I have java repository which I am trying to onboard to SonarCloud. In this repo the testcases are failing at the moment. Hence I want to configure only static code analysis on SonarCloud and avoid running commands like mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar as prescribed by SonarCloud.
Is there a way to do this? Based on this topic, I think it is possible with some additional configuration. Need further details for same.
- ALM used (GitHub)
- CI system used (github actions)
- Scanner command used when applicable (private details masked)
- Languages of the repository (java)
Hi Dhaval,
There is no way to avoid running the maven command if you wish to analyze Java code in a Maven-based project.
In order to perform analysis of Java code, SonarCloud requires a separate piece of software (called a scanner) to run as part of the build process. This scanner is available in a number of forms, including as a Maven goal, for use in Maven-based project such as yours.
For some languages, like JavaScript, automatic analysis is available. In this case SonarCloud analyzes the code directly by accessing the repository without any need for configuring anything else.
However, this form of analysis is not yet available for compiled languages such Java.