How to scan Java files without compiled files using sonar scanner?

gajananrmahajan · December 16, 2021, 12:39pm

I’m using SonarQube 7.9.5 and Sonar Scanner 4.6.2.2472

I’ve a Java project which I want to scan it using Sonar Scanner but without building it so there are no compiled classes.

But when ran below command it fails -

./sonar-scanner-cli-4.6.2.2472-linux/sonar-scanner-4.6.2.2472-linux/bin/sonar-scanner -e -Dsonar.web.javaOpts=-Xmx2G -Dsonar.host.url=<sonar-server> -Dsonar.login=<login-token> -Dsonar.issuesReport.html.enable=true -Dsonar.issuesReport.console.enable=true -Dsonar.projectBaseDir=<base-directory-path>

Error thrown is -

org.sonar.java.AnalysisException: Your project contains .java files, please provide compiled classes with sonar.java.binaries property, or exclude them from the analysis with sonar.exclusions property.

From error I could understand that I should set compiled classes path with sonar.java.binaries property or exclude Java files with sonar.exclusions property

But I want to scan Java files without compiled classes. Can you please suggest if there is any other way to do so?

ganncamp · December 17, 2021, 6:50pm

Hi,

Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

7.9.5 → 8.9.5 → 9.2.3 (last step optional)

You may find the Upgrade Guide and the LTS-to-LTS Upgrade Notes helpful. If you have questions about upgrading, feel free to open a new thread for that here.

Regarding your question, no you cannot currently analyze Java without providing the class files.

HTH,
Ann