How to add analysis of JavaScript files to a multimodule Java project?

Hi,

First of all, here is my setup, upgraded just yesterday to the latest LTS so that I can use SonarJS:

• SonarQube Community 7.9.4 LTS
• sonar-scanner 4.0.0.1744
• sonar-maven-plugin 3.7.0.1746
• SonarJS 6.2.1
• Java Code Quality and Security 6.3.2

My goal is to have unified analytics of both Java and JavaScript files in a multimodule project that includes some Java-based modules and one frontend module, knowing that up until today, the project has been appearing in SonarQube as a Java project (JS, HTML and CSS were not yet taken into account, as I had not installed any plugins to account for them). We’ve been analyzing the project for over two years.

The project is structured with Maven modules all listed in the POM:

• portal-services
• portal-rest
• portal-backend
• portal-frontend
• etc.

For two years, I’ve been launching manual as well as scheduled automated analyses with this command:

mvn clean jacoco:prepare-agent verify jacoco:report sonar:sonar -Dsonar.host.url=http://localhost:9999 -Dsonar.login=<token> -P test-coverage

The SonarQube UI is configured (in Administration > General settings > Analysis scope) to include files with extensions java, js, css and html.

Note that we have other projects that are JS libraries that I’ve started analyzing just yesterday. The command I used was

sonar-scanner -Dsonar.login=<token>

since these were one-module and one-language projects. I also added a sonar-project.properties file, which contains the project key and name, to each library. Everything went fine for those projects.

Unfortunately, I have tried doing the same for the portal-frontend module, on a cloned SonarQube instance and I realize that I can’t do that because using the key and name of its parent project with sonar-scanner (second command listed above) seems to reset the project stats:

• existing duplications are no longer visible
• the quality profile that we use for Java is no longer listed among profiles applied to the project
• the project no longer contains Java in its language list

I’m thinking only a global analysis of the multimodule project can provide a unified view of the project as I started hoping for when I read this blog post.

My problem is that when using sonar-maven-plugin on the root Maven project, web files (JS, CSS and HTML) are simply ignored in the portal-frontend module. I get this on my screen:

No CSS, PHP, HTML or VueJS files are found in the project. CSS analysis is skipped.

Am I missing some configuration options? Or is it that my understanding of how things work is flawed?
Thank you.

Hi,

You’re running a Maven analysis & so the scanner is getting the list of source files from Maven. Maven is (understandably?) Java-biased & so when the scanner asks for the locations of source files, Maven only tells it about the Java ones. You’ll need to override this behavior by passing your source directories in on the analysis command line, like so:

mvn ... -Dsonar.sources=[directory list]

I’m not a Mavenista, but I suspect it might not be straightforward in a multi-module project. In that case, you might need to set the overriding values in the modules’ poms.

 
HTH,
Ann

You are my true hero today! Many thanks.

All it took to have a unified analysis was indeed to add this property to the POM file of portal-frontend: <sonar.sources>app</sonar.sources>.

I took this opportunity to also add <sonar.skip>true</sonar.skip> as a property of those modules that do not contain source code (e.g. packaging modules), so that things would be more sensible.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.