My current project setup is as follows:
Project root
| - pom.xml
| - - - Project wrapper 1
| - - - - pom.xml
| - - - - - - Angular project wrapper with multiple projects, with pom xmls
| - - - - - - Java project wrapper with multiple projects, with pom xmls
| - etc
Needless to say, this looks scary to start working on.
Currently I’m doing a migration from an old sonar instance that used a Scanner to a TOT Sonar instance that I plan using Maven Sonar Scanner on.
So far, so good.
I’ve checked multiple topics in this forum: SonarQube multi module maven project
as well as in different platforms: https://stackoverflow.com/questions/32227360/multi-module-project-analysis-with-sonarqube
The things that bothers me here is that people don’t utilize a maven SonarScanner, but rather rely on a properties file, that contains the configuration. From my point of view, speaking strictly in the context of the project I’m working on, there would be no scalability in relying on sonar properties files, as different projects get deleted, and other get created.
The adoption of a maven scanner seems therefore a good idea.
I’ve tried making a simple Java project with tests at home, running a maven scanner, and having a jacoco plugin in the pom.xml file of the project, and all worked fine. I had all the data I needed in Sonar.
Currently with the big setup, I have trouble in understanding how the scanner works, and namely:
Should other projects (like the ones in the Angular wrapper projects, or the ones that are in the java wrapper projects) be defined as modules?
If they have any maven sub-projects, should they also be declared as sonar modules (like a module, containing multiple modules)? (both for maven projects that have defined xxx, and those that have not)
Are there any general best practices when making a maven sonar scanner work with such a huge tree of projects and sub-projects?
After a lot of headbanging, the result is as follows:
I use maven plugin for jacoco code coverage reports. The root project executes prepare-agent and report-aggregate, while in every leaf node project I execute prepare-agent and report.
Reports are generated and posted successfully in Sonar.
For Angular, I use a .properties file that includes the target project configuration, and add “sonar”: “sonar-scanner” to package json, along with sonar’s dependency - “sonar-scanner”: “^3.1.0”, in my case. After test report aggregation, I run npm run sonar
I hope my comment helps someone like me that struggles with a huge project that wants to be integrated with sonar.
Another approach for java/spring based multi-module projects:
If you’re using Maven, and you’ve got straight parent-child dependencies (meaning every child project has a straight dependency to its parent, thus forming a directed graph), every child project has an effective pom, that includes the configuration from the parent pom.xml.
In translation: If you include the sonar maven plugin in the root pom.xml, its configuration will be inherited by every child.
You can check the effective pom of a child project, by executing
mvn help:effective-pom
So, the trick I’ve done here is to run the following: