SonarQube

Owned by Peter Johansson
Last updated: May 11, 2017

For quality analysis we are using SonarQube at SonarQube.com

UVMS projects


CI analysis

Job Configuration

Sonarqube analysis must be done with JDK 8!
SonarScanner is deprecated and analysis should be done with maven


Preview (pull request)

For pull request we don't want to upload the result to sonar but we wan't to check quality gates&etc so use preview mode

 -Dsonar.analysis.mode=preview

Run with JDK8+

If the project is build with JDK8 or newer versions:use "Invoke top-level Maven targets" in a post build step:

Invoke top-level Maven targets
Maven Version=Maven3
Goals=$SONAR_MAVEN_GOAL -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_AUTH_TOKEN $SONAR_EXTRA_PROPS

Run with JDK7 or older

If the project is build with JDK7 or older versions: use "Execute shell" in a post build step (SonarScanner is deprecated)

Post Build Step - Execute Shell
JAVA_HOME=/var/lib/jenkins/tools/hudson.model.JDK/JDK8
PATH=$JAVA_HOME/bin:$PATH
/var/lib/jenkins/tools/hudson.tasks.Maven_MavenInstallation/Maven3/bin/mvn $SONAR_MAVEN_GOAL -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_AUTH_TOKEN $SONAR_EXTRA_PROPS

Global Tool Configuration

SonarQube Scanner is deprecated and should not be used.

Global System Configuration 

Jenkins is configured to use SonarQube.com (uses token GLESYS_JENKINS in sonarqube.com for uvms github user)

(extra options: -Dsonar.organization=uvms-github -Dsonar.exclusions=**/apidocs/** -Dsonar.dynamicAnalysis=reuseReports)


IDE analysis

For IntelliJ/Eclipse use SonarLint

Analysis

For the current src file right click and "Analyze File with SonarLint"

Ex in IntelliJ:

Configure

Add Sonar server under the settings for Sonarlint 

Use https://sonarqube.com (no need for authentication as we only do preview analysis)

Ex in IntelliJ: