SonarQube

This documentation page explain how to your project into SonarQube.
Usually SonarQube scanners are executed by the build automation tool, this tool being executed by the CI server. You can find more information in SonarQube Architecture and Integration documentation.

This page will try to give some guidelines and links to useful documentation for each languages and build tools used by OW2 projects.

Java

Maven

SonarScanner for Maven is actually a Maven plugin that takes care of running SonarScanner on the project and then upload the result to the server.

The Maven plugin need 3 properties to be defined:

  • sonar.host.url: should be https://sonarqube.ow2.org
  • sonar.login: the user token to get access to the server
  • sonar.projectKey: the project name

sonar.host.url and sonar.login can be specified in settings.xml Maven file (see documentation) or as command line parameters (usually with a CI hidden variable for sonar.login). Ask OW2 management office to get the token value for sonar.login.

sonar.projectKey is usually defined in pom.xml or can be ignored (will default to artifact name as defined in pom.xml).

Gradle

SonarScanner for Gradle is actually a Gradle plugin that takes care of running SonarScanner on the project and then upload the result to the server.

Configuration of the plugin is documented in official documentation.

Server URL is https://sonarqube.ow2.org and systemProp.sonar.login is the token value that should be asked to OW2 management office.

Perl

Sonarqube analysis for a Perl project is done with the regular SonarScanner (CLI) and through the non-official sonarqube Perl plugin. The most convenient way to run SonarScanner is to leverage its docker image. The docker image expects at least two variables to be set at runtime: SONAR_HOST_URL to https://sonarqube.ow2.org and SONAR_LOGIN to the user token to get access to the server. Further SonarScanner parameters are either sourced from sonar-project.properties or expected to be passed on the command line.

As stated in the Sonar plugin documentation, some data is expected as input from third-party Perl tools: