I would like to know if you have a junction between the two profiles of quality, creating a single.
I have a project that uses the JEE technology, and it uses javascript, java and JSF.
Wanted to make a junction of quality profiles (Web + Javascript + Sonar way with Findbugs)
Is there any way to do this?
I'm using sonarqube 4.3 and sonar runner 2.4.
According for your reply
I have to call the sonar runner several times
first for Sonar way in Web perfil
second for Sonar way in JavaScript perfis
third for Sonar way with Findbugs in Java perfis
would give me an example?
You actually don't have to do this and this is not the correct way to solve your problem anyway.
As of SonarQube 4.2 you can use the multilanguage feature and your files will be automatically analyzed by the correct language plugin (detection is based on file extension).
If you are using a version prior to 4.2 you will have to run multiple analysis with the correct language set each time.
Related
Sonar scanner runs analysis for all the available plugins installed in SonarQube. But for some of the projects analysis should be run only for some languages(For example Java and Javascript).
sonar.language parameter allows me to set only one language.
Is there any way to set multiple languages for analysis.
Stop thinking in term of language, since this is a blur concept in SonarQube. Just exclude the files you don't want to analyze, using for example the property sonar.exclusions.
For example, when considering a pom.xml file, the "language" was historically XML (and rules provided by SonarXML). But we now also have rules provided by SonarJava.
The property sonar.language was deprecated in SonarQube 4.4 and might be removed in SonarQube 6.7 or later, because SonarQube can now use several languages (which seems to be exactly the issue that you face currently).
If you only want Java and Javascript issues to be reported, I suggest to create custom quality profiles for all other languages, containing 0 rules. You can then, for your project, explicitly assign those "void" quality profiles.
I have installed SonarLint eclipse plugin. I would like to see only those issues which are compatible with Java 1.7. Is there an way to set a particular version for running sonar scan? I checked the options and couldn't find anything.
Just to clarify, I don't want to know how to set java version for Sonar itself. I would like to set java versions for individual scans.
Depending on your environment, this may not be politically feasible, but I'll answer ignoring politics:
First, you need to set up a rule profile on your SonarQube server that's limited to just the rules you want to see - the Java 7 rules and assign it to your project so only those rules are used in analysis.
Now connect your project in Eclipse to the project on your SonarQube server.
Voila! Only those Java 7 rules are applied in Eclipse.
Is there any way to aggregate metrics over all projects in Sonar ? For instance, is it possible to get the total number of SLOC ?
It seems that it should be a basic feature of Sonar.
I know about the Views plugin, but I'm looking for something free. And I don't need all the features of this plugin, only aggregates over all projects, not custom views.
Since I haven't been able to find anything, I have developed a very simple Sonar plugin that does the trick using the API provided by the Sonar server. Turned out to be pretty simple.
The plugin is available here, but it has been only tested on one Sonar instance.
My company uses SonarQube to analyze code, and the new version 4.3 of the sonar does not show the languages of each project in the dashboard. Could someone tell me the way to fix this problem?
I would greatly appreciate it!
Since SonarQube 4.2, projects are analyzed using a multi-language strategy, so it does not really make sense anymore to display a project's (single) language, since one project can contain several analyzed file types (think e.g Java, XML, HTML, CSS and JavaScript for a Web application with a Java backend).
Note that in the upcoming SonarQube 4.4, the Project Size widget has been revamped to display distribution of lines of code by language.
We are trying to install a CI Platform with (Jenkins,sonar,eclipse ...).
So that every developer can make analysis on his code before commit, I'm wondering between two alternatives :
running local analysis with the sonar plugin.
install the different plugins that sonar use (findbug,pmd,checkstyle ...) and configure them to meet the sonar configuration.
I'm not sure which alternative to use? I used to work with findbugs,pmd, checkstyle in eclipse and they look great.
Can you tell me which is the best alternative?
Thanks in advance.
Regards.
With Sonar plugin you can manage the violations like:
Create a review
Mark a violations as false positive or fixed
View the hot classes and hot violations
View yours reviews
If you use separate plugins you have to go sonar web to do that.
The great advance of sonar is the reviews.
Other question is how many projects you have and will have. I currently work with more than 70 projects and many profiles. Is more simple to me run analysis with one plugin, because I need just add the server and find the project. With other plugin you need add the link for each project in each plugin configuration.
Why not install the Sonar Eclipse plugin?
This was designed to solve the following problems:
Sonar does not support parallel analysis of the same project. This issue rules out the option of each developer running Sonar locally. (See SONAR-2761, SONAR-3306)
You don't really want developers uploading metrics and source code into the Sonar database. They could be working on an uncommitted workspace and would therefore cause both inaccuracies and confusion if Sonar is being used for code review.
Sonar is really designed to be run from a continuous integration server (like Jenkins), building code that has been submitted onto a shared codestream (or branch)
The big advantages of using the Eclipse plugin are:
True local analysis, no updates of the Sonar database
Configuration of the other tools is retrieved from the Sonar server and jars automatically downloaded.
Centralized management of Sonar quality profiles