Incorrect Coverage and Main class files are not detected in Multimodule maven project

Hi All,

I am trying to scan a multimodule maven project using sonarscanner through github action.Below are the issues am facing.

1. Incorrect code coverage details.
   I am trying to track code coverage for the multimodule repository, and have some good amount of test cases written for few of the files.But still code coverage showing 0.1% or 4% but if i run the same in my local i get around 60% as a coverage.

2.One of the submodule main class files are not showing up under sonarqube UI code section.What i meant to say is instead of showing line to cover details for src/main/java its just giving details for src/test/java. I tried to adjust my sonar.sources and binaries but nothing is working.

image1549×408 19.1 KB

image1571×518 24.6 KB

My current setup
Main folder
- submodule1
-src
|- main/java/.java files
|- test/java/*Test.java files
- submodule2
-src
|- main/java/.java files
|- test/java/*Test.java files
- submodule3
-src
|- main/java/.java files
|- test/java/*Test.java files
pom.xml (root)

I added jacoco plugin setup to root pom.xml and reports are getting generated for all three folders and imported into sonarqube.

image956×118 5.07 KB

here is my sonar-project.properties

sonar.projectKey=***

sonar.projectName=***

sonar.sources=./submodule1/src/main,./submodule2/src/main,/submodule3/src/main

sonar.java.binaries=./submodule1/target/classes,./submodule2/target/classes,./submodule3/target/classes

sonar.sourceEncoding=UTF-8

sonar.language=java

sonar.core.codeCoveragePlugin=jacoco

sonar.java.libraries=**/*.jar

sonar.coverage.jacoco.xmlReportPaths=**/jacoco.xml

sonar.dependencyCheck.htmlReportPath=target/dependency-check-report.html

sonar.dependencyCheck.jsonReportPath=target/dependency-check-report.json

sonar.dependencyCheck.reportPath=target/dependency-check-report.xml

please find the attached log.
sonarlog.txt (15.9 KB)

Please check and assist me.I would greatly appreciate any help here @Colin @ganncamp @Margarita_Nedzelska

Do not tag people not already posting on a thread. You might think it bumps it to the top of their list, but it actually does the opposite! Please read our FAQ.

What is @name mentioning? Should I do it?

@name mentioning is when you type someone’s username with an @ preceding it. Doing this sends a notification to the user. Depending on their settings, it may also send them an email message.

In general, it is considered bad form to @name mention someone not already engaged in the conversation. Please don’t do it.

Why not?

It can be annoying

• Active people who were being frequently mentioned in topics were first to request that this practice be minimized. Some people may not mind being mentioned, but we’d still like to limit the number of notifications these folks get.
• @name mentioning a user will often send them an email. Abuse of this feature can fill up someone’s email inbox.
• Some community members feel that too much unsolicited pinging discourages them from participating in the long-run. It can be overwhelming to be on the hook to reply to any and all follow-up.

It is often unnecessary

• Active users often get notifications of new posts and watch the site regularly anyway.
• Posting to the best category with a descriptive title will usually get your topic more attention than mentioning specific users.
• In general, this community prefers to keep discussions focused on ideas and not individual users . If you do not feel your post has received the attention you’d like, we encourage you to reformulate it rather than call in specific people.

Can I ever @name mention other users?

Yes! We just ask you to use it thoughtfully and sparingly. Some good uses of @name mentioning:

• To clarify who you are responding to, in a conversation that has multiple participants
• To give credit to someone from whom you learned the information you are passing on

Hey again.

Based on your logs, it appears that you’re using the [SonarSource/sonarqube-scan-action(GitHub - SonarSource/sonarqube-scan-action) to run analysis. This is not recommended, and you should instead use the SonarScanner for Maven.

As documented:

Alternatives for Java and .NET

This GitHub Action will not work for all technologies. If you are in one of the following situations, you should use the following alternatives:

• Your code is built with Maven. Read the documentation about our SonarScanner for Maven in SonarQube Server and Cloud.

This typically looks something like this in your GitHub Actions YML file.

      - name: Build and analyze
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=PROJECT_KEY -Dsonar.projectName='PROJECT_NAME'

This will often resolve a lot of issues with importing coverage from JaCoCo reports for Maven projects.

Keep in mind that you’re running a Pull Request analysis. You should only expect to see the code that changed in the PR you’re analyzing to appear under the Code tab.