server
Could I get SonarQube to use one quality profile for one path, and a different profile for the other?
Is this possible?
It's possible to apply multiple quality profiles to a project only as separate SonarQube projects with separate keys and analyses.
I.e. You'd have to analyze twice: once for each directory.
Your next question, of course, is how to re-combine the products of the two separate analyses. The answer is that that's only available with the Governance($) plugin, and Governance is only LTS-compatible (5.6 at this writing.)
We use the build in coverage application in TeamCity 6 (about to upgrade to 7.1)
If we wish to see the code coverage (or other metrics) of a particular build it is fine as we can navigate to that build, but it would be great if we could pluck out a few interesting metrics from all/some of the current projects/build configurations and display them all together.
For convenience I would expect the new display to be accessible from within TeamCity itself, however if there are solutions that require a separate solution we could look at them.
If you want to compare a set of common metrics (e.g. code coverage) across different projects and over time then SonarQube is probably what you want.
You can integrate it with TeamCity by adding a sonar-project.properties file to each project and calling sonar-runner from a command line build step.
I have some projects and i wrote an ant script to run sonar with this projects.
Its okay so far. But i need to show these projects under a top level project like sub projects.
I am using just Ant to run sonar and i just working on pure code not on binaries.
(I just need to analysis)
I could not find how i can solve this.
You have 2 choices:
Either those projects are really linked together, and you can configure an Ant build script to have a multi-module project that wraps all your projects => http://docs.codehaus.org/display/SONAR/Analyse+with+Ant+Task#AnalysewithAntTask-Analysemultimodulesproject
Or those projects are different (=> they have different lifecycles, they are functionnaly different, ...), and the best option is to use the Views Plugin => http://www.sonarsource.com/plugins/plugin-views/Overview/
Sounds like you need the Views-Plugin: http://www.sonarsource.com/plugins/plugin-views/Overview/
The SonarSource Views Product enables the creation of any aggregation
trees to regroup projects. Projects can for instance be grouped by
applications, applications by team, teams by department… Each level of
the tree is a View and offers all standard services such as dashboard,
hotspots, timemachine, drilldown… showing the consolidated measures.